Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AntiVir Fund tr/dynameter.dtc.562

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.11.2010, 12:01   #1
kaff
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Hallo,

ich habe Windows 7, Antivir, und ZoneAlarm.
Gestern wurde von Antivir der tr/dynameter.dtc.562 gefunden in einer Datei, die ich vor ca. 4 Wochen heruntergeladen habe. Der Fund kam deshalb so spät, weil der Virus erst vor paar Tagen von AntiVir aufgenommen wurde.

Bei der Ausführung der befallenen Datei vor ca. 4 Wochen ist mir nicht besonderes aufgefallen. Auch ZoneAlarm hat nicht angeschlagen.

Meine Frage ist jetzt ob mein Rechner befallen ist und was dieser Virus in den paar Wochen der Unentdecktheit evtl. angestellt haben könnte.

Die Logfiles sind:

OTL

Code:
ATTFilter
OTL logfile created on: 07.11.2010 01:20:07 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\*******\Desktop
 An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223,92 Gb Total Space | 87,94 Gb Free Space | 39,27% Space Free | Partition Type: NTFS
Drive D: | 8,97 Gb Total Space | 1,62 Gb Free Space | 18,08% Space Free | Partition Type: NTFS
 
Computer Name: ******* | User Name: ******* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\*******\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Miranda IM\miranda32.exe ( )
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation)
PRC - C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe (IDT, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Mouse Driver\KMProcess.exe (UASSOFT.COM)
PRC - C:\Programme\Mouse Driver\KMWDSrv.exe (UASSOFT.COM)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Programme\Mouse Driver\KMCONFIG.exe (UASSOFT.COM)
PRC - C:\Programme\Mouse Driver\StartAutorun.exe (UASSOFT.COM)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\*******\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe (IDT, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (KMWDSERVICE) -- C:\Programme\Mouse Driver\KMWDSrv.exe (UASSOFT.COM)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation                                            )
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 55 6A 9D 7A 55 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.weltkulturerbelauf.de/anmeldung.php"
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.09.16 09:57:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.29 21:46:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 21:46:19 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010.09.17 11:14:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins
 
[2010.10.26 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Extensions
[2010.10.26 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.11.06 09:32:26 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions
[2010.09.21 12:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2010.10.04 10:38:09 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
[2010.11.03 18:46:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.16 10:51:22 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.09.17 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\nostmp
[2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Mozilla\FireFox\Profiles\x47zebei.default\searchplugins\conduit.xml
[2010.09.19 12:58:48 | 000,002,698 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Mozilla\FireFox\Profiles\x47zebei.default\searchplugins\twitter.xml
[2010.11.04 20:43:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.11.04 20:43:25 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.20 10:37:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.20 23:45:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.08.25 01:44:54 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.08.25 01:44:54 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.25 01:44:54 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.08.25 01:44:54 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.08.25 01:44:54 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk = C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{007c44b1-c173-11df-95d6-00238b0b7982}\Shell - "" = AutoRun
O33 - MountPoints2\{007c44b1-c173-11df-95d6-00238b0b7982}\Shell\AutoRun\command - "" = G:\autorun.exe autorun.dat -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.11.07 01:16:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe
[2010.11.07 01:10:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Malwarebytes
[2010.11.07 01:10:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.07 01:09:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.07 01:09:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.07 01:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.04 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Ferchau
[2010.11.04 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\skypePM
[2010.11.04 20:43:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2010.11.04 20:43:02 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2010.11.04 20:43:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Skype
[2010.11.04 20:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.11.01 23:37:46 | 000,000,000 | ---D | C] -- C:\Users\*******\tipp10
[2010.11.01 23:37:41 | 000,000,000 | ---D | C] -- C:\Programme\Tipp10
[2010.10.27 10:50:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.10.27 09:13:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.10.27 09:13:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.10.27 09:13:32 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.10.27 09:13:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.10.27 09:13:21 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010.10.26 19:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom
[2010.10.26 19:48:55 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\TomTom
[2010.10.26 19:48:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\TomTom
[2010.10.26 19:48:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\TomTom
[2010.10.19 09:12:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint
[2010.10.17 23:46:06 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Uniblue
[2010.10.17 23:45:53 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue
[2010.10.17 23:45:41 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited
[2010.10.17 23:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010.10.17 23:45:31 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\OpenCandy
[2010.10.17 23:45:29 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\OpenCandy
[2010.10.17 23:45:28 | 000,000,000 | ---D | C] -- C:\Programme\CDBurnerXP
[2010.10.17 22:43:36 | 000,000,000 | ---D | C] -- C:\WINXPCD
[2010.10.17 22:39:57 | 000,000,000 | ---D | C] -- C:\WinSetupFromUSB
[2010.10.17 17:57:48 | 000,000,000 | ---D | C] -- C:\Programme\Mouse Driver
[2010.10.15 11:08:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sibelius-Beispielpartituren
[2010.10.14 13:44:30 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Finale Files
[2010.10.14 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\MakeMusic
[2010.10.14 13:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MakeMusic
[2010.10.14 13:43:31 | 000,000,000 | ---D | C] -- C:\PSFONTS
[2010.10.14 13:43:31 | 000,000,000 | ---D | C] -- C:\Programme\Finale 2011 Demo
[2010.10.14 09:12:39 | 000,000,000 | ---D | C] -- C:\Programme\ASIO4ALL v2
[2010.10.14 00:42:11 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Partituren
[2010.10.14 00:40:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sibelius-First-Beispielpartituren
[2010.10.14 00:38:13 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.14 00:38:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.14 00:38:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.14 00:38:13 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.14 00:38:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.14 00:38:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.14 00:38:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.14 00:38:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.14 00:38:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.14 00:38:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.14 00:38:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.10.14 00:38:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.10.14 00:38:09 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.10.14 00:38:09 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.10.14 00:38:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.10.14 00:38:01 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.10.14 00:37:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.10.14 00:37:58 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010.10.13 23:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sibelius Software
[2010.10.13 23:56:44 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Sibelius Software
[2010.10.13 23:40:55 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Scores
[2010.10.13 23:40:04 | 000,000,000 | ---D | C] -- C:\Programme\Sibelius Software
[2010.10.13 11:25:22 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\JonDo
[2010.10.13 11:23:51 | 000,000,000 | ---D | C] -- C:\Programme\JAP
[2010.10.13 10:25:30 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.10.13 10:25:30 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.10.12 18:48:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Anvil Studio
[2010.10.12 18:48:06 | 000,000,000 | ---D | C] -- C:\Programme\Anvil Studio
[2010.10.04 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\*******\Desktop\HTML-Seminar
[2010.10.04 07:04:05 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Webocton - Scriptly
[2010.10.04 07:04:05 | 000,000,000 | ---D | C] -- C:\Programme\Webocton - Scriptly
[2010.09.30 09:04:14 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.09.30 02:00:51 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.09.29 23:26:08 | 000,000,000 | ---D | C] -- C:\Programme\curl
[2010.09.29 15:16:48 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader
[2010.09.29 14:39:47 | 000,000,000 | ---D | C] -- C:\Downloads
[2010.09.29 14:38:56 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\WinRAR
[2010.09.29 14:37:23 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.09.29 13:51:38 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\GoPal Assistant
[2010.09.29 13:48:15 | 000,000,000 | ---D | C] -- C:\Programme\Medion GoPal Assistant
[2010.09.29 13:36:10 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile
[2010.09.29 04:27:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.09.29 01:15:19 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.09.29 01:14:19 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.09.24 08:51:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Diagnostics
[2010.09.21 23:29:50 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\stickies
[2010.09.21 23:29:50 | 000,000,000 | ---D | C] -- C:\Programme\stickies
[2010.09.21 19:36:12 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\NVIDIA
[2010.09.21 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\2K Games
[2010.09.21 19:35:31 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.09.21 19:35:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.09.21 19:35:30 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.09.21 19:35:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.09.21 19:35:30 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.09.21 19:35:30 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.09.21 19:35:30 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.09.21 19:35:29 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.09.21 19:35:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.09.21 19:35:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.09.21 19:35:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.09.21 19:35:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.09.21 19:35:28 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.09.21 19:35:26 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.09.21 19:35:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.09.21 19:35:26 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.09.21 19:35:25 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.09.21 19:35:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.09.21 19:35:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.09.21 19:35:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.09.21 19:35:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.09.21 19:35:25 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.09.21 19:35:24 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.09.21 19:35:24 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.09.21 19:35:24 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.09.21 19:35:24 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.09.21 19:35:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.09.21 19:35:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.09.21 19:35:23 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.09.21 19:35:22 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.09.21 19:35:22 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.09.21 19:35:22 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.09.21 19:35:22 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.09.21 19:35:21 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.09.21 19:35:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.09.21 19:35:21 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.09.21 19:35:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.09.21 19:35:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.09.21 19:35:21 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.09.21 19:35:20 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.09.21 19:35:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.09.21 19:35:20 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.09.21 19:35:19 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.09.21 19:35:19 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.09.21 19:35:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.09.21 19:35:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.09.21 19:35:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.09.21 19:35:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.09.21 19:35:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.09.21 19:35:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.09.21 19:35:18 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.09.21 19:35:18 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.09.21 19:35:18 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.09.21 19:35:17 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.09.21 19:35:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.09.21 19:35:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.09.21 19:35:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.09.21 19:35:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.09.21 19:35:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.09.21 19:35:16 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.09.21 19:35:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.09.21 19:35:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.09.21 19:35:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.09.21 19:35:15 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.09.21 19:35:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.09.21 19:35:15 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.09.21 19:35:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.09.21 19:35:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.09.21 19:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.09.21 19:35:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.09.21 19:35:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.09.21 19:35:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.09.21 19:35:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.09.21 19:35:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.09.21 19:35:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.09.21 19:35:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.09.21 19:35:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.09.21 19:35:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.09.21 19:35:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.09.21 19:35:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.09.21 19:35:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.09.21 19:35:10 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.09.21 19:35:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.09.21 19:35:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.09.21 19:35:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.09.21 19:35:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.09.21 19:35:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.09.21 19:34:59 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll
[2010.09.21 19:34:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.09.21 19:34:59 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.09.21 19:34:58 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.09.21 18:36:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2010.09.21 18:36:38 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.09.21 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\FreePDF_XP
[2010.09.21 18:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF
[2010.09.21 18:31:18 | 000,000,000 | ---D | C] -- C:\Programme\gs
[2010.09.21 17:15:46 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2010.09.21 17:15:45 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar
[2010.09.21 17:12:23 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2010.09.21 17:12:21 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2010.09.21 17:12:21 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2010.09.21 17:12:21 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2010.09.21 17:12:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2010.09.21 17:12:21 | 000,000,000 | ---D | C] -- C:\Programme\PDFCreator
[2010.09.21 15:54:16 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\SportTracksExportToCsvPlugin
[2010.09.21 12:41:00 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2010.09.21 12:41:00 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2010.09.21 12:41:00 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2010.09.21 12:41:00 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2010.09.21 12:40:53 | 000,167,936 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2010.09.21 12:40:53 | 000,000,000 | ---D | C] -- C:\Programme\Brother
[2010.09.21 12:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2010.09.21 12:40:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\InstallShield
[2010.09.21 12:18:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\GARMIN
[2010.09.21 00:07:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.09.20 23:45:11 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.20 23:45:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.20 23:45:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.20 20:25:21 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\O-Laufwerk
[2010.09.20 10:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.20 10:37:00 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.20 10:36:24 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.09.18 13:49:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Avira
[2010.09.18 11:14:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.09.18 11:14:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.09.18 11:14:37 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.09.18 10:56:43 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.09.17 16:43:41 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\hpqLog
[2010.09.17 16:43:03 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll
[2010.09.17 16:43:03 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys
[2010.09.17 16:43:01 | 001,885,488 | R--- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll
[2010.09.17 16:43:00 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll
[2010.09.17 16:43:00 | 000,000,000 | ---D | C] -- C:\Programme\Hewlett-Packard
[2010.09.17 16:36:23 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll
[2010.09.17 16:36:23 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll
[2010.09.17 16:36:23 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll
[2010.09.17 16:36:22 | 012,628,060 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl
[2010.09.17 16:36:22 | 003,354,624 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll
[2010.09.17 16:36:22 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe
[2010.09.17 16:36:22 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe
[2010.09.17 16:36:22 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll
[2010.09.17 16:36:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs
[2010.09.17 16:35:22 | 000,000,000 | ---D | C] -- C:\Programme\IDT
[2010.09.17 16:35:21 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.09.17 16:34:42 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LightScribe
[2010.09.17 11:41:54 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\IrfanView
[2010.09.17 11:41:54 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView
[2010.09.17 11:14:19 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox 4.0 Beta 6
[2010.09.17 09:44:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.09.17 09:44:11 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.09.17 09:44:11 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.09.17 09:44:09 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.09.17 09:44:03 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.09.17 09:44:03 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.09.17 09:43:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.09.17 09:43:37 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.09.17 09:43:36 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.09.17 09:43:35 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.09.17 09:43:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.09.17 09:43:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.09.17 09:43:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.09.17 09:43:21 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.09.17 09:43:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.09.17 09:43:21 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.09.17 09:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.09.17 09:43:19 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.09.17 09:43:12 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.09.17 09:43:12 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.09.17 09:43:12 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.09.17 09:43:12 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.09.17 09:43:12 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.09.17 09:43:12 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.09.17 09:43:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.09.17 09:43:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.09.17 09:39:10 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.09.17 09:39:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.09.17 09:39:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.09.16 21:08:26 | 000,000,000 | ---D | C] -- C:\Programme\Blade Runner
[2010.09.16 21:06:59 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\unin0407.exe
[2010.09.16 16:10:15 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Win7codecs
[2010.09.16 16:10:07 | 000,000,000 | ---D | C] -- C:\Programme\Win7codecs
[2010.09.16 16:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2010.09.16 16:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.09.16 15:47:15 | 000,000,000 | --SD | C] -- C:\Users\*******\Documents\Meine Shapes
[2010.09.16 15:42:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Adobe
[2010.09.16 15:16:31 | 000,000,000 | R--D | C] -- C:\Users\*******\Documents\Documents
[2010.09.16 13:40:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Miranda
[2010.09.16 13:39:19 | 000,000,000 | ---D | C] -- C:\Programme\Miranda IM
[2010.09.16 13:17:10 | 000,000,000 | ---D | C] -- C:\Programme\Windows SideShow
[2010.09.16 13:12:36 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.09.16 13:12:31 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Google
[2010.09.16 12:57:00 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\ZoneFiveSoftware
[2010.09.16 12:54:27 | 000,000,000 | ---D | C] -- C:\Programme\Zone Five Software
[2010.09.16 12:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoneFiveSoftware
[2010.09.16 12:52:18 | 000,000,000 | ---D | C] -- C:\Programme\Winload
[2010.09.16 11:04:25 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Macromedia
[2010.09.16 11:04:25 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Adobe
[2010.09.16 11:04:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.09.16 10:51:28 | 000,000,000 | ---D | C] -- C:\Programme\NOS
[2010.09.16 10:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010.09.16 10:20:10 | 000,000,000 | ---D | C] -- C:\Programme\Elaborate Bytes
[2010.09.16 10:07:22 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010.09.16 10:06:13 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\DAEMON Tools Lite
[2010.09.16 10:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.09.16 10:00:11 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll
[2010.09.16 09:59:19 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2010.09.16 09:58:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio
[2010.09.16 09:58:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2010.09.16 09:58:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.16 09:58:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.09.16 09:56:26 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8
[2010.09.16 09:55:35 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Microsoft Help
[2010.09.16 09:55:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.09.16 09:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.09.16 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Mozilla
[2010.09.16 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Mozilla
[2010.09.16 09:43:07 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.09.16 09:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.09.16 09:38:28 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.09.16 09:37:14 | 000,232,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcohda.dll
[2010.09.16 09:37:14 | 000,105,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2010.09.16 09:37:14 | 000,064,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll
[2010.09.16 09:37:14 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2010.09.16 09:37:06 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2010.09.16 09:37:06 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2010.09.16 09:37:05 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.09.16 09:37:05 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2010.09.16 09:37:04 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2010.09.16 09:37:04 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2010.09.16 09:37:04 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2010.09.16 09:37:04 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2010.09.16 09:37:04 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2010.09.16 09:37:04 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2010.09.16 09:37:02 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2010.09.16 09:37:02 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll
[2010.09.16 09:37:02 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2010.09.16 09:36:55 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.09.16 09:29:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.09.16 09:28:07 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\ForceField Shared Files
[2010.09.16 09:28:07 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\CheckPoint
[2010.09.16 09:27:52 | 000,000,000 | ---D | C] -- C:\Programme\ZoneAlarm-Sicherheit
[2010.09.16 09:27:52 | 000,000,000 | ---D | C] -- C:\Programme\Conduit
[2010.09.16 09:27:31 | 000,000,000 | ---D | C] -- C:\Programme\CheckPoint
[2010.09.16 09:27:29 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc0407.dll
[2010.09.16 09:27:26 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll
[2010.09.16 09:27:11 | 000,240,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2010.09.16 09:27:04 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll
[2010.09.16 09:27:04 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll
[2010.09.16 09:27:01 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll
[2010.09.16 09:26:59 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll
[2010.09.16 09:26:58 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll
[2010.09.16 09:26:52 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll
[2010.09.16 09:26:51 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll
[2010.09.16 09:26:51 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll
[2010.09.16 09:26:47 | 000,461,400 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys
[2010.09.16 09:26:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs
[2010.09.16 09:26:45 | 000,000,000 | ---D | C] -- C:\Programme\Zone Labs
[2010.09.16 09:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2010.09.16 09:26:20 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll
[2010.09.16 09:26:20 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll
[2010.09.16 09:26:20 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2010.09.16 09:24:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.09.16 09:24:23 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.09.16 09:24:23 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.09.16 09:24:23 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.09.16 09:24:23 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.09.16 09:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.09.16 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.09.16 09:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.09.16 09:12:37 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.09.16 09:10:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.09.16 09:10:11 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010.09.16 08:57:43 | 000,000,000 | R--D | C] -- C:\Users\*******\Searches
[2010.09.16 08:57:28 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Identities
[2010.09.16 08:57:26 | 000,000,000 | R--D | C] -- C:\Users\*******\Contacts
[2010.09.16 08:57:20 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\VirtualStore
[2010.09.16 08:57:18 | 000,000,000 | --SD | C] -- C:\Users\*******\AppData\Roaming\Microsoft
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Videos
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Saved Games
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Pictures
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Music
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Links
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Favorites
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Downloads
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Documents
[2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Desktop
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Vorlagen
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Verlauf
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Temporary Internet Files
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Startmenü
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\SendTo
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Recent
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Netzwerkumgebung
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Lokale Einstellungen
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Videos
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Musik
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Eigene Dateien
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Bilder
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Druckumgebung
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Cookies
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Anwendungsdaten
[2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Anwendungsdaten
[2010.09.16 08:57:18 | 000,000,000 | -H-D | C] -- C:\Users\*******\AppData
[2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Temp
[2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Microsoft
[2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Media Center Programs
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.09.16 03:45:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.09.16 02:49:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.09.16 02:46:41 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.09.16 00:00:16 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.09.16 00:00:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.09.15 23:45:00 | 000,000,000 | ---D | C] -- C:\Intel
[2010.02.03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
 
========== Files - Modified Within 90 Days ==========
 
[2010.11.07 01:13:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe
[2010.11.07 01:10:04 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.07 00:23:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.06 16:52:04 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.06 16:52:04 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.06 16:52:04 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.06 16:52:04 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.06 13:21:21 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.06 13:21:21 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.06 11:07:41 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.06 11:07:41 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.06 09:05:36 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.06 09:05:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.06 09:05:17 | 2413,719,552 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.06 00:23:57 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.11.04 20:45:41 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.11.04 20:43:03 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.01 23:37:43 | 000,000,937 | ---- | M] () -- C:\Users\*******\Desktop\TIPP10.lnk
[2010.11.01 21:15:52 | 000,000,984 | ---- | M] () -- C:\Users\*******\Desktop\Miranda IM.lnk
[2010.10.29 08:27:53 | 000,014,633 | ---- | M] () -- C:\Users\*******\Documents\Branchenwechsel.docx
[2010.10.29 00:26:59 | 000,736,086 | ---- | M] () -- C:\Users\*******\Documents\Unterkünfte Traunreut.xlsx
[2010.10.29 00:15:08 | 000,079,204 | ---- | M] () -- C:\Users\*******\Desktop\Unterkünfte Traunreut3.pdf
[2010.10.22 22:42:43 | 000,020,992 | ---- | M] () -- C:\Users\*******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.19 13:23:02 | 000,457,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.19 10:26:47 | 000,057,665 | ---- | M] () -- C:\Users\*******\Documents\Rohrmotor.docx
[2010.10.19 09:12:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf
[2010.10.18 13:53:18 | 000,056,356 | ---- | M] () -- C:\Users\*******\Documents\Kündigung Privatversicherung.docx
[2010.10.18 13:07:51 | 000,057,106 | ---- | M] () -- C:\Users\*******\Documents\FERCHAU Engineering GmbH.docx
[2010.10.17 23:45:57 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010.10.17 23:45:35 | 000,001,895 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2010.10.17 22:40:01 | 000,001,574 | ---- | M] () -- C:\Users\*******\Desktop\WinSetupFromUSB.lnk
[2010.10.15 11:09:53 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2010.10.14 13:44:07 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Finale 2011 Demo.lnk
[2010.10.14 00:46:40 | 000,000,604 | -H-- | M] () -- C:\Program Files\STFT Notifier
[2010.10.14 00:42:11 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6 First.lnk
[2010.10.13 23:56:53 | 000,000,604 | -H-- | M] () -- C:\Program Files\STLL Notifier
[2010.10.13 10:25:35 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.12 18:48:13 | 000,000,740 | ---- | M] () -- C:\Users\Public\Desktop\Anvil Studio.lnk
[2010.10.08 18:44:09 | 000,326,726 | ---- | M] () -- C:\Users\*******\Documents\ERA-schaeffler.pdf
[2010.10.04 07:04:16 | 000,001,919 | ---- | M] () -- C:\Users\*******\Desktop\Webocton - Scriptly.lnk
[2010.10.03 16:23:23 | 000,319,813 | ---- | M] () -- C:\Users\*******\Documents\20101003_Anleitung_Klavierstimmen.pdf
[2010.09.29 15:17:01 | 000,000,985 | ---- | M] () -- C:\Users\*******\Desktop\JDownloader.lnk
[2010.09.29 13:36:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010.09.29 01:15:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.09.29 01:13:07 | 000,002,795 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
[2010.09.21 23:29:50 | 000,000,603 | ---- | M] () -- C:\Windows\uninstallstickies.bat
[2010.09.21 18:52:30 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.09.21 13:17:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.09.21 12:41:18 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf06a.dat
[2010.09.21 12:34:27 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010.09.21 12:34:27 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2010.09.20 10:32:30 | 000,002,697 | ---- | M] () -- C:\Users\*******\Desktop\Microsoft Office Word 2007.lnk
[2010.09.17 11:44:44 | 000,000,136 | ---- | M] () -- C:\Users\*******\Desktop\studiVZ Bist Du schon drin.URL
[2010.09.17 11:42:05 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2010.09.17 11:14:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010.09.16 21:09:07 | 000,002,272 | ---- | M] () -- C:\Users\*******\Desktop\SportTracks.lnk
[2010.09.16 21:06:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.09.16 21:06:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.09.16 15:21:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.09.16 13:17:32 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.16 11:37:10 | 000,007,626 | ---- | M] () -- C:\Users\*******\AppData\Local\Resmon.ResmonCfg
[2010.09.16 10:25:32 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI
[2010.09.16 10:07:22 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys
[2010.09.16 09:43:11 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.16 09:28:20 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml
[2010.09.16 09:27:29 | 000,005,977 | ---- | M] () -- C:\Windows\System32\vsconfig.xml
[2010.09.16 09:27:29 | 000,001,036 | ---- | M] () -- C:\Users\*******\Desktop\ZoneAlarm Security.lnk
[2010.09.16 09:24:32 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.09.16 03:45:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.09.16 02:50:57 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.09.16 00:06:28 | 000,000,373 | -H-- | M] () -- C:\IPH.PH
[2010.09.08 05:28:53 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.09.08 05:28:42 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.09.08 05:28:42 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.09.08 05:28:15 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.09.08 05:28:11 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.09.08 05:28:01 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.09.08 05:28:01 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.09.08 05:27:56 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.09.08 05:25:58 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.09.08 04:22:31 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.09.08 03:48:16 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.09.01 05:23:49 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.09.01 03:34:52 | 002,327,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.31 05:32:30 | 000,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.08.31 05:32:30 | 000,954,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.08.26 05:39:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.21 06:36:33 | 000,738,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
 
========== Files Created - No Company Name ==========
 
[2010.11.07 01:10:04 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.04 20:45:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.11.04 20:43:03 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.01 23:37:43 | 000,000,937 | ---- | C] () -- C:\Users\*******\Desktop\TIPP10.lnk
[2010.10.29 08:27:53 | 000,014,633 | ---- | C] () -- C:\Users\*******\Documents\Branchenwechsel.docx
[2010.10.29 00:15:08 | 000,079,204 | ---- | C] () -- C:\Users\*******\Desktop\Unterkünfte Traunreut3.pdf
[2010.10.22 22:39:04 | 000,736,086 | ---- | C] () -- C:\Users\*******\Documents\Unterkünfte Traunreut.xlsx
[2010.10.22 12:38:13 | 2413,719,552 | -HS- | C] () -- C:\hiberfil.sys
[2010.10.19 09:12:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf
[2010.10.18 18:33:48 | 000,057,665 | ---- | C] () -- C:\Users\*******\Documents\Rohrmotor.docx
[2010.10.18 13:53:18 | 000,056,356 | ---- | C] () -- C:\Users\*******\Documents\Kündigung Privatversicherung.docx
[2010.10.17 23:45:57 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk
[2010.10.17 23:45:35 | 000,001,895 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2010.10.17 22:40:01 | 000,001,574 | ---- | C] () -- C:\Users\*******\Desktop\WinSetupFromUSB.lnk
[2010.10.16 16:20:18 | 000,057,106 | ---- | C] () -- C:\Users\*******\Documents\FERCHAU Engineering GmbH.docx
[2010.10.15 11:09:53 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6.lnk
[2010.10.14 13:44:07 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Finale 2011 Demo.lnk
[2010.10.14 00:46:40 | 000,000,604 | -H-- | C] () -- C:\Programme\STFT Notifier
[2010.10.14 00:42:11 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6 First.lnk
[2010.10.13 23:56:53 | 000,000,604 | -H-- | C] () -- C:\Programme\STLL Notifier
[2010.10.13 10:25:35 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.10.12 18:48:13 | 000,000,740 | ---- | C] () -- C:\Users\Public\Desktop\Anvil Studio.lnk
[2010.10.08 18:44:09 | 000,326,726 | ---- | C] () -- C:\Users\*******\Documents\ERA-schaeffler.pdf
[2010.10.04 07:04:16 | 000,001,919 | ---- | C] () -- C:\Users\*******\Desktop\Webocton - Scriptly.lnk
[2010.10.03 16:23:23 | 000,319,813 | ---- | C] () -- C:\Users\*******\Documents\20101003_Anleitung_Klavierstimmen.pdf
[2010.09.29 15:17:01 | 000,000,985 | ---- | C] () -- C:\Users\*******\Desktop\JDownloader.lnk
[2010.09.29 13:36:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
[2010.09.29 01:15:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.09.29 01:13:07 | 000,002,795 | ---- | C] () -- C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
[2010.09.21 23:29:50 | 000,000,603 | ---- | C] () -- C:\Windows\uninstallstickies.bat
[2010.09.21 18:36:40 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.09.21 18:31:46 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2010.09.21 18:31:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2010.09.21 17:12:22 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.09.21 13:17:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.09.21 12:41:18 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf06a.dat
[2010.09.21 12:34:27 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.09.21 12:34:27 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.09.20 10:32:30 | 000,002,697 | ---- | C] () -- C:\Users\*******\Desktop\Microsoft Office Word 2007.lnk
[2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\QSwitch.txt
[2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\DSwitch.txt
[2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\AtStart.txt
[2010.09.17 16:36:22 | 000,015,222 | ---- | C] () -- C:\Windows\System32\nbspkrs.ico
[2010.09.17 16:36:22 | 000,003,774 | ---- | C] () -- C:\Windows\System32\bltinmic.ico
[2010.09.17 16:36:22 | 000,003,774 | ---- | C] () -- C:\Windows\System32\2hps.ico
[2010.09.17 11:42:05 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk
[2010.09.17 11:35:05 | 000,000,136 | ---- | C] () -- C:\Users\*******\Desktop\studiVZ Bist Du schon drin.URL
[2010.09.17 11:14:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 6.lnk
[2010.09.16 21:09:07 | 000,002,272 | ---- | C] () -- C:\Users\*******\Desktop\SportTracks.lnk
[2010.09.16 21:06:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.09.16 21:06:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.09.16 20:28:19 | 000,020,992 | ---- | C] () -- C:\Users\*******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.16 15:21:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.09.16 13:39:20 | 000,000,984 | ---- | C] () -- C:\Users\*******\Desktop\Miranda IM.lnk
[2010.09.16 13:17:50 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010.09.16 13:17:32 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.16 13:13:23 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.16 13:12:49 | 000,001,086 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.16 11:37:10 | 000,007,626 | ---- | C] () -- C:\Users\*******\AppData\Local\Resmon.ResmonCfg
[2010.09.16 10:25:32 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.16 09:43:11 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.16 09:37:06 | 000,009,596 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2010.09.16 09:27:29 | 000,005,977 | ---- | C] () -- C:\Windows\System32\vsconfig.xml
[2010.09.16 09:27:29 | 000,001,036 | ---- | C] () -- C:\Users\*******\Desktop\ZoneAlarm Security.lnk
[2010.09.16 09:26:47 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml
[2010.09.16 09:24:32 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.09.16 02:35:30 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.09.16 00:05:59 | 000,000,373 | -H-- | C] () -- C:\IPH.PH
[2010.07.26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2002.06.06 01:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll
 
========== LOP Check ==========
 
[2010.10.12 19:17:05 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Anvil Studio
[2010.10.17 23:45:41 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited
[2010.09.16 09:28:07 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\CheckPoint
[2010.09.16 10:06:13 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\DAEMON Tools Lite
[2010.09.21 13:01:20 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\GARMIN
[2010.09.29 14:09:41 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\GoPal Assistant
[2010.09.17 11:41:54 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\IrfanView
[2010.10.13 11:25:42 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\JonDo
[2010.10.14 13:44:30 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\MakeMusic
[2010.09.16 13:40:02 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Miranda
[2010.10.17 23:45:29 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\OpenCandy
[2010.09.21 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\SportTracksExportToCsvPlugin
[2010.09.30 23:43:42 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\stickies
[2010.10.26 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\TomTom
[2010.10.17 23:46:06 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Uniblue
[2010.10.04 07:04:13 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Webocton - Scriptly
[2010.09.16 16:10:15 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Win7codecs
[2009.07.14 05:53:46 | 000,019,780 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
und das Malewarebyts-Log-File:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5064

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.11.2010 01:31:56
mbam-log-2010-11-07 (01-31-56).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 144254
Laufzeit: 5 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         
Danke schon mal für die Hilfe.

mfg

kaff

Alt 07.11.2010, 23:01   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Zitat:
Gestern wurde von Antivir der tr/dynameter.dtc.562 gefunden in einer Datei, die ich vor ca. 4 Wochen heruntergeladen habe
Warum werden kompletter Pfad- und Dateiname verschwiegen?
Welchen Sinn und Zweck hat diese Datei, aus welcher Quelle stammt sie?
__________________

__________________

Alt 07.11.2010, 23:13   #3
kaff
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Es war ein PhysX Patch für meine GForce Grafikkarte. Hab ich für das Spiel Mafia 2 gebraucht um noch mehr aus dem Spiel herauszuholen. Ich bin mir allerdings nicht sicher woher ich den Patch habe. Kann sein, dass ich ihn nicht von der original NVIDEA homepage habe. Den genauen Pfad weiß ich nicht mehr. Hab den Patch aber normalerweise von meinem Downloadordner aus geöffnet.

Gruß kaff
__________________

Alt 07.11.2010, 23:16   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Poste mal das Log von AntiVir.

Alt 07.11.2010, 23:39   #5
kaff
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



ah ok, da stehts. im logfile von antivir:

Code:
ATTFilter
Die Datei 'C:\Users\*******\Downloads\physxp_240_en.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dynamer.dtc.562' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde gelöscht.
         


Alt 07.11.2010, 23:58   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Und du hast keinen blassen Schimmer woher die Datei stammt?
Gibt es noch weitere Logs von malwarebytes? Pro Durchgang gibt es nämlich ein Log. Wenn Du nur einen Scan gemacht hast, dann gibts auch nur ein Log. Aber vllt hast Du zuvor schon Scans gemacht.
__________________
--> AntiVir Fund tr/dynameter.dtc.562

Alt 08.11.2010, 17:56   #7
kaff
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



hab leider keinen scan davor gemacht. hab malewarebytes erst aufgrund des forums runtergeladen.
kann man feststellen, ob der virus ne verbindung mit dem internet hergestellt hat?

Alt 09.11.2010, 00:33   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
AntiVir Fund tr/dynameter.dtc.562 - Standard

AntiVir Fund tr/dynameter.dtc.562



Im Nachhinein lässt sich sowas garnicht feststellen wenn nichts protokolliert wurde.

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Antwort

Themen zu AntiVir Fund tr/dynameter.dtc.562
.com, .dll, adblock, adobe, antivir, avg, avgntflt.sys, avira, bho, checkpoint, components, conduit, conhost.exe, corp./icp, defender, error, excel.exe, explorer, firefox, firefox.exe, fontcache, format, frage, installation, langs, location, media center, microsoft office word, mozilla, msvcr80.dll, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, pdfforge toolbar, plug-in, port, programdata, realtek, registry, scan, sched.exe, searchplugins, searchsettings.dll, security, senden, software, spigot, sptd.sys, start menu, sttray.exe, taskhost.exe, virus, webcheck, windows, winload toolbar



Ähnliche Themen: AntiVir Fund tr/dynameter.dtc.562


  1. Windows 7: Fund mit Antivir
    Log-Analyse und Auswertung - 12.09.2014 (9)
  2. Antivir meldet Fund TR/spy.banker.gen
    Log-Analyse und Auswertung - 16.07.2013 (17)
  3. AntiVir meldet Fund: EXP/MS-0513.A
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  4. Langsames System und AntiVir-Fund
    Log-Analyse und Auswertung - 10.12.2011 (7)
  5. Antivir meldet Fund: DR/Fakepic.Gen
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  6. AntiVir Fund: TR/Kazy.mekml.1
    Log-Analyse und Auswertung - 10.05.2011 (19)
  7. Verdächtiger Fund bei AntiVir
    Plagegeister aller Art und deren Bekämpfung - 08.01.2011 (37)
  8. AntiVir-Fund: TR/Spy.560670
    Plagegeister aller Art und deren Bekämpfung - 03.01.2011 (1)
  9. Antivir Fund: TR/kazy.2369.1
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (7)
  10. 1. AntiVIR - 1 Fund TR/Spy.Gen 2. Malwarebytes - 51 Funde
    Plagegeister aller Art und deren Bekämpfung - 01.04.2010 (1)
  11. Antivir-Fund 'spy.agent.bejq'
    Plagegeister aller Art und deren Bekämpfung - 30.03.2010 (8)
  12. Antivir Fund: TR/DROPPER.GEN
    Mülltonne - 31.10.2008 (0)
  13. fund von antivir
    Log-Analyse und Auswertung - 01.09.2008 (4)
  14. AntiVir meldet den Fund von inject.aed
    Log-Analyse und Auswertung - 21.03.2008 (2)
  15. Was tun nach Fund? (antivir)
    Plagegeister aller Art und deren Bekämpfung - 21.07.2006 (5)
  16. Fund von Antivir
    Plagegeister aller Art und deren Bekämpfung - 17.07.2006 (8)
  17. Fund bei AntiVIr wiederholt sich
    Log-Analyse und Auswertung - 22.03.2005 (8)

Zum Thema AntiVir Fund tr/dynameter.dtc.562 - Hallo, ich habe Windows 7, Antivir, und ZoneAlarm. Gestern wurde von Antivir der tr/dynameter.dtc.562 gefunden in einer Datei, die ich vor ca. 4 Wochen heruntergeladen habe. Der Fund kam deshalb - AntiVir Fund tr/dynameter.dtc.562...
Archiv
Du betrachtest: AntiVir Fund tr/dynameter.dtc.562 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.