JayD2010 | 29.04.2010 14:26 | hallo cosinus, danke erstmal für deine bemühung.
habe anti malware rüberlaufen lassen und 3 infizierte objekte gefunden, nachdem diese gelöscht wurden gehen auch alle Ports, sprich Win7 Updates, Antivir etc.
Poste mal den Log rein: Code:
Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org
Datenbank Version: 4043
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
27.04.2010 22:00:44
mbam-log-2010-04-27 (22-00-44).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 306940
Laufzeit: 1 Stunde(n), 17 Minute(n), 57 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Users\Jan-\Documents\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Msvcrt.dll (Malware.Packer.Gen) -> No action taken.
C:\Users\Jan-\Documents\Adobe_Photoshop_CS3_Extended_v10.0_Deutsch_Portable\Files\Shfolder.dll (Malware.Packer.Gen) -> No action taken.
C:\Users\Jan-\Documents\Downloads\Trojan.Remover.v6.8.1.2594.incl.patched.exe.and.keygen\Crack and keygen\trojan.remover.keygen.exe (Trojan.Agent.CK) -> No action taken. Entgegen der Meldung "no action" habe ich die files löschen lassen danach :)
Nun nochmal der OTL Log, falls noch mehr Zeug auf meinem Rechner ist bitte mal rüberschauen:
OTL.txt Code:
OTL logfile created on: 4/27/2010 10:11:59 PM - Run 1
OTL by OldTimer - Version 3.2.3.0 Folder = C:\Users\Jan-\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 68.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.88 Gb Total Space | 37.66 Gb Free Space | 16.17% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 210.85 Gb Free Space | 90.54% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JAN--PC
Current User Name: Jan-
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Jan-\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
========== Modules (SafeList) ==========
MOD - C:\Users\Jan-\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\rswin_3653.dll ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)
========== Driver Services (SafeList) ==========
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (WinUsb) -- C:\Windows\SysNative\drivers\winusb.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\drivers\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (StarOpen) -- C:\Windows\SysWOW64\drivers\StarOpen.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
DRV - (DgiVecp) -- C:\Windows\SysWOW64\DgivEcp.cat ()
DRV - (SSPORT) -- C:\Windows\SysWOW64\SSPORT.CAT ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 38 3A 83 D8 9C CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.6.6
FF - prefs.js..extensions.enabledItems: {DAD0F81A-CF67-4eed-98D6-26F6E47274CA}:1.4.2
FF - prefs.js..extensions.enabledItems: support@real-hide-ip.com:1.0
FF - prefs.js..extensions.enabledItems: {241aae70-0022-11de-87af-0800200c9a66}:3.6.30.01.10
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/04 11:19:09 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/04/19 13:15:51 | 000,000,000 | ---D | M]
[2010/01/24 11:38:49 | 000,000,000 | ---D | M] -- C:\Users\Jan-\AppData\Roaming\mozilla\Extensions
[2010/04/27 14:09:38 | 000,000,000 | ---D | M] -- C:\Users\Jan-\AppData\Roaming\mozilla\Firefox\Profiles\jheelzwi.default\extensions
[2010/03/25 01:25:36 | 000,000,000 | ---D | M] (Blue Fox) -- C:\Users\Jan-\AppData\Roaming\mozilla\Firefox\Profiles\jheelzwi.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2010/04/02 01:15:08 | 000,000,000 | ---D | M] (Modify Headers) -- C:\Users\Jan-\AppData\Roaming\mozilla\Firefox\Profiles\jheelzwi.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}
[2010/04/04 14:40:05 | 000,000,000 | ---D | M] (Tweak Network) -- C:\Users\Jan-\AppData\Roaming\mozilla\Firefox\Profiles\jheelzwi.default\extensions\{DAD0F81A-CF67-4eed-98D6-26F6E47274CA}
[2010/04/06 19:22:30 | 000,000,000 | ---D | M] -- C:\Users\Jan-\AppData\Roaming\mozilla\Firefox\Profiles\jheelzwi.default\extensions\support@real-hide-ip.com
[2010/02/28 16:09:07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010/02/28 16:09:07 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/01/16 03:15:29 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/16 03:15:29 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/16 03:15:29 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/16 03:15:29 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/16 03:15:29 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010/02/11 19:54:26 | 000,000,852 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: SmarThru4 Als HTML speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll ()
O8 - Extra context menu item: SmarThru4 Als HTML speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Auswahl erfassen - C:\Program Files (x86)\SmarThru 4\WebCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Markierten Text speichern - C:\Program Files (x86)\SmarThru 4\WebCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files (x86)\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{13359425-4637-11df-bff8-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{13359425-4637-11df-bff8-90e6ba979ccb}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{9f94c5ad-3c9c-11df-9d1b-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{9f94c5ad-3c9c-11df-9d1b-90e6ba979ccb}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{9f94c5af-3c9c-11df-9d1b-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{9f94c5af-3c9c-11df-9d1b-90e6ba979ccb}\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O33 - MountPoints2\{9f94c5bc-3c9c-11df-9d1b-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{9f94c5bc-3c9c-11df-9d1b-90e6ba979ccb}\Shell\AutoRun\command - "" = E:\setup.exe -- File not found
O33 - MountPoints2\{b1c0062a-1fd9-11df-9415-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{b1c0062a-1fd9-11df-9415-90e6ba979ccb}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c6063c24-2dc0-11df-bd78-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{c6063c24-2dc0-11df-bd78-90e6ba979ccb}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\{c6063c2c-2dc0-11df-bd78-90e6ba979ccb}\Shell - "" = AutoRun
O33 - MountPoints2\{c6063c2c-2dc0-11df-bd78-90e6ba979ccb}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/24 21:20:09 | 000,000,000 | ---D | C] -- C:\Users\Jan-\Documents\pdf24
[2010/04/24 13:04:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdf24
[2010/04/22 11:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Rosetta Stone
[2010/04/22 11:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rosetta Stone
[2010/04/15 13:22:05 | 000,000,000 | ---D | C] -- C:\Watermark-Image
[2010/04/15 13:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Andromeda
[2010/04/12 16:29:49 | 000,000,000 | ---D | C] -- C:\Users\Jan-\Desktop\RL Polos 2010
[2010/04/11 12:47:23 | 000,000,000 | ---D | C] -- C:\Users\Jan-\AppData\Roaming\elsterformular
[2010/04/11 11:59:52 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2010/04/10 19:13:08 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010/04/10 19:12:58 | 000,000,000 | ---D | C] -- C:\Users\Jan-\AppData\Local\Programs
[2010/04/10 19:12:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Vodafone
[2010/04/10 19:12:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vodafone
[2010/04/10 19:12:23 | 000,000,000 | ---D | C] -- C:\Users\Jan-\AppData\Local\{DA6A30CA-2668-4F5F-93A5-9BDA19E3CCC4}
[2010/04/06 19:22:09 | 000,000,000 | ---D | C] -- C:\Users\Jan-\AppData\Roaming\RealHideIP
[2010/04/06 19:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RealHideIP
[2010/04/06 19:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealHideIP
[2010/04/06 02:21:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KaloMa
[2010/03/31 14:34:56 | 000,000,000 | ---D | C] -- C:\VA-N1_Dancefloor-WEB-2010-H5N1
[2010/03/31 12:23:37 | 000,000,000 | ---D | C] -- C:\Users\Jan-\AppData\Roaming\FLEXnet
[2010/03/29 20:01:23 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/03/29 19:59:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/03/29 19:59:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010/03/29 19:59:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010/03/29 19:59:54 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010/03/29 19:59:54 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010/03/29 19:59:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/04/27 22:14:51 | 002,359,296 | -HS- | M] () -- C:\Users\Jan-\NTUSER.DAT
[2010/04/27 22:11:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 22:11:34 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/27 22:04:04 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/27 22:04:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/27 22:03:54 | 3193,716,736 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/27 22:03:12 | 026,204,447 | -H-- | M] () -- C:\Users\Jan-\AppData\Local\IconCache.db
[2010/04/26 16:38:24 | 000,050,311 | ---- | M] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll ne1u.pdf
[2010/04/26 15:36:36 | 000,012,258 | ---- | M] () -- C:\Users\Jan-\Desktop\Rechnungsvorla11ge _3_.pdf
[2010/04/26 09:21:55 | 000,049,969 | ---- | M] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu112.pdf
[2010/04/26 09:21:10 | 000,049,957 | ---- | M] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu.pdf
[2010/04/26 09:20:55 | 000,040,448 | ---- | M] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu.doc
[2010/04/26 09:14:59 | 000,042,173 | ---- | M] () -- C:\Users\Jan-\Desktop\Kopie von Investberlin xls 12 01 2010.pdf
[2010/04/26 09:08:56 | 000,012,235 | ---- | M] () -- C:\Users\Jan-\Desktop\Rechnungsvorlage _3_.pdf
[2010/04/25 22:53:38 | 000,081,184 | ---- | M] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_aft1212e....pdf
[2010/04/25 22:52:41 | 000,080,085 | ---- | M] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_af45445te....pdf
[2010/04/25 22:49:07 | 000,081,191 | ---- | M] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de11_afte....pdf
[2010/04/25 22:35:30 | 000,080,972 | ---- | M] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de99_afte....pdf
[2010/04/25 22:24:46 | 000,079,888 | ---- | M] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_afte....pdf
[2010/04/24 19:57:53 | 000,001,685 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010/04/24 14:24:25 | 003,009,338 | ---- | M] () -- C:\Users\Jan-\Desktop\die atzen frauenannrzt & manny marc - atzin.mp3
[2010/04/24 11:55:32 | 000,335,692 | ---- | M] () -- C:\Users\Jan-\Desktop\y._pcs_persoenliche_entscheidungsparameter_01-2010.pdf
[2010/04/24 04:53:31 | 733,845,504 | ---- | M] () -- C:\Users\Jan-\Desktop\kinowelt-13semester-xvid.avi
[2010/04/21 00:42:45 | 000,000,073 | ---- | M] () -- C:\Users\Jan-\Desktop\default.wmi
[2010/04/21 00:42:43 | 000,000,083 | ---- | M] () -- C:\Users\Jan-\Desktop\WatermarkImage.ini
[2010/04/19 15:59:23 | 002,124,079 | ---- | M] () -- C:\Users\Jan-\Desktop\Sagers BusinessPlan (2).pdf
[2010/04/16 09:18:50 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/16 09:18:50 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010/04/16 09:18:50 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/16 09:18:50 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010/04/16 09:18:50 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/15 13:19:30 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Watermark Image.lnk
[2010/04/13 15:00:27 | 000,011,354 | ---- | M] () -- C:\Users\Jan-\AppData\Roaming\SmarThruOptions.xml
[2010/04/12 18:19:44 | 000,196,608 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/04/12 15:28:06 | 000,001,252 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010/04/11 11:59:52 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010/04/10 19:12:48 | 000,002,767 | ---- | M] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2010/04/06 02:25:35 | 000,000,467 | ---- | M] () -- C:\Users\Jan-\Documents\neu.klf
[2010/03/29 15:24:58 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/29 15:24:46 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/04/26 17:15:06 | 733,845,504 | ---- | C] () -- C:\Users\Jan-\Desktop\meine.avi
[2010/04/26 16:38:21 | 000,050,311 | ---- | C] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll ne1u.pdf
[2010/04/26 15:36:33 | 000,012,258 | ---- | C] () -- C:\Users\Jan-\Desktop\Rechnungsvorla11ge _3_.pdf
[2010/04/26 09:21:55 | 000,049,969 | ---- | C] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu112.pdf
[2010/04/26 09:21:09 | 000,049,957 | ---- | C] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu.pdf
[2010/04/26 09:14:58 | 000,042,173 | ---- | C] () -- C:\Users\Jan-\Desktop\Kopie von Investberlin xls 12 01 2010.pdf
[2010/04/26 09:12:38 | 000,040,448 | ---- | C] () -- C:\Users\Jan-\Desktop\Investberlin_jDoll neu.doc
[2010/04/26 09:08:56 | 000,012,235 | ---- | C] () -- C:\Users\Jan-\Desktop\Rechnungsvorlage _3_.pdf
[2010/04/25 22:53:37 | 000,081,184 | ---- | C] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_aft1212e....pdf
[2010/04/25 22:52:40 | 000,080,085 | ---- | C] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_af45445te....pdf
[2010/04/25 22:49:06 | 000,081,191 | ---- | C] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de11_afte....pdf
[2010/04/25 22:35:29 | 000,080,972 | ---- | C] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de99_afte....pdf
[2010/04/25 22:24:43 | 000,079,888 | ---- | C] () -- C:\Users\Jan-\Desktop\http___www.afterbuy.de_afte....pdf
[2010/04/24 14:17:36 | 003,009,338 | ---- | C] () -- C:\Users\Jan-\Desktop\die atzen frauenannrzt & manny marc - atzin.mp3
[2010/04/24 11:55:32 | 000,335,692 | ---- | C] () -- C:\Users\Jan-\Desktop\y._pcs_persoenliche_entscheidungsparameter_01-2010.pdf
[2010/04/21 00:42:45 | 000,000,073 | ---- | C] () -- C:\Users\Jan-\Desktop\default.wmi
[2010/04/21 00:42:43 | 000,000,083 | ---- | C] () -- C:\Users\Jan-\Desktop\WatermarkImage.ini
[2010/04/19 15:59:23 | 002,124,079 | ---- | C] () -- C:\Users\Jan-\Desktop\Sagers BusinessPlan (2).pdf
[2010/04/15 13:19:30 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Watermark Image.lnk
[2010/04/11 11:59:52 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2010/04/10 19:12:48 | 000,002,767 | ---- | C] () -- C:\Users\Public\Desktop\Vodafone Mobile Connect.lnk
[2010/04/06 02:25:34 | 000,000,467 | ---- | C] () -- C:\Users\Jan-\Documents\neu.klf
[2010/02/07 15:02:12 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/01/31 17:56:29 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010/01/24 17:04:20 | 000,172,032 | ---- | C] () -- C:\Windows\SysWow64\SecSNMP.dll
[2010/01/24 17:04:14 | 000,000,136 | ---- | C] () -- C:\Windows\Readiris.ini
[2010/01/24 17:04:11 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\irisco32.dll
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report > |