Trojaner-Board - Auch ich bin befallen: TR/ATRAPS.Gen, TR/ATRAPS.Gen2

Combofix Logfile:

Code:

ComboFix 12-07-14.01 - nord 15.07.2012  20:31:28.2.1 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.1022.586 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\nord\Eigene Dateien\Downloads\ComboFix.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-06-15 bis 2012-07-15  ))))))))))))))))))))))))))))))

.

.

2012-07-15 13:46 . 2012-07-15 13:46        --------        d-----w-        c:\dokumente und einstellungen\nord\Anwendungsdaten\Malwarebytes

2012-07-15 13:46 . 2012-07-15 13:46        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2012-07-15 13:46 . 2012-07-15 13:46        --------        d-----w-        c:\programme\Malwarebytes' Anti-Malware

2012-07-15 13:46 . 2012-07-03 11:46        22344        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-07-14 07:07 . 2012-07-14 10:30        --------        d-----w-        c:\dokumente und einstellungen\nord\DoctorWeb

2012-07-14 06:46 . 2012-07-14 06:47        --------        d-----w-        c:\dokumente und einstellungen\Administrator

2012-07-13 06:08 . 2012-07-13 06:08        --------        d-----w-        C:\_OTL

2012-07-10 18:43 . 2012-07-10 18:43        --------        d-----w-        C:\TDSSKiller_Quarantine

2012-07-07 20:17 . 2012-07-07 20:48        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\529C50A800009B134044ABB1D151FC4E

2012-07-07 03:42 . 2012-05-31 03:41        6762896        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\{002C4492-F52E-4BB3-AA34-8FD08CF0A378}\mpengine.dll

2012-07-06 10:11 . 2012-07-13 06:08        --------        d-----w-        c:\programme\Application Updater

2012-07-06 10:11 . 2012-07-06 10:11        --------        d-----w-        c:\programme\YouTube Downloader Toolbar

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-15 13:50 . 2012-04-05 19:43        426184        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2012-07-15 13:50 . 2011-05-23 09:11        70344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2012-07-10 18:49 . 2004-08-04 12:00        188800        ----a-w-        c:\windows\system32\drivers\acpi.sys

2012-06-13 13:55 . 2004-08-04 12:00        1866240        ----a-w-        c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2009-08-19 16:07        1372672        ----a-w-        c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2004-08-04 12:00        1172480        ----a-w-        c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2004-08-04 12:00        152576        ----a-w-        c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2010-11-16 11:07        329240        ----a-w-        c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2010-11-16 11:07        210968        ----a-w-        c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2010-11-16 11:07        219160        ----a-w-        c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2009-08-06 18:24        18456        ----a-w-        c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2009-08-06 18:24        15896        ----a-w-        c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2010-11-16 11:07        53784        ----a-w-        c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2010-11-16 11:07        35864        ----a-w-        c:\windows\system32\wups.dll

2012-06-02 13:19 . 2009-08-06 18:24        45080        ----a-w-        c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2009-08-06 18:24        15896        ----a-w-        c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2004-08-04 12:00        97304        ----a-w-        c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2009-08-06 18:24        23576        ----a-w-        c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2010-11-16 11:07        577048        ----a-w-        c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2010-11-16 11:07        1933848        ----a-w-        c:\windows\system32\wuaueng.dll

2012-06-02 13:18 . 2011-02-02 08:37        275696        ----a-w-        c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2011-02-02 08:37        18160        ----a-w-        c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2009-08-06 18:23        214256        ----a-w-        c:\windows\system32\muweb.dll

2012-05-31 13:22 . 2004-08-04 12:00        604160        ----a-w-        c:\windows\system32\crypt32.dll

2012-05-31 03:41 . 2012-04-06 17:15        6762896        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-05-16 15:07 . 2004-08-04 12:00        916992        ----a-w-        c:\windows\system32\wininet.dll

2012-05-11 14:40 . 2004-08-04 12:00        43520        ----a-w-        c:\windows\system32\licmgr10.dll

2012-05-11 14:40 . 2004-08-04 12:00        1469440        ------w-        c:\windows\system32\inetcpl.cpl

2012-05-11 11:38 . 2004-08-04 12:00        385024        ----a-w-        c:\windows\system32\html.iec

2012-05-05 03:14 . 2004-08-04 12:00        2194944        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-05-05 03:14 . 2004-08-04 00:50        2071424        ----a-w-        c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2010-11-16 11:04        139656        ----a-w-        c:\windows\system32\drivers\rdpwd.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SoundMAXPnP"="c:\programme\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544]

"StartCCC"="c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440]

"SynTPLpr"="c:\programme\Synaptics\SynTP\SynTPLpr.exe" [2003-06-24 126976]

"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2003-06-24 561152]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]

"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\

BTTray.lnk - c:\programme\ThinkPad\Bluetooth Software\BTTray.exe [2007-11-26 576104]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

.

R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [15.07.2012 15:46 655944]

R3 AVMWAN;AVM NDIS WAN CAPI-Treiber;c:\windows\system32\drivers\avmwan.sys [16.11.2010 13:00 37568]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15.07.2012 15:46 22344]

R4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys --> c:\windows\system32\DRIVERS\avkmgr.sys [?]

S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [19.02.2011 13:04 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05.04.2012 21:43 250056]

S3 fpcmbase;AVM ISDN-Controller FRITZ!Card PCMCIA;c:\windows\system32\drivers\fpcmbase.sys [16.11.2010 13:00 441728]

S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [19.02.2011 13:04 136176]

.

--- Andere Dienste/Treiber im Speicher ---

.

*Deregistered* - avipbb

*Deregistered* - ssmdrv

.

Inhalt des "geplante Tasks" Ordners

.

2012-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 13:51]

.

2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programme\Google\Update\GoogleUpdate.exe [2011-02-19 11:03]

.

2012-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programme\Google\Update\GoogleUpdate.exe [2011-02-19 11:03]

.

2012-07-07 c:\windows\Tasks\MP Scheduled Scan.job

- c:\programme\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.t-online.de/

IE: Senden an &Bluetooth-Gerät... - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

IE: Senden an Bluetooth - c:\programme\ThinkPad\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.178.1

DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab

DPF: {C3E3BB4F-269C-41A3-9F5F-A360E933CAD3} - hxxps://as.photoprintit.com/ips-opdata/activex/ImageUploader6.cab

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2012-07-15 20:35

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'winlogon.exe'(696)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(3904)

c:\windows\system32\btmmhook.dll

c:\windows\system32\webcheck.dll

.

Zeit der Fertigstellung: 2012-07-15  20:36:51

ComboFix-quarantined-files.txt  2012-07-15 18:36

ComboFix2.txt  2012-07-13 11:34

.

Vor Suchlauf: 11 Verzeichnis(se), 30.713.864.192 Bytes frei

Nach Suchlauf: 12 Verzeichnis(se), 30.709.805.056 Bytes frei

.

- - End Of File - - C51F5516FBE41F76EE32EAAF62A1428D

--- --- ---

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-15 20:41:06
-----------------------------
20:41:06.562 OS Version: Windows 5.1.2600 Service Pack 3
20:41:06.562 Number of processors: 1 586 0xD08
20:41:06.562 ComputerName: 2221A0390777468 UserName: nord
20:41:08.875 Initialize success
20:52:16.343 AVAST engine defs: 12071500
20:52:33.843 The log file has been saved successfully to "C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads\aswMBR.txt"

Hab ich da den richtige log gepostet? kriegs irgendwie nicht anders hin...

Hups, bin einfach zu voreilig.
Der richtige log kommt gleich......

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-15 20:41:06
-----------------------------
20:41:06.562 OS Version: Windows 5.1.2600 Service Pack 3
20:41:06.562 Number of processors: 1 586 0xD08
20:41:06.562 ComputerName: 2221A0390777468 UserName: nord
20:41:08.875 Initialize success
20:52:16.343 AVAST engine defs: 12071500
20:52:33.843 The log file has been saved successfully to "C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads\aswMBR.txt"
20:53:30.937 The log file has been saved successfully to "C:\Dokumente und Einstellungen\nord\Eigene Dateien\Eigene Bilder\aswMBR.txt"
20:55:54.828 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:55:54.828 Disk 0 Vendor: FUJITSU_MHV2080AH 00840096 Size: 76319MB BusType: 3
20:55:54.859 Disk 0 MBR read successfully
20:55:54.859 Disk 0 MBR scan
20:55:54.906 Disk 0 Windows XP default MBR code
20:55:54.921 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38155 MB offset 2048
20:55:54.937 Disk 0 scanning sectors +78143488
20:55:55.015 Disk 0 scanning C:\WINDOWS\system32\drivers
20:56:06.953 Service scanning
20:56:22.593 Modules scanning
20:56:27.875 Disk 0 trace - called modules:
20:56:28.375 ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
20:56:28.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f6fab8]
20:56:28.375 3 CLASSPNP.SYS[f7650fd7] -> nt!IofCallDriver -> \Device\0000007b[0x86ede9e8]
20:56:28.390 5 ACPI.sys[f74e6620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x86f68940]
20:56:28.812 AVAST engine scan C:\WINDOWS
20:56:38.437 AVAST engine scan C:\WINDOWS\system32
20:58:59.843 AVAST engine scan C:\WINDOWS\system32\drivers
20:59:14.687 AVAST engine scan C:\Dokumente und Einstellungen\nord
21:00:35.906 AVAST engine scan C:\Dokumente und Einstellungen\All Users
21:01:07.281 Scan finished successfully
21:02:23.125 Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads\MBR.dat"
21:02:23.125 The log file has been saved successfully to "C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads\aswMBR.txt"

OTL Logfile:

Code:

OTL logfile created on: 16.07.2012 13:05:10 - Run 3

OTL by OldTimer - Version 3.2.54.0     Folder = C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads

Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1022,42 Mb Total Physical Memory | 435,52 Mb Available Physical Memory | 42,60% Memory free

1,65 Gb Paging File | 1,03 Gb Available in Paging File | 62,29% Paging File free

Paging file location(s): C:\pagefile.sys 768 1536 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 37,26 Gb Total Space | 28,33 Gb Free Space | 76,03% Space Free | Partition Type: NTFS

 

Computer Name: 2221A0390777468 | User Name: nord | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\nord\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)

PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)

PRC - C:\Programme\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)

PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

PRC - C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

PRC - C:\Programme\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_Annots.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_PPKLite.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_DigSig.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_AcroForm.DEU ()

MOD - C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()

MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()

MOD - C:\Programme\Avira\AntiVir Desktop\sqlite3.dll ()

MOD - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU ()

MOD - C:\Programme\Adobe\Reader 10.0\Reader\sqlite.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3559.24579__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3559.24560__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3559.24581__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3559.24575__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3559.24569__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3559.24658__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3559.24643__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3559.24659__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3559.24638__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3559.24568__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3559.24619__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3559.24606__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3559.24624__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.3559.24619__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3559.24625__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3559.24624__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3559.24619__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3559.24608__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3559.24570__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3559.24582__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3559.24633__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3559.24581__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3559.24617__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3559.24607__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3559.24617__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3559.24639__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3559.24602__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3559.24607__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3559.24618__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3559.24586__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3559.24606__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3559.24585__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3559.24607__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3559.24618__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3559.24686__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3559.24667__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()

MOD - C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3559.24555__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3559.24647__90ba9c70f846762e\CLI.Component.Systemtray.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3559.24574__90ba9c70f846762e\CLI.Component.Wizard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3559.24653__90ba9c70f846762e\MOM.Implementation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3559.24557__90ba9c70f846762e\CLI.Component.Runtime.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3559.24651__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3559.24559__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3559.24565__90ba9c70f846762e\CLI.Component.Dashboard.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3559.24558__90ba9c70f846762e\ATIDEMOS.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3559.24557__90ba9c70f846762e\APM.Server.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3559.24556__90ba9c70f846762e\AEM.Server.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()

MOD - C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3559.24652__90ba9c70f846762e\CCC.Implementation.dll ()

MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()

MOD - C:\WINDOWS\system32\msdmo.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)

SRV - (SoundMAX Agent Service (default)) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe (Analog Devices, Inc.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (WDICA) --  File not found

DRV - (PDRFRAME) --  File not found

DRV - (PDRELI) --  File not found

DRV - (PDFRAME) --  File not found

DRV - (PDCOMP) --  File not found

DRV - (PCIDump) --  File not found

DRV - (lbrtfdc) --  File not found

DRV - (i2omgmt) --  File not found

DRV - (Changer) --  File not found

DRV - (catchme) -- C:\DOKUME~1\nord\LOKALE~1\Temp\catchme.sys File not found

DRV - (BTWUSB) -- System32\Drivers\btwusb.sys File not found

DRV - (BTWDNDIS) -- system32\DRIVERS\btwdndis.sys File not found

DRV - (BTDriver) -- system32\DRIVERS\btport.sys File not found

DRV - (btaudio) -- system32\drivers\btaudio.sys File not found

DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)

DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (avkmgr) -- C:\WINDOWS\system32\drivers\avkmgr.sys (Avira GmbH)

DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)

DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)

DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)

DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)

DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)

DRV - (HSF_DPV) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys (Conexant Systems, Inc.)

DRV - (HSFHWICH) -- C:\WINDOWS\system32\drivers\HSFHWICH.sys (Conexant Systems, Inc.)

DRV - (winachsf) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys (Conexant Systems, Inc.)

DRV - (TPM) -- C:\WINDOWS\system32\drivers\tpm.sys (Winbond Electronics Corp.)

DRV - (fpcmbase) -- C:\WINDOWS\system32\drivers\fpcmbase.sys (AVM GmbH)

DRV - (AVMWAN) -- C:\WINDOWS\system32\drivers\avmwan.sys (AVM GmbH)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{741BD478-48D8-414A-B5D1-7F103F7E2F39}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

 

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Yahoo! Deutschland (Enabled)

CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?fr=chr-greentree_gc&ei=utf-8&ilc=12&type=937811&p={searchTerms}

CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}

CHR - homepage: hxxp://www.t-online.de/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\18.0.1025.162\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\18.0.1025.162\gcswf32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Veetle TV Player (Enabled) = C:\Programme\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = C:\Programme\Veetle\plugins\npVeetle.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

 

O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)

O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)

O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1294848849278 (MUWebControl Class)

O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {C3E3BB4F-269C-41A3-9F5F-A360E933CAD3} https://as.photoprintit.com/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{843D6F37-9078-44E4-B44B-7A0DEB70434A}: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010.11.16 13:09:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.07.15 23:37:57 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\nord\Recent

[2012.07.15 21:35:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\nord\Anwendungsdaten\Avira

[2012.07.15 21:29:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira

[2012.07.15 21:28:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys

[2012.07.15 21:28:50 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys

[2012.07.15 21:28:50 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys

[2012.07.15 21:28:50 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys

[2012.07.15 21:28:49 | 000,000,000 | ---D | C] -- C:\Programme\Avira

[2012.07.15 21:24:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt

[2012.07.15 21:02:19 | 000,000,000 | -HSD | C] -- C:\RECYCLER

[2012.07.15 15:46:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\nord\Anwendungsdaten\Malwarebytes

[2012.07.15 15:46:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware

[2012.07.15 15:46:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2012.07.15 15:46:04 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

[2012.07.15 15:46:04 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2012.07.14 09:07:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\nord\DoctorWeb

[2012.07.13 13:25:50 | 000,000,000 | RHSD | C] -- C:\cmdcons

[2012.07.13 13:24:07 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\nord\Startmenü\Programme\Verwaltung

[2012.07.13 13:24:07 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\Eigene Videos

[2012.07.13 13:17:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt

[2012.07.13 08:08:50 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.07.10 20:43:53 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine

[2012.07.10 20:42:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\tdsskiller

[2012.07.07 22:17:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\529C50A800009B134044ABB1D151FC4E

[2012.07.06 12:11:45 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater

[2012.07.06 12:11:44 | 000,000,000 | ---D | C] -- C:\Programme\YouTube Downloader Toolbar

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.07.16 12:56:29 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2012.07.15 23:56:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2012.07.15 23:49:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012.07.15 21:29:13 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2012.07.15 15:50:52 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012.07.15 15:50:50 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012.07.15 15:46:05 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.07.14 15:07:51 | 000,002,390 | ---- | M] () -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\DrWeb.csv

[2012.07.14 08:14:30 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2012.07.14 07:56:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

[2012.07.14 07:55:08 | 000,450,554 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat

[2012.07.14 07:55:08 | 000,434,080 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2012.07.14 07:55:08 | 000,081,132 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat

[2012.07.14 07:55:08 | 000,068,460 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2012.07.13 20:54:56 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2012.07.13 13:25:56 | 000,000,327 | RHS- | M] () -- C:\boot.ini

[2012.07.13 08:10:24 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012.07.10 20:39:19 | 002,115,791 | ---- | M] () -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\tdsskiller.zip

[2012.07.07 15:48:34 | 000,000,322 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job

[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys

 
 ========== Files Created - No Company Name ==========

 

[2012.07.15 21:29:13 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk

[2012.07.15 15:46:05 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk

[2012.07.14 15:07:26 | 000,002,390 | ---- | C] () -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\DrWeb.csv

[2012.07.13 13:25:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak

[2012.07.13 13:25:53 | 000,262,448 | RHS- | C] () -- C:\cmldr

[2012.07.10 20:38:58 | 002,115,791 | ---- | C] () -- C:\Dokumente und Einstellungen\nord\Eigene Dateien\tdsskiller.zip

[2012.02.16 07:41:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012.02.01 15:34:31 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat

[2012.02.01 15:34:31 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat

[2012.02.01 15:34:31 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat

[2012.02.01 15:34:31 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat

[2012.02.01 15:34:31 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat

[2012.02.01 15:34:31 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat

[2012.02.01 15:34:31 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat

[2012.02.01 15:34:31 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat

[2012.02.01 15:34:31 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat

[2012.02.01 15:34:31 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat

[2012.02.01 15:34:31 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat

[2012.02.01 15:34:31 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat

[2012.02.01 15:34:31 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat

[2012.02.01 15:34:31 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat

[2012.02.01 15:34:31 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat

[2012.02.01 15:34:31 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat

[2012.02.01 15:34:31 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat

[2012.02.01 15:34:31 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat

[2012.02.01 15:34:31 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini

[2012.02.01 15:31:38 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX8400DEFGIPS.ini

[2011.05.02 13:38:22 | 000,000,018 | ---- | C] () -- C:\WINDOWS\sys386r.dat

[2011.03.08 21:49:00 | 000,019,968 | ---- | C] () -- C:\Dokumente und Einstellungen\nord\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.03.08 18:02:32 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011.03.01 14:24:46 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI

[2011.02.01 11:54:29 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\WLTRYSVC.EXE

[2010.11.16 14:10:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin

[2010.11.16 13:50:08 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat

[2010.11.16 13:50:08 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat

[2010.11.16 13:50:07 | 000,189,051 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat

[2010.11.16 13:06:10 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2010.11.16 12:55:18 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2010.11.16 12:53:57 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 

< End of report >

--- --- ---

Ein OTL-Extras-logfile gibts dieses mal nicht... hab ich was falsch gemacht?

Gruß,
Bettina