Trojaner-Board - TR/Crypt.XPACK.Gen3

erstmal Entschuldigung dass es so lange gedauert hat und dass ich jetzt zum dritten Mal hintereinander poste aber ich finde hier einfach den Button nicht, mit dem man die vorherige Nachicht wieder löscht,
aber egal, hier nun das, was OTL ausgespuckt hat :
Die Datei OTL.Txt
------------------------------OTL Logfile:

Code:

OTL logfile created on: 08.10.2010 15:05:37 - Run 4

OTL by OldTimer - Version 3.2.14.1     Folder = C:\Dokumente und Einstellungen\Michael\Desktop

Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1.022,00 Mb Total Physical Memory | 531,00 Mb Available Physical Memory | 52,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 133,43 Gb Total Space | 105,73 Gb Free Space | 79,24% Space Free | Partition Type: NTFS

Drive D: | 15,60 Gb Total Space | 5,45 Gb Free Space | 34,92% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: BESITZER-E4905B

Current User Name: Michael

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)

PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

PRC - C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)

PRC - C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)

PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH)

PRC - c:\Programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe (Empolis GmbH)

PRC - C:\Programme\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software)

PRC - C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe (BullGuard Software)

PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)

PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation)

PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation)

PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )

PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)

PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)

PRC - C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.)

PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)

PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Modules (SafeList) ==========

 

MOD - C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)

MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe File not found

SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe File not found

SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)

SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)

SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH)

SRV - (GnabService) -- c:\Programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe (Empolis GmbH)

SRV - (BGMainSvc) -- C:\Programme\BullGuard Software\BullGuard\BsMain.dll (BullGuard, Ltd.)

SRV - (BGLiveSvc) -- C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe (BullGuard Software)

SRV - (BsMailProxy) -- C:\Programme\BullGuard Software\BullGuard\BsMailProxy.dll (BullGuard Ltd.)

SRV - (BsFirewall) -- C:\Programme\BullGuard Software\BullGuard\BsFirewall.dll (BullGuard Ltd.)

SRV - (BsFileSpy) -- C:\Programme\BullGuard Software\BullGuard\BsFileSpy.dll (BullGuard Ltd.)

SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)

SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation )

SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)

SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)

SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)

SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe (America Online, Inc.)

SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)

SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys File not found

DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.)

DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)

DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)

DRV - (PhilCap) -- C:\WINDOWS\system32\drivers\PhilCap.sys (Philips Semiconductors GmbH)

DRV - (NETw3x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw3x32.sys (Intel® Corporation)

DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (NWUSBPort) -- C:\WINDOWS\system32\drivers\nwusbser.sys (Novatel Wireless Inc.)

DRV - (NWUSBModem) -- C:\WINDOWS\system32\drivers\nwusbmdm.sys (Novatel Wireless Inc.)

DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation)

DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation)

DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation                           )

DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.)

DRV - (Reconn) -- C:\Programme\BullGuard Software\BullGuard\reconn.sys ()

DRV - (FileSpy5) -- C:\Programme\BullGuard Software\BullGuard\filespy5.sys (BullGuard Ltd.)

DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.)

DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC)

DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)

DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC)

DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC)

DRV - (AVMUNET) -- C:\WINDOWS\system32\drivers\avmunet.sys (AVM GmbH)

DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)

DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider)

DRV - (ATWPKT2) -- C:\Programme\Gemeinsame Dateien\aol\ACS\atwpkt2.sys (America Online)

DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)

DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)

DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.)

DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.)

DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.)

DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Login :: klamm.de

IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro&type=moz35awe&p="

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"

FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"

FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"

FF - prefs.js..browser.search.order.1: "BearShare Web Search"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"

FF - prefs.js..browser.search.selectedEngine: "ICQ Search"

FF - prefs.js..browser.startup.homepage: "hxxp://www.faiatv.tk"

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1

FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0

FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14

FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6

FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.5

FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.4.15

FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0

FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655

FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.1.0

 

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.21 18:05:18 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.08.21 18:05:18 | 000,000,000 | ---D | M]

 

[2009.12.19 15:30:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Extensions

[2010.10.07 16:00:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions

[2010.08.26 15:04:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2010.08.26 15:04:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010.08.26 15:04:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

[2010.09.17 13:03:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2010.08.26 15:06:10 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}

[2010.06.16 17:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010.08.26 15:04:44 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}

[2010.01.15 18:10:30 | 000,000,000 | ---D | M] (QuickJava) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}

[2009.12.29 16:22:12 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}

[2010.02.16 15:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\illimitux@illimitux.net

[2010.03.28 11:04:34 | 000,002,476 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\BearShareWebSearch.xml

[2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\conduit.xml

[2010.09.17 13:27:19 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1-1-1.xml

[2010.08.26 15:14:49 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1-1.xml

[2010.08.02 11:56:51 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1.xml

[2010.07.14 12:02:09 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1.xml

[2010.06.12 17:07:11 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1.xml

[2010.05.08 16:22:55 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1.xml

[2010.04.26 20:41:42 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1.xml

[2010.07.20 14:46:12 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-2-1.xml

[2010.07.20 14:46:12 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-2.xml

[2010.08.23 15:41:00 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-3.xml

[2010.08.28 14:24:27 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-4.xml

[2010.04.18 19:41:21 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin.xml

[2010.10.07 16:00:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions

[2009.12.19 15:25:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}

[2010.10.06 12:53:32 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de

[2002.03.15 14:53:24 | 000,679,936 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll

[2009.12.02 10:31:53 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml

[2010.03.28 11:04:34 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml

[2009.12.02 10:31:53 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml

[2009.12.02 10:31:53 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml

[2009.12.02 10:31:53 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml

[2009.12.02 10:31:53 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2006.03.24 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)

O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll File not found

O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.)

O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe File not found

O4 - HKLM..\Run: [BullGuard] C:\Programme\BullGuard Software\BullGuard\bullguard.exe (BullGuard Software)

O4 - HKLM..\Run: [InstantOn] C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe ()

O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)

O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)

O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\Home Cinema\PowerDVD\Language\Language.exe ()

O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)

O4 - HKLM..\Run: [NWEReboot]  File not found

O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found

O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia)

O4 - HKLM..\Run: [UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe File not found

O4 - HKCU..\Run: [BullGuard] C:\Programme\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software)

O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)

O4 - HKCU..\Run: [Livestation] C:\Programme\Livestation\Livestation.exe File not found

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.)

O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm ()

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\NPJPI150_09.dll (Sun Microsystems, Inc.)

O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll File not found

O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.)

O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)

O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163614636698 (WUWebControl Class)

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)

O16 - DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} hxxp://www.o2c.de/download/O2CPlayer.CAB (O2C-Player Version 1.x)

O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)

O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\MED5_1280x960.bmp

O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\MED5_1280x960.bmp

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006.11.15 19:12:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\AutoRun\command - "" = F:\installer.exe -- File not found

O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\verb\command - "" = F:\installer.exe -- File not found

O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell - "" = AutoRun

O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\AutoRun - "" = Auto&Play

O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\Open\command - "" = resycled\boot.com f:

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.10.07 22:52:44 | 000,000,000 | ---D | C] -- C:\Programme\ASCOMP Software

[2010.10.07 22:51:48 | 000,000,000 | ---D | C] -- C:\Programme\Free Screen To Video

[2010.10.07 15:46:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC

[2010.10.07 14:48:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\ASCOMP Software

[2010.10.07 14:46:28 | 002,989,328 | ---- | C] (ASCOMP Software GmbH                                        ) -- C:\Dokumente und Einstellungen\Michael\Desktop\sEraser_3.201.exe

[2010.10.06 12:53:27 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker

[2010.10.06 12:53:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\QuickStoresToolbar

[2010.10.05 22:01:53 | 000,000,000 | ---D | C] -- C:\video_output

[2010.10.05 21:57:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\GetRightToGo

[2010.10.05 21:50:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Any Video Converter

[2010.10.05 21:10:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\ImTOO Software Studio

[2010.10.05 16:24:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Michael\IECompatCache

[2010.10.04 16:41:38 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe

[2010.10.02 17:26:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\AnvSoft

[2010.10.02 17:26:11 | 000,000,000 | ---D | C] -- C:\Programme\AnvSoft

[2010.10.01 17:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Malwarebytes

[2010.10.01 17:48:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes

[2010.09.27 21:44:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Desktop\mp3-player

[2010.09.17 13:16:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\FreeScreenToVideo

[2010.09.17 13:14:56 | 004,219,209 | ---- | C] (Koyote Soft                                                 ) -- C:\Dokumente und Einstellungen\Michael\Desktop\Setup_FreeScreenVideo_1.2.exe

[2010.09.17 13:01:39 | 011,405,816 | ---- | C] (DVDVideoSoft Limited.                                       ) -- C:\Dokumente und Einstellungen\Michael\Desktop\FreeVideoDub_1.8.exe

[2010.09.10 13:51:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe

[2010.09.09 19:31:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Verkaufsbeatz 100%

[2010.09.08 20:35:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\IObit

[2010.09.08 20:35:40 | 000,000,000 | ---D | C] -- C:\Programme\IObit

[2010.09.08 20:34:08 | 007,486,800 | ---- | C] (IObit                                                       ) -- C:\Dokumente und Einstellungen\Michael\Desktop\asc-setup-softonic.exe

[2010.09.08 20:33:49 | 000,000,000 | ---D | C] -- C:\Programme\MSECache

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.10.08 00:08:03 | 010,252,539 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Murderlinez - Volles Magazin EP Snipped.mp3

[2010.10.07 23:10:25 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2010.10.07 23:10:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2010.10.07 23:10:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010.10.07 23:10:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010.10.07 23:10:03 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys

[2010.10.07 23:09:24 | 005,505,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Michael\NTUSER.DAT

[2010.10.07 23:09:24 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Michael\ntuser.ini

[2010.10.07 22:52:45 | 000,001,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Secure Eraser.lnk

[2010.10.07 22:51:51 | 000,000,777 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Free Screen To Video.lnk

[2010.10.07 16:13:10 | 000,000,580 | ---- | M] () -- C:\WINDOWS\win.ini

[2010.10.07 16:13:10 | 000,000,257 | ---- | M] () -- C:\WINDOWS\system.ini

[2010.10.07 14:46:54 | 002,989,328 | ---- | M] (ASCOMP Software GmbH                                        ) -- C:\Dokumente und Einstellungen\Michael\Desktop\sEraser_3.201.exe

[2010.10.07 13:34:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2010.10.05 22:02:31 | 000,070,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010.10.05 20:09:06 | 000,000,681 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os245324.bin

[2010.10.04 16:41:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe

[2010.10.02 16:53:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2010.09.29 20:26:03 | 000,022,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Widerrufung der Musterung.doc

[2010.09.17 13:43:53 | 013,570,048 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\murderlinez.avi

[2010.09.17 13:22:28 | 007,309,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\jojojo.flv

[2010.09.17 13:15:32 | 004,219,209 | ---- | M] (Koyote Soft                                                 ) -- C:\Dokumente und Einstellungen\Michael\Desktop\Setup_FreeScreenVideo_1.2.exe

[2010.09.17 13:03:19 | 011,405,816 | ---- | M] (DVDVideoSoft Limited.                                       ) -- C:\Dokumente und Einstellungen\Michael\Desktop\FreeVideoDub_1.8.exe

[2010.09.15 12:54:36 | 000,903,837 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scaface eier.mp3

[2010.09.13 20:35:55 | 001,534,955 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface arsch.mp3

[2010.09.13 20:34:23 | 004,005,094 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface deal.mp3

[2010.09.13 20:31:40 | 000,394,971 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface reinkomm.mp3

[2010.09.13 20:21:36 | 003,497,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface klamotten skit.mp3

[2010.09.11 13:56:42 | 010,288,065 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Immer wenn ich rhyme clubshooter.mp3

[2010.09.11 13:25:56 | 006,615,044 | ---- | M] () -- C:\Standard.wav

[2010.09.09 15:51:15 | 001,580,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2010.09.08 20:35:24 | 007,486,800 | ---- | M] (IObit                                                       ) -- C:\Dokumente und Einstellungen\Michael\Desktop\asc-setup-softonic.exe

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2010.10.08 00:07:35 | 010,252,539 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Murderlinez - Volles Magazin EP Snipped.mp3

[2010.10.07 23:10:03 | 1071,828,992 | -HS- | C] () -- C:\hiberfil.sys

[2010.10.07 22:52:45 | 000,001,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Secure Eraser.lnk

[2010.10.07 22:51:51 | 000,000,777 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Free Screen To Video.lnk

[2010.09.28 18:09:18 | 000,022,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Widerrufung der Musterung.doc

[2010.09.17 13:39:14 | 013,570,048 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\murderlinez.avi

[2010.09.17 13:22:27 | 007,309,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\jojojo.flv

[2010.09.15 12:54:33 | 000,903,837 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scaface eier.mp3

[2010.09.13 20:35:52 | 001,534,955 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface arsch.mp3

[2010.09.13 20:34:20 | 004,005,094 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface deal.mp3

[2010.09.13 20:31:40 | 000,394,971 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface reinkomm.mp3

[2010.09.13 20:21:31 | 003,497,273 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface klamotten skit.mp3

[2010.09.11 13:56:23 | 010,288,065 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Immer wenn ich rhyme clubshooter.mp3

[2010.09.11 13:24:46 | 006,615,044 | ---- | C] () -- C:\Standard.wav

[2010.08.11 20:14:50 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest

[2010.08.11 20:14:49 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll

[2010.04.12 14:41:05 | 000,076,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Smiley.ico

[2010.04.03 18:50:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Default.PLS

[2010.01.07 17:20:23 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\wklnhst.dat

[2010.01.02 00:34:36 | 000,070,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009.11.25 22:45:00 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2006.11.16 03:27:46 | 000,241,664 | ---- | C] () -- C:\WINDOWS\NwtGatewayDLL.dll

[2006.11.16 03:27:46 | 000,001,110 | ---- | C] () -- C:\WINDOWS\NwtGatewayConfig.ini

[2006.11.16 03:18:47 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll

[2006.11.16 03:15:42 | 000,000,024 | ---- | C] () -- C:\WINDOWS\magix.ini

[2006.11.16 03:09:14 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2006.11.16 03:09:11 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2006.11.16 02:03:59 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\midas.dll

[2006.11.16 02:03:59 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll

[2006.11.16 02:02:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2006.11.16 00:49:41 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2006.11.15 23:46:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini

[2006.11.15 21:15:44 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini

[2006.11.15 21:12:35 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys

[2006.11.15 21:12:35 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\8679CB5C67.sys

[2006.11.15 19:49:38 | 000,003,376 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

[2006.11.15 19:37:54 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2006.11.15 19:36:37 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini

[2006.11.15 19:29:15 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll

[2006.11.10 16:29:59 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2006.11.10 16:29:58 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2006.11.10 16:29:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2006.11.10 16:29:55 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2006.11.10 16:29:54 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll

[2006.09.20 09:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini

[2006.03.24 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[2006.03.07 19:58:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\716xCoInstaller.dll

[2005.08.16 14:48:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\OrdMen.dll

[2005.08.16 14:48:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\SOFFICK2.dll

[2005.08.16 14:48:00 | 000,070,144 | ---- | C] () -- C:\WINDOWS\System32\ENCODE32.DLL

[2005.08.16 14:48:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\TAL12832.DLL

[2005.08.16 14:48:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\TALDM32A.dll

[2005.08.16 14:48:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\TALDM32.DLL

[2005.08.16 14:47:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN3.DLL

[2005.08.16 14:47:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN2.DLL

[2005.08.16 14:47:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SBSPAINT.DLL

[2005.08.05 15:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll

< End of report >

--- --- ---

Die Datei Extras.txt
----------------------------------OTL Logfile:

Code:

OTL Extras logfile created on: 08.10.2010 15:05:37 - Run 4

OTL by OldTimer - Version 3.2.14.1     Folder = C:\Dokumente und Einstellungen\Michael\Desktop

Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1.022,00 Mb Total Physical Memory | 531,00 Mb Available Physical Memory | 52,00% Memory free

2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 133,43 Gb Total Space | 105,73 Gb Free Space | 79,24% Space Free | Partition Type: NTFS

Drive D: | 15,60 Gb Total Space | 5,45 Gb Free Space | 34,92% Space Free | Partition Type: FAT32

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: BESITZER-E4905B

Current User Name: Michael

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: Current user

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

"AntiVirusOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]

"Start" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]

"Start" = 2

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)

"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)

"C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Nero AG)

"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:enabled:Nero Home -- (Nero AG)

"C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe:*:enabled:Nero Upgrade -- (Nero AG)

"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:enabled:Nero Setup -- (Nero AG)

"C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe" = C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe:*:enabled:Sceneo Bonavista -- (Buhl Data Service GmbH)

"C:\Programme\BullGuard Software\BullGuard\BullGuard.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuard.exe:*:enabled:BullGuard -- (BullGuard Software)

"C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe:*:enabled:BullGuard Update -- (BullGuard Software)

"C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe" = C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe:*:enabled:MEDIONbox Client -- (Empolis GmbH)

"C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe" = C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe:*:enabled:TVsweeper -- (Sonavis GmbH)

"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (America Online, Inc.)

"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)

"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)

"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)

"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)

"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)

"C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Nero AG)

"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:enabled:Nero Home -- (Nero AG)

"C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe:*:enabled:Nero Upgrade -- (Nero AG)

"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:enabled:Nero Setup -- (Nero AG)

"C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe" = C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe:*:enabled:Sceneo Bonavista -- (Buhl Data Service GmbH)

"C:\Programme\BullGuard Software\BullGuard\BullGuard.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuard.exe:*:enabled:BullGuard -- (BullGuard Software)

"C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe:*:enabled:BullGuard Update -- (BullGuard Software)

"C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe" = C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe:*:enabled:MEDIONbox Client -- (Empolis GmbH)

"C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe" = C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe:*:enabled:TVsweeper -- (Sonavis GmbH)

"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)

"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (America Online, Inc.)

"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)

"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)

"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)

"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)

"C:\Programme\BearShare Applications\BearShare\BearShare.exe" = C:\Programme\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found

"C:\Programme\Livestation\Livestation.exe" = C:\Programme\Livestation\Livestation.exe:*:Enabled:Livestation -- File not found

"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- File not found

"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)

"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003

"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting

"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup

"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate

"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe

"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe  1.4.89.1

"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9

"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP

"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Foto 7.0

"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA

"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer

"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant

"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials

"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD

"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3

"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro

"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5

"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr

"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp

"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3

"{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}" = Windows Live Messenger

"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3

"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz

"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi

"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002

"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer

"{98786147-80E3-41A5-A80C-1F3C028558CF}" = Hearts of Iron 2

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3

"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML

"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support

"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2

"{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT Home

"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch

"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc

"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer

"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2

"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update

"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser

"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{D0CC1431-915D-4454-A045-232155BFD498}" = TVsweeper

"{D2784EF8-89B9-4992-935B-389F225AD377}" = Vodafone Mobile Connect

"{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0

"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack

"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore

"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0 

"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup

"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F79A208D-D929-11D9-9D77-000129760D75}" = MagicDirector 1.2

"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3

"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4

"ALDI Foto Service Nord D" = ALDI Foto Service Nord (D)

"ALDI Online Druck Service (Nord)" = ALDI Online Druck Service (Nord)

"AVMFBox" = FRITZ!Box

"BullGuard" = BullGuard 6.1

"Cool Edit Pro 2.0" = Cool Edit Pro 2.0

"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar

"Free Screen To Video_is1" = Free Screen To Video V 1.2

"ie8" = Windows Internet Explorer 8

"InstallShield_{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT

"LetsTrade" = LetsTrade Komponenten

"MAGIX music maker SE" = MAGIX music maker SE

"MEDION Fotos auf CD Nord D" = MEDION Fotos auf CD Nord (D)

"medionmusic-manager gold" = medionmusic-manager gold

"medionmusic-Suite" = medionmusic-Suite

"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1

"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)

"NVIDIA Drivers" = NVIDIA Drivers

"Nvu_is1" = Nvu 1.0

"ProInst" = Intel(R) PROSet/Wireless Software

"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0

"RealPlayer 6.0" = RealPlayer Basic

"Secure Eraser_is1" = Secure Eraser v3.2

"Shockwave" = Shockwave

"SMSERIAL" = Motorola SM56 Data Fax Modem

"ST6UNST #1" = HelloFriendz Ultra

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"Tweak UI 2.10" = Tweak UI

"Uninstall_is1" = Uninstall 1.0.0.1

"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

"WIC" = Windows Imaging Component

"Windows Media Format Runtime" = Windows Media Format Runtime

"Windows XP Media Center Edition Screen Saver Screen Saver" = Windows XP Media Center Edition Screen Saver Screen Saver

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinRAR archiver" = WinRAR

"WMCSetup" = Windows Media Connect

"Works2003Setup" = Microsoft Works 2003-Setup-Start

"X10Hardware" = X10 Hardware(TM)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"95b48956554fe2e1" = RecordDeal

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 02.10.2010 10:21:11 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100

Description = 

 

Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100

Description = 

 

Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100

Description = 

 

Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100

Description = 

 

Error - 04.10.2010 08:25:48 | Computer Name = BESITZER-E4905B | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4027.0, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 04.10.2010 09:04:44 | Computer Name = BESITZER-E4905B | Source = MsiInstaller | ID = 11336

Description = Product: Adobe Device Central CS3 -- Error 1336.Beim Erstellen der

 für die Installation erforderlichen temporären Datei ist ein Fehler aufgetreten.

  Ordner: C:\Config.Msi\. Systemfehlercode: 1450

 

Error - 04.10.2010 09:06:54 | Computer Name = BESITZER-E4905B | Source = MsiInstaller | ID = 10005

Description = Product: Adobe Camera Raw 4.0 -- Internal Error 2203. C:\WINDOWS\Installer\335026.ipi,

 -2147023446

 

Error - 04.10.2010 09:33:02 | Computer Name = BESITZER-E4905B | Source = Application Error | ID = 1000

Description = Fehlgeschlagene Anwendung chrome.exe, Version 0.0.0.0, fehlgeschlagenes

 Modul kernel32.dll, Version 5.1.2600.3541, Fehleradresse 0x00012a6b.

 

Error - 05.10.2010 15:45:57 | Computer Name = BESITZER-E4905B | Source = Application Hang | ID = 1002

Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4027.0, Stillstandmodul

 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

 

Error - 07.10.2010 16:52:00 | Computer Name = BESITZER-E4905B | Source = .NET Runtime 2.0 Error Reporting | ID = 5000

Description = EventType clr20r3, P1 freescreenvideo.exe, P2 1.2.0.0, P3 4b8bc881,

 P4 system, P5 2.0.0.0, P6 4ba85929, P7 2c70, P8 67, P9 system.net.sockets.socket,

 P10 NIL.

 

[ System Events ]

Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001

Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,

 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31

 

Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001

Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,

 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31

 

Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"

 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31

 

Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001

Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,

 der aufgrund folgenden Fehlers nicht gestartet wurde:   %%31

 

Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   AFD  avgio  Fips  intelppm  IPSec  MRxSmb  NetBIOS  NetBT  RasAcd  Rdbss  Tcpip  wpsdrvnt

 

Error - 07.10.2010 17:08:22 | Computer Name = BESITZER-E4905B | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"

 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}

 

Error - 07.10.2010 17:09:24 | Computer Name = BESITZER-E4905B | Source = DCOM | ID = 10005

Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"

 mit den Argumenten ""  gestartet wurde, um den folgenden Server zu verwenden:  {1BE1F766-5536-11D1-B726-00C04FB926AF}

 

Error - 07.10.2010 17:10:13 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Avira AntiVir Planer" wurde aufgrund folgenden Fehlers

 nicht gestartet:   %%3

 

Error - 07.10.2010 17:10:13 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers 

nicht gestartet:   %%3

 

Error - 07.10.2010 17:10:14 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7026

Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:

   avgio

 

 

< End of report >

--- --- ---

Ich hoffe , dass mir jetzt jemand helfen kann, ich krig hier nemlich wirklich die Kriese ^^

Hier der Combofix Log
---------------------------------
Combofix Logfile:

Code:

ComboFix 10-10-12.03 - Michael 13.10.2010  13:03:21.1.2 - x86

Microsoft Windows XP Professional  5.1.2600.2.1252.49.1031.18.1022.546 [GMT 2:00]

ausgeführt von:: c:\dokumente und einstellungen\Michael\Desktop\cofi.exe

AV: BullGuard Antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}

FW: BullGuard Firewall *enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}

.
 

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.
 

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\1.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\a.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\b.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\c.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\d.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\e.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\f.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\g.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\h.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\i.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\J.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\k.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\l.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\m.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\mru.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\n.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\o.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\p.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\q.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\r.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\s.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\t.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\u.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\v.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\w.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\x.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\y.xml

c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\z.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\1.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\a.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\b.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\c.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\d.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\e.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\f.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\g.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\h.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\i.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\J.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\k.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\l.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\m.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\mru.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\n.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\o.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\p.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\q.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\r.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\s.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\t.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\u.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\v.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\w.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\x.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\y.xml

c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\z.xml

c:\windows\system32\Settings

c:\windows\system32\Settings\Settings.ini
 

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.
 

-------\Legacy_NPF
 
 

(((((((((((((((((((((((   Dateien erstellt von 2010-09-13 bis 2010-10-13  ))))))))))))))))))))))))))))))

.
 

2010-10-12 11:48 . 2010-10-12 11:48        --------        d-----w-        c:\dokumente und einstellungen\Michael\L

2010-10-10 13:48 . 2010-10-10 13:58        --------        d---a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP

2010-10-10 09:48 . 2010-10-10 09:48        --------        d-----w-        C:\_OTL

2010-10-07 20:52 . 2010-10-07 20:52        --------        d-----w-        c:\programme\ASCOMP Software

2010-10-07 20:51 . 2010-10-07 20:51        --------        d-----w-        c:\programme\Free Screen To Video

2010-10-07 13:45 . 2010-10-07 13:45        --------        d-sh--w-        c:\dokumente und einstellungen\Administrator\PrivacIE

2010-10-07 13:43 . 2010-10-07 13:43        --------        d-----w-        c:\dokumente und einstellungen\Administrator\Anwendungsdaten\ASCOMP Software

2010-10-07 12:48 . 2010-10-07 12:48        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\ASCOMP Software

2010-10-06 10:53 . 2010-10-07 13:57        --------        d-----w-        c:\programme\Unlocker

2010-10-06 10:53 . 2010-10-06 14:03        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\QuickStoresToolbar

2010-10-05 19:57 . 2010-10-05 19:58        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\GetRightToGo

2010-10-05 18:11 . 2010-10-05 18:11        --------        d-sh--w-        c:\dokumente und einstellungen\Administrator\IETldCache

2010-10-05 14:24 . 2010-10-05 14:24        --------        d-sh--w-        c:\dokumente und einstellungen\Michael\IECompatCache

2010-10-02 15:26 . 2010-10-02 15:26        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\AnvSoft

2010-10-02 15:26 . 2010-10-02 15:26        --------        d-----w-        c:\programme\AnvSoft

2010-10-01 15:48 . 2010-10-01 15:48        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\Malwarebytes

2010-10-01 15:48 . 2010-10-01 15:48        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes

2010-09-19 11:01 . 2010-09-24 17:59        --------        d-----w-        c:\dokumente und einstellungen\Siggi

2010-09-17 11:16 . 2010-10-04 13:22        --------        d-----w-        c:\dokumente und einstellungen\Michael\Anwendungsdaten\FreeScreenToVideo
 

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.
 

------- Sigcheck -------
 

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys

[-] 2006-03-24 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys

[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
 

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asyncmac.sys

[-] 2006-03-24 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys

[-] 2006-03-24 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
 

[-] 2006-03-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys

[-] 2006-03-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
 

[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kbdclass.sys

[-] 2006-03-24 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
 

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ndis.sys

[-] 2006-03-24 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys

[-] 2006-03-24 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
 

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntfs.sys

[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\I386\NTFS.SYS

[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys

[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
 

[-] 2006-03-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys

[-] 2006-03-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
 

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys

[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tcpip.sys

[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748$\tcpip.sys

[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys

[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
 

[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\browser.dll

[-] 2006-03-24 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll

[-] 2006-03-24 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
 

[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lsass.exe

[-] 2006-03-24 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe

[-] 2006-03-24 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
 

[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netman.dll

[-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll

[-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\dllcache\netman.dll

[-] 2005-08-22 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
 

[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\qmgr.dll

[-] 2006-03-24 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll

[-] 2006-03-24 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
 

[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll

[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll

[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll

[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\rpcss.dll

[-] 2005-07-26 . 891E3E4537C6DFCAE475073FC49CE9CB . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

[-] 2005-07-26 . DBA9F9C00A7A2B45EB8E451C2B6D10E9 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

[-] 2005-04-28 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

[-] 2005-01-14 . 64F7E6B27B790365A910ECE21134A680 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
 

[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe

[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe

[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe

[-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe

[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\services.exe

[-] 2006-03-24 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe
 

[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\spoolsv.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe

[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\dllcache\spoolsv.exe
 

[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe

[-] 2006-03-24 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe

[-] 2006-03-24 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
 

[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\comctl32.dll

[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\60\msft\windows\common\controls\comctl32.dll

[-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2006-08-25 . F64451D07B9368B46AB31172D56D1804 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

[-] 2006-03-24 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

[-] 2006-03-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL

[-] 2006-03-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[-] 2006-03-24 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
 

[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\cryptsvc.dll

[-] 2006-03-24 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll

[-] 2006-03-24 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
 

[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll

[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll

[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

[-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll

[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\es.dll

[-] 2005-07-26 04:39 . BEBC63622BDC30053A3145EBD90AF450 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll

[-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
 

[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\imm32.dll

[-] 2006-03-24 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll

[-] 2006-03-24 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
 

[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll

[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll

[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll

[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll

[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kernel32.dll

[-] 2006-07-05 . 0BEFE0BF274818EC0785B7B842967313 . 1058816 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2006-07-05 . E42795D2E7725D378EE2A4BFA6FE9DB3 . 1057792 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
 

[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\linkinfo.dll

[-] 2005-09-01 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

[-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll

[-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\dllcache\linkinfo.dll
 

[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lpk.dll

[-] 2006-03-24 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll

[-] 2006-03-24 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
 

[-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll

[-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll

[-] 2010-02-25 . 0A164AB476D7835335220D7A2AE5578B . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll

[-] 2009-12-22 . DEBDFEE5D25C43616E0A29092F17F38D . 3092480 . . [6.00.2900.3660] . . c:\windows\ie8\mshtml.dll

[-] 2009-12-22 . 25EDB39CE3473A734476100AB8DE6A15 . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll

[-] 2009-12-22 . 55EBD086581CA985DFB63736ED42629E . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll

[-] 2009-12-21 . DDAAECF8E188A0E2DB93842A7D193641 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll

[-] 2009-10-29 . D473C3526B86547643858E40FD096422 . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll

[-] 2009-10-29 . 430315D0CAA115EA42EFDF31A93AB5D0 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll

[-] 2009-10-29 . 0B59B93A2524462E02EB2084FEA2E9C1 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll

[-] 2009-10-29 . A49E11FC06282A68232DE1AF1E9C9CD3 . 3091968 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207$\mshtml.dll

[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll

[-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mshtml.dll

[-] 2006-09-14 . A09E8EEAE6D29E90BC292631528EFCDB . 3079680 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB976325$\mshtml.dll

[-] 2006-07-28 . A395AD5E6C72F198C8E507BC2B27BC6B . 3079168 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll

[-] 2006-03-24 . 3910C7977DF6C8BCB604350173066D79 . 3070464 . . [6.00.2900.2853] . . c:\windows\$NtUninstallKB911164$\mshtml.dll

[-] 2006-03-24 . 3910C7977DF6C8BCB604350173066D79 . 3070464 . . [6.00.2900.2853] . . c:\windows\I386\MSHTML.DLL

[-] 2006-02-21 . 01432C2102578F0AB9ADDFEC91043D06 . 3073024 . . [6.00.2900.2853] . . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll

[-] 2005-11-23 . 8ABDBAE6032562F17DCF962847ABB811 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll

[-] 2005-10-05 . 8898B48E79C56605393FDB7F3A033036 . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll

[-] 2005-07-20 . 2068C163B1FE8BF48FC6174234D0F237 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll

[-] 2005-05-02 . 083EFE3B8E19213B6C6DAAB6F2F83954 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll

[-] 2005-03-09 . 243340D137D0B54CC5B440D7E4880B63 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll

[-] 2005-01-27 . 19F79F718CABBFC3DAD25D7914D5601B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll

[-] 2004-09-29 . EF245F9603EF899E9A5B3A2D107BC32E . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
 

[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msvcrt.dll

[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\70\msft\windows\mswincrt\msvcrt.dll

[-] 2006-03-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL

[-] 2006-03-24 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\I386\WIN9XUPG\MSVCRT.DLL

[-] 2006-03-24 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll

[-] 2006-03-24 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll

[-] 2006-03-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2006-03-24 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
 

[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll

[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll

[-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mswsock.dll

[-] 2006-03-24 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
 

[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll

[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll

[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll

[-] 2006-03-24 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll

[-] 2006-03-24 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
 

[-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe

[-] 2010-02-16 . 8E7095FB13BD7B45F679E733E33813DB . 2183680 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe

[-] 2010-02-16 . 8E7095FB13BD7B45F679E733E33813DB . 2183680 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe

[-] 2010-02-16 . 22FB992849C75B08F3A9BFB19B87935D . 2139648 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe

[-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe

[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe

[-] 2009-12-09 . F9CAC8B387039065F800D0A25721EAD1 . 2138624 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe

[-] 2009-12-09 . 840D13EAE78CDFC9C272F38BC2E9AC13 . 2188288 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntoskrnl.exe

[-] 2009-12-09 . F71185C58C105BDB2BE1AEEAF4198F6E . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe

[-] 2009-08-04 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe

[-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

[-] 2009-08-04 . 2D5CFDE135E502FB4290F6C280FDE252 . 2188288 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe

[-] 2009-08-04 . 5EA5FC2BEA33395C728B920A2DC22AFE . 2138624 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe

[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[-] 2009-02-09 . E22124EC3A33F40755DCD2F4B1BE8A87 . 2188416 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe

[-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe

[-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntoskrnl.exe

[-] 2005-03-02 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe

[-] 2005-03-02 . 3DDC2BC3D32B2FC505D09B8B8974D5BB . 2138112 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
 

[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\powrprof.dll

[-] 2006-03-24 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll

[-] 2006-03-24 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
 

[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll

[-] 2006-03-24 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll

[-] 2006-03-24 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
 

[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfc.dll

[-] 2006-03-24 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll

[-] 2006-03-24 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
 

[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\svchost.exe

[-] 2006-03-24 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe

[-] 2006-03-24 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
 

[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tapisrv.dll

[-] 2005-07-08 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

[-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll

[-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\dllcache\tapisrv.dll
 

[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll

[-] 2005-03-02 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll

[-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\system32\dllcache\user32.dll
 

[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe

[-] 2006-03-24 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe

[-] 2006-03-24 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
 

[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll

[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll

[-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll

[-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll

[-] 2009-12-22 . C8F00B80E215CA7D803D1A932CE01C9E . 674304 . . [6.00.2900.3660] . . c:\windows\ie8\wininet.dll

[-] 2009-12-22 . 352E386B17F08786A7F0D9D9D909E1FA . 672768 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll

[-] 2009-12-22 . 7F7A6BC378B622FDFC90C5A5575A83D0 . 674304 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll

[-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll

[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll

[-] 2009-10-29 . 547B7FF3C91C09E7EE82760DA4323706 . 672768 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll

[-] 2009-10-29 . 132C1D9C2DDCDFF55746D73508250362 . 674304 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll

[-] 2009-10-29 . 66F8DD3C5A2F6B5B839B96F9704B40BA . 674304 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207$\wininet.dll

[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll

[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wininet.dll

[-] 2006-09-14 . C98F3024049AAEAFAE1340D94C16FDC8 . 670208 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB976325$\wininet.dll

[-] 2006-06-23 . 05E47EA6708BD99DF2D8E4ABD55DF079 . 670208 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll

[-] 2005-10-21 . F3118DF4ABD118B11326D1C7A0093867 . 667136 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll

[-] 2005-09-02 . C9ABC4AE17820BFEE9A4307B8A4E6DE9 . 666112 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll

[-] 2005-07-03 . E992695B2D5628154B65FE8DFB0F3CCA . 665088 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll

[-] 2005-05-02 . 8C907B730E9CFCFDF0157F3EA20D4424 . 664576 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll

[-] 2005-03-10 . 235D1D42C2D23FA1BC8A9EDB267FFE86 . 663552 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll

[-] 2005-01-27 . D9460271895ADBB382769AF1FC701169 . 663552 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll

[-] 2004-09-29 . 1C035CB755ED9204176668209A3B498D . 662528 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
 

[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2_32.dll

[-] 2006-03-24 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll

[-] 2006-03-24 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
 

[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2help.dll

[-] 2006-03-24 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll

[-] 2006-03-24 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
 

[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe

[-] 2006-03-24 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\explorer.exe

[-] 2006-03-24 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
 

[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ole32.dll

[-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll

[-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll

[-] 2005-07-25 . 24EDF93FD04CA1A98D32F092DD4F9953 . 1286144 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll

[-] 2005-04-28 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll

[-] 2005-01-14 . 11565070406B8892149C360A4FB23731 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
 

[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\srsvc.dll

[-] 2006-03-24 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll

[-] 2006-03-24 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
 

[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wscntfy.exe

[-] 2006-03-24 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe

[-] 2006-03-24 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
 

[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\xmlprov.dll

[-] 2006-03-24 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll

[-] 2006-03-24 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
 

[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll

[-] 2006-03-24 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll

[-] 2006-03-24 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
 

[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfcfiles.dll

[-] 2006-03-24 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll

[-] 2006-03-24 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
 

[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ctfmon.exe

[-] 2006-03-24 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe

[-] 2006-03-24 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
 

[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\shsvcs.dll

[-] 2006-03-24 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll

[-] 2006-03-24 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
 

[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\regsvc.dll

[-] 2006-03-24 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll

[-] 2006-03-24 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
 

[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\schedsvc.dll

[-] 2006-03-24 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll

[-] 2006-03-24 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
 

[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ssdpsrv.dll

[-] 2006-03-24 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll

[-] 2006-03-24 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
 

[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\termsrv.dll

[-] 2006-03-24 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB895961$\termsrv.dll

[-] 2005-03-10 . A0E72E14B0E12B9AA3648FDB31BDE332 . 297472 . . [5.1.2600.2627] . . c:\windows\system32\termsrv.dll

[-] 2005-03-10 . A0E72E14B0E12B9AA3648FDB31BDE332 . 297472 . . [5.1.2600.2627] . . c:\windows\system32\dllcache\termsrv.dll
 

[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\appmgmts.dll

[-] 2006-03-24 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll

[-] 2006-03-24 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll
 

[-] 2006-03-24 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
 

[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\aec.sys

[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys

[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys

[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys

[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
 

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ip6fw.sys

[-] 2006-03-24 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys

[-] 2006-03-24 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
 

[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mfc40u.dll

[-] 2006-03-24 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll

[-] 2006-03-24 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
 

[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msgsvc.dll

[-] 2006-03-24 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll

[-] 2006-03-24 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
 

[-] 2006-03-24 12:00 . 5FDCCC838CD95F61097D8A637F842AA8 . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll

[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll

[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\MsPMSNSv.dll

[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\dllcache\mspmsnsv.dll
 

[-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe

[-] 2010-02-16 . 47F177A955A195B5074FF659AEBDABE0 . 2060672 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe

[-] 2010-02-16 . 47F177A955A195B5074FF659AEBDABE0 . 2060672 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe

[-] 2010-02-16 . 4C56EC495229ABC2F62862A7E145A852 . 2019328 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe

[-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe

[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe

[-] 2009-12-09 . B8BA1682234D56276831A7AFEE33A3F2 . 2018304 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe

[-] 2009-12-09 . 0F0E81D30741E86BCE25AEFEA6CEDF6A . 2065408 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntkrnlpa.exe

[-] 2009-12-09 . ADB6D671931D876CD7D53A5E2C147DBB . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe

[-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe

[-] 2009-08-04 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe

[-] 2009-08-04 . BAA0FD3FF565346D0C5EE3F7F8E10001 . 2065280 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe

[-] 2009-08-04 . 3EF0836DBA4B56F6136D60D08737B20B . 2018304 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe

[-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe

[-] 2009-02-09 . 84C1C109552E9E276FF004E181B80C25 . 2065280 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe

[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntkrnlpa.exe

[-] 2005-03-02 . A3724446ACB9DE8D890CFABD146CD0AD . 2017792 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe

[-] 2005-03-02 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
 

[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntmssvc.dll

[-] 2006-03-24 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll

[-] 2006-03-24 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
 

[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\upnphost.dll

[-] 2006-03-24 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll

[-] 2006-03-24 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
 

[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\dsound.dll

[-] 2006-03-24 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll

[-] 2006-03-24 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
 

[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\d3d9.dll

[-] 2006-03-24 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll

[-] 2006-03-24 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
 

[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ddraw.dll

[-] 2006-03-24 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll

[-] 2006-03-24 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
 

[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\olepro32.dll

[-] 2006-03-24 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll

[-] 2006-03-24 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
 

[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\perfctrs.dll

[-] 2006-03-24 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll

[-] 2006-03-24 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
 

[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\version.dll

[-] 2006-03-24 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll

[-] 2006-03-24 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]

2010-10-12 23:56        2735200        ----a-w-        c:\programme\DVDVideoSoftTB\tbDVD0.dll
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
 

[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BullGuard"="c:\programme\BullGuard Software\BullGuard\BullGuard.exe" [2006-09-19 102400]

"ICQ"="c:\programme\ICQ7.1\ICQ.exe" [2010-08-22 133432]
 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-06 7585792]

"RTHDCPL"="RTHDCPL.EXE" [2006-09-22 16236032]

"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]

"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-04-05 565248]

"IntelZeroConfig"="c:\programme\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]

"IntelWireless"="c:\programme\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]

"BullGuard"="c:\programme\BullGuard Software\BullGuard\bullguard.exe" [2006-09-19 102400]

"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

"LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152]

"InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2005-09-23 93640]

"TVBroadcast"="c:\programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe" [2007-08-07 797696]

"Microsoft Works Update Detection"="c:\programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-24 28672]

"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2010-03-17 421888]

"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-04-28 142120]

"AdobeCS4ServiceManager"="c:\programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]

"STAMPIT-Tray"="c:\progra~1\STAMPIT\BINARY\STRAY.EXE" [2005-08-16 57344]
 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-24 15360]
 

c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\

AOL 9.0 Tray-Symbol.lnk - c:\programme\AOL 9.0\aoltray.exe [2009-12-19 156784]

Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Programme\\Messenger\\msmsgs.exe"=

"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=

"c:\\WINDOWS\\system32\\fxsclnt.exe"=

"c:\\Programme\\NetMeeting\\Conf.exe"=

"c:\\Programme\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe"=

"c:\\Programme\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=

"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Lib\\NeroUpgrade.exe"=

"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Nero Web\\SetupX.exe"=

"c:\\Programme\\Sceneo\\Bonavista\\VMedia\\BVD.exe"=

"c:\\Programme\\BullGuard Software\\BullGuard\\BullGuard.exe"=

"c:\\Programme\\BullGuard Software\\BullGuard\\BullGuardUpdate.exe"=

"c:\\Programme\\Medion\\MEDIONbox\\Program\\GnabClient.exe"=

"c:\\Programme\\Sonavis\\TVsweeper\\\\TVsweeper.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"=

"c:\\Programme\\AOL 9.0\\waol.exe"=

"c:\\Programme\\Mozilla Firefox\\firefox.exe"=

"c:\\Programme\\ICQ7.1\\ICQ.exe"=

"c:\\Programme\\ICQ7.1\\aolload.exe"=

"c:\\Programme\\iTunes\\iTunes.exe"=

"c:\\Programme\\Gemeinsame Dateien\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4
 

R2 BsFileSpy;BullGuard File Monitoring Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]

R2 BsFirewall;BullGuard Firewall Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]

R2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]

R2 GnabService;GnabService;c:\programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe [16.11.2006 03:02 36864]

R2 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [16.11.2006 02:03 1681408]

R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\drivers\avmunet.sys [19.12.2009 13:56 15104]

R3 FileSpy5;BullGuard File Monitor;c:\programme\BullGuard Software\BullGuard\filespy5.sys [08.05.2006 13:17 19536]

R3 Reconn;BullGuard Email Monitor;c:\programme\BullGuard Software\BullGuard\reconn.sys [08.05.2006 13:17 12240]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [15.11.2006 19:43 7040]

S2 AntiVirSchedulerService;Avira AntiVir Planer;"c:\programme\Avira\AntiVir Desktop\sched.exe" --> c:\programme\Avira\AntiVir Desktop\sched.exe [?]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [16.06.2010 16:35 17408]

S3 PhilCap;PhilCap service;c:\windows\system32\drivers\PhilCap.sys [12.10.2006 14:57 1053824]
 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bg5        REG_MULTI_SZ           BGMainSvc BsFileSpy BsMailProxy BsFirewall

.

Inhalt des "geplante Tasks" Ordners
 

2010-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://www.klamm.de/?id=401875

uInternet Settings,ProxyOverride = *.local

IE: Free YouTube Download - c:\dokumente und einstellungen\Michael\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\programme\ICQ7.1\ICQ.exe

IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\programme\kikin\ie_kikin.dll

DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} - hxxp://www.o2c.de/download/O2CPlayer.CAB

FF - ProfilePath - c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\

FF - prefs.js: browser.search.defaulturl - 

FF - prefs.js: browser.search.selectedEngine - ICQ Search

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_0.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_6.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\FFExternalAlert.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCore.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll

FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll

FF - plugin: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\plugins\np-mswmp.dll

FF - plugin: c:\programme\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava11.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava12.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava13.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava14.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava32.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJPI150_09.dll

FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPOJI610.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
 

---- FIREFOX Richtlinien ----

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 

c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -
 

BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\programme\kikin\ie_kikin.dll

HKCU-Run-Livestation - c:\programme\Livestation\Livestation.exe

HKLM-Run-SynTPEnh - c:\programme\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-NWEReboot - (no file)

HKLM-Run-avgnt - c:\programme\Avira\AntiVir Desktop\avgnt.exe

HKLM-Run-UnlockerAssistant - c:\programme\Unlocker\UnlockerAssistant.exe

AddRemove-Shockwave - c:\windows\system32\Macromed\SHOCKW~1\UNWISE.EXE
 
 

.

--------------------- Gesperrte Registrierungsschluessel ---------------------
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"
 

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"
 

[HKEY_LOCAL_MACHINE\software\Philips]

@DACL=(02 0000)

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
 

- - - - - - - > 'explorer.exe'(868)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\programme\Intel\Wireless\Bin\EvtEng.exe

c:\programme\Intel\Wireless\Bin\S24EvMon.exe

c:\programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe

c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\programme\BullGuard Software\BullGuard\BullGuardUpdate.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\programme\Medion\MEDIONbox\Program\GCS.exe

c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe

c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\programme\Intel\Wireless\Bin\RegSrvc.exe

c:\programme\CyberLink\Shared Files\RichVideo.exe

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\wscntfy.exe

c:\windows\RTHDCPL.EXE

c:\windows\eHome\ehmsas.exe

c:\programme\iPod\bin\iPodService.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2010-10-13  13:30:02 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2010-10-13 11:30
 

Vor Suchlauf: 12 Verzeichnis(se), 116.697.497.600 Bytes frei

Nach Suchlauf: 14 Verzeichnis(se), 117.074.755.584 Bytes frei
 

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
 

- - End Of File - - 31CCD9467E7F9195B885589FFEB7AAD7

--- --- ---

--------------------------
und jetz ?^^