F
Fightclub_Vectra
Gast
Hey Leutz,
hatte gestern den Laptop meiner Frau wieder frisch gemacht und heute kamen 3 Meldungen von Antivir wegen Trojanern.
Hab sie in Quarantäne verschoben.
Anschliessen hab ich nach den Trojanern gegooglet, bin auf das Trojaner-Board gestoßen, aber mit dem sachkundigen Beiträgen komm ich nicht klar.
Ich hab nur soviel verstanden, das man diese "Logfiles???" (siehe unten) immer bei der Problemlösung mit posten soll.
Also ich muss doch sagen, das der Laptop extrem langsam ist, dafür das NICHTS drauf ist außer Anwendungsprogramme. Sonst hab ich noch absolut nichts an Daten draufgepackt.
Sehr komisch. Vielleicht kann mir jemand helfen.
Wie bekomme ich den Mist wieder runter?
Wie kann ich als Laie das machen? Hab ingesamt gesehen 0 Plan von Computerzeug.
LG Jens
DDS Scan:
Attach:
________________________________________________________________
OTL Scan:
hatte gestern den Laptop meiner Frau wieder frisch gemacht und heute kamen 3 Meldungen von Antivir wegen Trojanern.
Hab sie in Quarantäne verschoben.
Anschliessen hab ich nach den Trojanern gegooglet, bin auf das Trojaner-Board gestoßen, aber mit dem sachkundigen Beiträgen komm ich nicht klar.
Ich hab nur soviel verstanden, das man diese "Logfiles???" (siehe unten) immer bei der Problemlösung mit posten soll.
Also ich muss doch sagen, das der Laptop extrem langsam ist, dafür das NICHTS drauf ist außer Anwendungsprogramme. Sonst hab ich noch absolut nichts an Daten draufgepackt.
Sehr komisch. Vielleicht kann mir jemand helfen.
Wie bekomme ich den Mist wieder runter?
Wie kann ich als Laie das machen? Hab ingesamt gesehen 0 Plan von Computerzeug.
LG Jens
DDS Scan:
_________________________________________________________________DDS (Ver_09-12-01.01) - NTFSx86
Run by Diana at 8:26:29,92 on 23.01.2010
Internet Explorer: 7.0.6000.16982
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.49.1031.18.2038.965 [GMT 1:00]
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: AntiVir Desktop *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
SP: Windows-Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSD.exe
C:\Program Files\Launch Manager\WButton.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\WisLMSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\ICQ7.0\ICQ.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Diana\Desktop\Download\SpeedScan_setup.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE
C:\Program Files\Avira\AntiVir Desktop\GUARDGUI.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Diana\Desktop\Download\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uURLSearchHooks: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uURLSearchHooks: H - No File
BHO: Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
TB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
EB: ICQToolBar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\program files\icq6toolbar\ICQToolBar.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [ICQ] "c:\program files\icq7.0\ICQ.exe" silent loginmode=4
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [HotkeyApp] "c:\program files\launch manager\HotkeyApp.exe"
mRun: [LMgrVolOSD] "c:\program files\launch manager\OSD.exe"
mRun: [LMgrOSD] "c:\program files\launch manager\OSDCtrl.exe"
mRun: [Wbutton] "c:\program files\launch manager\Wbutton.exe"
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Skytel] Skytel.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [CLMLServer] "c:\program files\homecinema\power2go\CLMLSvc.exe"
mRun: [RemoteControl] "c:\program files\homecinema\powerdvd\PDVDServ.exe"
mRun: [LanguageShortcut] "c:\program files\homecinema\powerdvd\language\Language.exe"
mRun: [UpdatePPShortCut] "c:\program files\homecinema\powerproducer\muitransfer\muistartmenu.exe" "c:\program files\homecinema\powerproducer" update "software\cyberlink\powerproducer\4.0"
mRun: [UCam_Menu] "c:\program files\homecinema\youcam\muitransfer\muistartmenu.exe" "c:\program files\homecinema\youcam" update "software\cyberlink\youcam\1.0"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_03\bin\jusched.exe"
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Performance Center] c:\program files\ascentive\performance center\APCMain.exe -m
IE: {88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\icq7.0\ICQ.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\diana\appdata\roaming\mozilla\firefox\profiles\120ezoaa.default\
FF - prefs.js: browser.startup.homepage - WEB.DE - E-Mail - Suche - DSL - Modem - Shopping - Entertainment
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R0 Si3531;SiI-3531 SATA Controller;c:\windows\system32\drivers\Si3531.sys [2007-6-1 210736]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-1-23 11608]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\avira\antivir desktop\sched.exe [2010-1-23 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-1-23 185089]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-23 56816]
R2 ICQ Service;ICQ Service;c:\program files\icq6toolbar\ICQ Service.exe [2010-1-23 246520]
R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28.sys [2010-1-22 436224]
R3 WisLMSvc;WisLMSvc;c:\program files\launch manager\WisLMSvc.exe [2010-1-22 113152]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [2010-1-22 13976]
=============== Created Last 30 ================
2010-01-23 07:12:38 36864 ----a-w- c:\windows\system32\ascbalon.dll
2010-01-23 07:12:38 307200 ----a-w- c:\windows\system32\AscSQLite.dll
2010-01-23 07:12:36 217088 ----a-w- c:\windows\system32\AscConTest.dll
2010-01-23 07:12:36 20480 ----a-w- c:\windows\system32\SysRestore.dll
2010-01-23 07:12:36 1066176 ----a-w- c:\windows\system32\mscomctl.ocx
2010-01-23 07:12:20 0 d-----w- c:\program files\Ascentive
2010-01-23 07:12:10 0 d-----w- C:\PC SpeedScan Pro
2010-01-23 06:51:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-01-23 06:51:06 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-01-23 06:51:06 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-01-23 06:51:05 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-01-23 06:51:05 24064 ----a-w- c:\windows\system32\lpk.dll
2010-01-23 06:51:05 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-01-23 06:47:25 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-01-23 06:47:25 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2010-01-23 06:47:25 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2010-01-23 06:47:25 272896 ----a-w- c:\windows\system32\polstore.dll
2010-01-23 06:45:32 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2010-01-23 06:45:31 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2010-01-23 06:45:31 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2010-01-23 06:44:36 87040 ----a-w- c:\windows\system32\msoert2.dll
2010-01-23 06:44:36 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2010-01-23 06:44:36 205824 ----a-w- c:\windows\system32\msoeacct.dll
2010-01-23 06:42:29 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2010-01-23 06:42:28 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2010-01-23 06:42:27 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2010-01-23 06:42:27 2027008 ----a-w- c:\windows\system32\win32k.sys
2010-01-23 06:42:26 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2010-01-23 06:42:26 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2010-01-23 06:42:26 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2010-01-23 06:42:26 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys
2010-01-23 06:42:25 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2010-01-23 06:42:24 542720 ----a-w- c:\windows\system32\sysmain.dll
2010-01-23 06:41:32 194560 ----a-w- c:\windows\system32\WebClnt.dll
2010-01-23 06:41:32 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2010-01-23 06:40:46 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2010-01-23 06:40:45 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2010-01-23 06:40:45 47104 ----a-w- c:\windows\system32\wlanapi.dll
2010-01-23 06:40:45 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2010-01-23 06:40:45 1657350 ----a-w- c:\windows\system32\wlan.tmf
2010-01-23 06:40:45 12876 ----a-w- c:\windows\system32\wbem\wlan.mof
2010-01-23 06:40:44 502272 ----a-w- c:\windows\system32\wlansvc.dll
2010-01-23 06:40:44 297984 ----a-w- c:\windows\system32\wlansec.dll
2010-01-23 06:39:48 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-01-23 06:39:48 1260032 ----a-w- c:\windows\system32\msxml3.dll
2010-01-23 06:39:47 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-01-23 06:39:47 1406464 ----a-w- c:\windows\system32\msxml6.dll
2010-01-23 06:38:50 7680 ----a-w- c:\windows\system32\lsass.exe
2010-01-23 06:38:50 72704 ----a-w- c:\windows\system32\secur32.dll
2010-01-23 06:38:50 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-01-23 06:38:50 216576 ----a-w- c:\windows\system32\msv1_0.dll
2010-01-23 06:38:50 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-01-23 06:38:50 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2010-01-23 06:37:58 49664 ----a-w- c:\windows\system32\csrsrv.dll
2010-01-23 06:37:57 376320 ----a-w- c:\windows\system32\winsrv.dll
2010-01-23 06:37:12 98816 ----a-w- c:\windows\system32\mfps.dll
2010-01-23 06:37:12 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2010-01-23 06:37:12 2855424 ----a-w- c:\windows\system32\mf.dll
2010-01-23 06:37:11 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-01-23 06:37:11 2048 ----a-w- c:\windows\system32\mferror.dll
2010-01-23 06:36:14 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-23 06:33:17 376832 ----a-w- c:\windows\system32\winhttp.dll
2010-01-23 06:32:32 71680 ----a-w- c:\windows\system32\atl.dll
2010-01-23 06:31:05 297472 ----a-w- c:\windows\system32\gdi32.dll
2010-01-23 06:30:20 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2010-01-23 06:30:20 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2010-01-23 06:28:33 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-01-23 06:28:33 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-01-23 06:27:46 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-01-23 06:27:01 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2010-01-23 06:26:19 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2010-01-23 06:26:19 30208 ----a-w- c:\windows\system32\xolehlp.dll
2010-01-23 06:25:35 156160 ----a-w- c:\windows\system32\wkssvc.dll
2010-01-23 06:24:49 36352 ----a-w- c:\windows\system32\tsgqec.dll
2010-01-23 06:24:49 1871872 ----a-w- c:\windows\system32\mstscax.dll
2010-01-23 06:24:49 116736 ----a-w- c:\windows\system32\aaclient.dll
2010-01-23 06:23:58 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-01-23 06:22:27 414208 ----a-w- c:\windows\system32\msscp.dll
2010-01-23 06:21:46 713728 ----a-w- c:\windows\system32\timedate.cpl
2010-01-23 06:20:56 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2010-01-23 06:20:09 86016 ----a-w- c:\windows\system32\icfupgd.dll
2010-01-23 06:20:09 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2010-01-23 06:20:09 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2010-01-23 06:20:09 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2010-01-23 06:20:09 16896 ----a-w- c:\windows\system32\wfapigp.dll
2010-01-23 06:20:08 61952 ----a-w- c:\windows\system32\cmifw.dll
2010-01-23 06:20:08 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-01-23 06:20:08 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-01-23 06:20:08 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-01-23 06:17:52 428032 ----a-w- c:\windows\system32\EncDec.dll
2010-01-23 06:17:52 177152 ----a-w- c:\windows\system32\mpg2splt.ax
2010-01-23 06:17:52 1244672 ----a-w- c:\windows\system32\mcmde.dll
2010-01-23 06:17:51 80896 ----a-w- c:\windows\system32\MSNP.ax
2010-01-23 06:17:51 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2010-01-23 06:17:51 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2010-01-23 06:17:51 292352 ----a-w- c:\windows\system32\psisdecd.dll
2010-01-23 06:17:51 217088 ----a-w- c:\windows\system32\psisrndr.ax
2010-01-23 06:14:46 696832 ----a-w- c:\windows\system32\localspl.dll
2010-01-23 06:14:08 88576 ----a-w- c:\windows\system32\avifil32.dll
2010-01-23 06:14:08 82944 ----a-w- c:\windows\system32\mciavi32.dll
2010-01-23 06:14:08 65024 ----a-w- c:\windows\system32\avicap32.dll
2010-01-23 06:14:08 31232 ----a-w- c:\windows\system32\msvidc32.dll
2010-01-23 06:14:08 12800 ----a-w- c:\windows\system32\msrle32.dll
2010-01-23 06:14:08 123904 ----a-w- c:\windows\system32\msvfw32.dll
2010-01-23 06:12:45 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2010-01-23 06:12:45 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2010-01-23 06:12:45 17464 ----a-w- c:\windows\system32\drivers\intelide.sys
2010-01-23 06:12:45 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2010-01-23 06:12:44 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2010-01-23 06:12:44 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2010-01-23 06:12:08 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2010-01-23 06:11:35 2923520 ----a-w- c:\windows\explorer.exe
2010-01-23 06:10:13 24064 ----a-w- c:\windows\system32\netcfg.exe
2010-01-23 06:08:59 1963520 ----a-w- c:\windows\system32\NlsData0026.dll
2010-01-23 06:05:52 1585664 ----a-w- c:\windows\system32\setupapi.dll
2010-01-23 05:51:21 65536 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.dpx
2010-01-23 05:51:21 196608 ----a-w- c:\windows\ocsetup_cbs_install_NetFx3.perf
2010-01-23 05:51:20 24248320 ----a-w- c:\windows\ocsetup_install_NetFx3.etl
2010-01-23 05:48:56 96760 ----a-w- c:\windows\system32\dfshim.dll
2010-01-23 05:48:56 41984 ----a-w- c:\windows\system32\netfxperf.dll
2010-01-23 05:48:54 83968 ----a-w- c:\windows\system32\mscories.dll
2010-01-23 05:48:54 282112 ----a-w- c:\windows\system32\mscoree.dll
2010-01-23 05:48:54 158720 ----a-w- c:\windows\system32\mscorier.dll
2010-01-23 05:42:25 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-01-23 05:42:23 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-01-23 05:42:23 1686528 ----a-w- c:\windows\system32\gameux.dll
2010-01-23 05:41:57 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2010-01-23 05:41:57 94720 ----a-w- c:\windows\system32\logagent.exe
2010-01-23 05:41:42 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-01-23 05:41:42 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-01-23 05:41:42 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-01-23 05:41:27 84480 ----a-w- c:\windows\system32\INETRES.dll
2010-01-23 05:41:27 737792 ----a-w- c:\windows\system32\inetcomm.dll
2010-01-23 05:41:17 60928 ----a-w- c:\windows\system32\msasn1.dll
2010-01-23 05:41:07 1645568 ----a-w- c:\windows\system32\connect.dll
2010-01-23 05:40:56 5120 ----a-w- c:\windows\system32\wmi.dll
2010-01-23 05:40:56 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2010-01-23 05:40:55 152576 ----a-w- c:\windows\system32\imagehlp.dll
2010-01-23 05:40:39 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2010-01-23 05:40:30 1327104 ----a-w- c:\windows\system32\quartz.dll
2010-01-23 05:40:22 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-01-23 05:40:13 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-23 05:40:07 974336 ----a-w- c:\windows\system32\crypt32.dll
2010-01-23 05:39:47 274432 ----a-w- c:\windows\system32\raschap.dll
2010-01-23 05:39:47 232960 ----a-w- c:\windows\system32\rastls.dll
2010-01-23 05:39:38 321536 ----a-w- c:\windows\system32\WSDApi.dll
2010-01-23 05:39:30 99840 ----a-w- c:\windows\system32\poqexec.exe
2010-01-23 05:39:16 0 d-----w- c:\program files\MSXML 4.0
2010-01-23 05:39:07 633856 ----a-w- c:\windows\system32\user32.dll
2010-01-23 05:38:42 750080 ----a-w- c:\windows\system32\qmgr.dll
2010-01-23 05:38:37 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2010-01-23 05:38:20 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2010-01-23 05:38:18 7680 ----a-w- c:\windows\system32\spwmp.dll
2010-01-23 05:38:17 4096 ----a-w- c:\windows\system32\msdxm.ocx
2010-01-23 05:38:17 4096 ----a-w- c:\windows\system32\dxmasf.dll
2010-01-23 05:38:12 311296 ----a-w- c:\windows\system32\unregmp2.exe
2010-01-23 05:36:58 0 d-----w- c:\program files\ICQ6Toolbar
2010-01-23 05:36:57 0 d-----w- c:\programdata\ICQ
2010-01-23 05:36:34 0 d-----w- c:\program files\ICQ7.0
2010-01-23 05:29:03 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-23 05:28:53 0 d-----w- c:\programdata\Avira
2010-01-23 05:28:53 0 d-----w- c:\program files\Avira
2010-01-23 04:57:29 2421760 ----a-w- c:\windows\system32\wucltux.dll
2010-01-23 04:57:17 87552 ----a-w- c:\windows\system32\wudriver.dll
2010-01-23 04:57:08 33792 ----a-w- c:\windows\system32\wuapp.exe
2010-01-23 04:57:08 171608 ----a-w- c:\windows\system32\wuwebv.dll
2010-01-22 22:51:20 0 d-----w- c:\users\diana\appdata\roaming\Buhl Data Service GmbH
2010-01-22 12:35:02 16072 ----a-w- c:\windows\system32\results.xml
2010-01-22 12:31:46 381 ----a-w- c:\windows\WISO.INI
2010-01-22 12:31:31 0 d-----w- c:\windows\system32\ID Device ActiveX_reg
2010-01-22 12:31:27 0 d-----w- c:\programdata\Buhl Data Service GmbH
2010-01-22 12:31:27 0 d-----w- c:\program files\Buhl
2010-01-22 12:30:42 0 d-----w- c:\program files\DataDesign
2010-01-22 12:30:40 0 d-----w- c:\program files\Letstrade
2010-01-22 12:30:40 0 d-----w- c:\program files\common files\Buhl Data Service
2010-01-22 12:28:36 0 d-----w- c:\programdata\Apple Computer
2010-01-22 12:24:12 0 d-----w- c:\programdata\Nero
2010-01-22 12:24:12 0 d-----w- c:\program files\Nero
2010-01-22 12:21:00 0 d-----w- c:\windows\PCHEALTH
2010-01-22 12:21:00 0 d-----w- c:\program files\MSN Messenger
2010-01-22 12:19:55 69632 ----a-w- c:\windows\system32\javacpl.cpl
2010-01-22 12:16:39 47136 ----a-w- c:\windows\system32\msxm49cc.rra
2010-01-22 12:16:39 27168 ------w- c:\windows\system32\msxml3a.dll
2010-01-22 12:11:35 33820 ----a-w- c:\windows\system32\WMPrfDeu.prx
2010-01-22 12:11:27 0 d-----w- C:\MyWorks
2010-01-22 12:11:18 0 d-----w- c:\programdata\CyberLink
2010-01-22 12:11:13 33820 ----a-w- c:\windows\WMPrfDEU.prx
2010-01-22 12:11:12 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2010-01-22 12:10:48 89088 ------w- c:\windows\system32\atl71.dll
2010-01-22 12:10:48 502816 ------w- c:\windows\system32\msvcp71.dll
2010-01-22 12:10:48 1066544 ----a-w- c:\windows\system32\mfc71.dll
2010-01-22 12:10:48 1047552 ------w- c:\windows\system32\MFC71u.dll
2010-01-22 12:10:41 0 d-----w- c:\program files\HomeCinema
2010-01-22 12:09:14 0 d-----w- c:\programdata\Adobe
2010-01-22 12:05:41 13976 ----a-w- c:\windows\system32\drivers\x10hid.sys
2010-01-22 12:05:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-01-22 12:05:31 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-01-22 12:05:31 127184 ----a-w- c:\windows\Unwise.exe
2010-01-22 12:05:31 0 d-----w- c:\program files\X10 Hardware
2010-01-22 12:05:31 0 d-----w- c:\program files\common files\X10
2010-01-22 12:03:48 50752 ------w- c:\windows\system32\agrsmdel.exe
2010-01-22 12:03:33 9216 ----a-w- c:\windows\system32\agrsmsvc.exe
2010-01-22 12:03:33 50752 ----a-w- c:\windows\agrsmdel.exe
2010-01-22 12:03:33 13312 ----a-w- c:\windows\system32\agrscoin.dll
2010-01-22 12:03:33 1161888 ----a-w- c:\windows\system32\drivers\AGRSM.sys
2010-01-22 12:03:30 0 d-----w- c:\windows\Options
2010-01-22 12:02:53 81408 ----a-w- c:\windows\system32\drivers\Rtlh86.sys
2010-01-22 12:01:04 0 d-----w- c:\program files\Silicon Image
2010-01-22 11:59:03 553 ------r- c:\windows\USetup.iss
2010-01-22 11:57:12 2096 ----a-w- c:\windows\system32\iglhxc32.vp
2010-01-22 11:56:23 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-01-22 11:53:39 0 d-----w- c:\windows\system32\DEU
2010-01-22 11:53:13 308248 ----a-w- c:\windows\system32\drivers\iaStor.sys
2010-01-22 11:48:43 53248 ----a-r- c:\windows\system32\CSVer.dll
2010-01-22 11:48:29 0 d-----w- C:\Intel
2010-01-22 11:39:03 436224 ----a-w- c:\windows\system32\drivers\netr28.sys
2010-01-22 11:39:03 221184 ----a-w- c:\windows\system32\RaCoInst.dll
2010-01-22 11:39:03 15312 ----a-w- c:\windows\system32\RaCoInst.dat
2010-01-22 11:39:03 0 d-----w- c:\program files\RALINK
2010-01-22 11:36:16 0 d-----w- c:\program files\Fingerprint Sensor
2010-01-22 11:36:03 0 d-sh--w- c:\windows\Installer
2010-01-22 11:35:00 126976 ----a-w- c:\windows\system32\Imsmudlg.exe
2010-01-22 11:35:00 0 d-----w- c:\windows\system32\ENU
2010-01-22 11:34:24 0 d-----w- c:\program files\Launch Manager
2010-01-22 11:31:18 59392 ----a-w- c:\windows\system32\drivers\RTSTOR.sys
2010-01-22 11:31:18 5631520 ----a-w- c:\windows\system\DriveIcon.dll
2010-01-22 11:31:18 5430 ----a-w- c:\windows\system\MyMulti.ico
2010-01-22 11:31:18 38660 ----a-w- c:\windows\system\sd.ico
2010-01-22 11:31:18 37300 ----a-w- c:\windows\system\cf.ico
2010-01-22 11:31:18 37041 ----a-w- c:\windows\system\sm.ico
2010-01-22 11:31:18 34530 ----a-w- c:\windows\system\ms.ico
2010-01-22 11:30:03 0 d-----w- c:\program files\Realtek
2010-01-22 11:28:58 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2010-01-22 11:28:50 0 d-----w- c:\program files\Synaptics
2010-01-22 11:27:04 0 d-----w- C:\Medion
2010-01-22 11:03:01 0 d-sh--w- C:\$RECYCLE.BIN
2010-01-22 10:49:59 0 d-sh--we C:\Programme
2010-01-22 10:49:59 0 d-sh--we c:\programdata\Vorlagen
2010-01-22 10:49:59 0 d-sh--we c:\programdata\Startmenü
2010-01-22 10:49:59 0 d-sh--we c:\programdata\Favoriten
2010-01-22 10:49:59 0 d-sh--we c:\programdata\Dokumente
2010-01-22 10:49:59 0 d-sh--we c:\programdata\Anwendungsdaten
2010-01-22 10:49:59 0 d-sh--we c:\program files\Gemeinsame Dateien
2010-01-22 10:49:59 0 d-sh--we C:\Dokumente und Einstellungen
==================== Find3M ====================
2010-01-23 07:08:03 641344 ----a-w- c:\windows\system32\perfh007.dat
2010-01-23 07:08:03 116706 ----a-w- c:\windows\system32\perfc007.dat
2010-01-23 07:03:11 174 --sha-w- c:\program files\desktop.ini
2010-01-23 06:57:03 51200 ----a-w- c:\windows\inf\infpub.dat
2010-01-23 06:57:01 86016 ----a-w- c:\windows\inf\infstrng.dat
2010-01-23 06:57:01 86016 ----a-w- c:\windows\inf\infstor.dat
2010-01-23 06:57:01 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-01-23 06:49:29 72704 ----a-w- c:\windows\system32\admparse.dll
2010-01-23 06:49:28 832512 ----a-w- c:\windows\system32\wininet.dll
2010-01-23 06:49:22 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-23 06:49:22 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-01-23 06:49:17 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2010-01-23 06:49:14 56320 ----a-w- c:\windows\system32\iesetup.dll
2010-01-23 06:43:38 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-01-23 06:43:38 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-01-23 06:43:38 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-01-23 06:43:38 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-01-23 06:43:38 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-01-23 06:43:38 15360 ----a-w- c:\windows\system32\netevent.dll
2010-01-23 06:43:38 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-01-23 06:43:38 103936 ----a-w- c:\windows\system32\netiohlp.dll
2010-01-23 06:43:38 10240 ----a-w- c:\windows\system32\finger.exe
2010-01-23 06:43:36 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-01-23 06:43:36 22016 ----a-w- c:\windows\system32\netiougc.exe
2010-01-23 06:43:36 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2010-01-23 06:43:36 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2010-01-23 06:08:59 1963520 ----a-w- c:\windows\system32\NlsData0024.dll
2010-01-23 06:05:30 40960 ----a-w- c:\windows\system32\srclient.dll
2010-01-22 11:58:24 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-01-22 11:58:16 315392 ----a-w- c:\windows\HideWin.exe
2006-11-02 15:30:08 36916 ----a-w- c:\windows\inf\perflib\0407\perfd.dat
2006-11-02 15:30:08 36916 ----a-w- c:\windows\inf\perflib\0407\perfc.dat
2006-11-02 15:30:08 290748 ----a-w- c:\windows\inf\perflib\0407\perfi.dat
2006-11-02 15:30:08 290748 ----a-w- c:\windows\inf\perflib\0407\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 8:27:31,36 ===============
Attach:
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 22.01.2010 11:42:12
System Uptime: 23.01.2010 07:58:27 (1 hours ago)
Motherboard: MEDION | | WIM2150
Processor: Intel(R) Pentium(R) Dual CPU T2330 @ 1.60GHz | U2E1 | 1600/mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 59 GiB total, 30,945 GiB free.
D: is Removable
F: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
==== Installed Programs ======================
3531-W-D
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.0 - Deutsch
Agere Systems HDA Modem
Apple Software Update
AuthenTec Fingerprint Sensor Minimum Install
Avira AntiVir Personal - Free Antivirus
Azurewave Wireless LAN
CyberLink Power2Go
CyberLink YouCam
ICQ Toolbar
ICQ7
Intel(R) Graphics Media Accelerator Driver
Intel(R) Matrix Storage Manager
Java(TM) 6 Update 3
Launch Manager V1.5.0.5
Letstrade
MakeDisc
MediaShow
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB97368
Nero 8 Essentials
neroxml
NVIDIA Drivers
PC SpeedScan Pro
Performance Center
PhotoNow!
PowerDirector
PowerDVD
PowerProducer
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Synaptics Pointing Device Driver
VCRedistSetup
Windows Live Messenger
WISO Mein Geld 2008 Professional
X10 Hardware(TM)
YouCam
==== End Of File ===========================
________________________________________________________________
OTL Scan:
OTL logfile created on: 23.01.2010 08:29:50 - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Users\Diana\Desktop\Download
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 58,59 Gb Total Space | 30,94 Gb Free Space | 52,81% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: DIANA-PC
Current User Name: Diana
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010.01.23 08:28:07 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Diana\Desktop\Download\OTL.exe
PRC - [2010.01.23 08:11:26 | 12,005,336 | ---- | M] (Macrovision Corporation) -- C:\Users\Diana\Desktop\Download\SpeedScan_setup.exe
PRC - [2010.01.23 07:34:06 | 01,006,264 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2010.01.23 07:11:35 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.01.16 04:11:49 | 00,910,296 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.01.12 23:53:17 | 00,133,368 | ---- | M] (ICQ, Inc.) -- C:\Programme\ICQ7.0\ICQ.exe
PRC - [2010.01.03 17:07:48 | 00,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.08.19 15:42:56 | 00,192,000 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe
PRC - [2009.08.05 16:08:40 | 00,413,696 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WButton.exe
PRC - [2009.07.21 13:34:28 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.07.07 10:44:44 | 00,343,552 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\OSD.exe
PRC - [2009.05.13 15:48:18 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.04.17 09:01:48 | 00,366,849 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\guardgui.exe
PRC - [2009.03.04 09:27:42 | 00,113,152 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe
PRC - [2009.03.02 12:08:43 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.12.23 11:02:54 | 00,150,040 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
PRC - [2008.12.23 11:02:52 | 00,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008.12.23 11:02:50 | 00,154,136 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008.12.23 11:02:22 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007.12.17 11:02:28 | 04,718,592 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.10.17 15:42:40 | 00,128,296 | ---- | M] (CyberLink) -- C:\Programme\HomeCinema\Power2Go\CLMLSvc.exe
PRC - [2007.10.15 10:15:08 | 01,410,344 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.10.15 10:15:08 | 00,382,248 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexingService.exe
PRC - [2007.10.15 10:14:48 | 00,202,024 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2007.10.03 15:45:02 | 00,358,936 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007.10.03 15:44:58 | 00,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007.09.25 01:11:35 | 00,132,496 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Java\jre1.6.0_03\bin\jusched.exe
PRC - [2007.09.20 09:51:46 | 00,853,288 | ---- | M] (Nero AG) -- C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe
PRC - [2007.08.31 11:41:56 | 01,021,224 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007.08.31 11:04:26 | 00,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.02.09 20:51:34 | 00,071,216 | ---- | M] (Cyberlink Corp.) -- C:\Programme\HomeCinema\PowerDVD\PDVDServ.exe
PRC - [2007.01.19 12:55:00 | 05,674,352 | ---- | M] (Microsoft Corporation) -- C:\Programme\MSN Messenger\msnmsgr.exe
PRC - [2007.01.09 10:25:30 | 00,272,024 | R--- | M] () -- C:\Programme\CyberLink\Shared Files\RichVideo.exe
PRC - [2006.11.02 13:35:15 | 01,196,032 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2006.11.02 10:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2006.11.02 10:44:59 | 00,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006.10.05 12:10:12 | 00,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.09.01 15:57:48 | 00,282,624 | ---- | M] (Apple Computer, Inc.) -- C:\Programme\QuickTime\qttask.exe
PRC - [2001.11.12 13:31:48 | 00,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe
========== Modules (SafeList) ==========
MOD - [2010.01.23 08:28:07 | 00,547,328 | ---- | M] (OldTimer Tools) -- C:\Users\Diana\Desktop\Download\OTL.exe
MOD - [2006.11.02 10:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - [2010.01.23 07:34:06 | 00,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010.01.03 17:07:48 | 00,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.07.21 13:34:28 | 00,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.05.13 15:48:18 | 00,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.03.04 09:27:42 | 00,113,152 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2007.10.15 10:15:08 | 00,382,248 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2007.10.03 15:45:02 | 00,358,936 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.09.20 09:51:46 | 00,853,288 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3)
SRV - [2007.01.19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007.01.09 10:25:30 | 00,272,024 | R--- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2006.11.02 13:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006.10.05 12:10:12 | 00,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2001.11.12 13:31:48 | 00,020,480 | ---- | M] (X10) [Auto | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "www.web.de"
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.23 06:10:18 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.23 06:10:10 | 00,000,000 | ---D | M]
[2010.01.23 06:11:20 | 00,000,000 | ---D | M] -- C:\Users\Diana\AppData\Roaming\mozilla\Extensions
[2010.01.23 06:16:25 | 00,000,000 | ---D | M] -- C:\Users\Diana\AppData\Roaming\mozilla\Firefox\Profiles\120ezoaa.default\extensions
[2010.01.23 06:10:11 | 00,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.01.16 02:15:29 | 00,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.16 02:15:29 | 00,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.16 02:15:29 | 00,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.16 02:15:29 | 00,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.16 02:15:29 | 00,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\HomeCinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe File not found
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (Ascentive)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
O4 - HKLM..\Run: [RemoteControl] C:\Program Files\HomeCinema\PowerDVD\PDVDServ.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\HomeCinema\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\HomeCinema\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
========== Files/Folders - Created Within 14 Days ==========
[2010.01.23 08:12:38 | 00,036,864 | ---- | C] (CIPL) -- C:\Windows\System32\ascbalon.dll
[2010.01.23 08:12:36 | 00,020,480 | ---- | C] (Ascentive LLC) -- C:\Windows\System32\SysRestore.dll
[2010.01.23 08:12:20 | 00,000,000 | ---D | C] -- C:\Programme\Ascentive
[2010.01.23 08:12:10 | 00,000,000 | ---D | C] -- C:\PC SpeedScan Pro
[2010.01.23 06:39:16 | 00,000,000 | ---D | C] -- C:\Programme\MSXML 4.0
[2010.01.23 06:36:58 | 00,000,000 | ---D | C] -- C:\Programme\ICQ6Toolbar
[2010.01.23 06:36:57 | 00,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.01.23 06:36:46 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\ICQ
[2010.01.23 06:36:45 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\AOL
[2010.01.23 06:36:34 | 00,000,000 | ---D | C] -- C:\Programme\ICQ7.0
[2010.01.23 06:35:39 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Macromedia
[2010.01.23 06:35:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.01.23 06:29:03 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.01.23 06:29:03 | 00,056,816 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.01.23 06:29:01 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.01.23 06:28:53 | 00,000,000 | ---D | C] -- C:\Programme\Avira
[2010.01.23 06:28:53 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.01.23 06:25:11 | 00,000,000 | ---D | C] -- C:\Users\Diana\Desktop\Download
[2010.01.23 06:11:08 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Mozilla
[2010.01.23 06:11:08 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Mozilla
[2010.01.23 06:10:07 | 00,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.01.22 23:51:25 | 00,000,000 | ---D | C] -- C:\Users\Diana\Documents\Mein Geld
[2010.01.22 23:51:23 | 00,000,000 | ---D | C] -- C:\Users\Diana\Documents\WISO Mein Geld
[2010.01.22 23:51:21 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Buhl Data Service
[2010.01.22 23:51:20 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Buhl Data Service GmbH
[2010.01.22 13:31:31 | 00,000,000 | ---D | C] -- C:\Windows\System32\ID Device ActiveX_reg
[2010.01.22 13:31:27 | 00,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2010.01.22 13:31:27 | 00,000,000 | ---D | C] -- C:\Programme\Buhl
[2010.01.22 13:30:42 | 00,000,000 | ---D | C] -- C:\Programme\DataDesign
[2010.01.22 13:30:40 | 00,000,000 | ---D | C] -- C:\Programme\Letstrade
[2010.01.22 13:30:40 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Buhl Data Service
[2010.01.22 13:29:50 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Adobe
[2010.01.22 13:29:08 | 00,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.01.22 13:28:50 | 00,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.01.22 13:28:36 | 00,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.01.22 13:26:45 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Ahead
[2010.01.22 13:26:23 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Nero
[2010.01.22 13:24:12 | 00,000,000 | ---D | C] -- C:\Programme\Nero
[2010.01.22 13:24:12 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Nero
[2010.01.22 13:24:12 | 00,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.01.22 13:21:09 | 00,000,000 | ---D | C] -- C:\Users\Diana\Documents\Meine empfangenen Dateien
[2010.01.22 13:21:00 | 00,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.01.22 13:21:00 | 00,000,000 | ---D | C] -- C:\Programme\MSN Messenger
[2010.01.22 13:19:34 | 00,000,000 | ---D | C] -- C:\Programme\Java
[2010.01.22 13:19:33 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.01.22 13:12:45 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Power2Go
[2010.01.22 13:11:27 | 00,000,000 | ---D | C] -- C:\MyWorks
[2010.01.22 13:11:18 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\PowerCinema
[2010.01.22 13:11:18 | 00,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.01.22 13:11:12 | 00,000,000 | ---D | C] -- C:\Programme\CyberLink
[2010.01.22 13:10:41 | 00,000,000 | ---D | C] -- C:\Programme\HomeCinema
[2010.01.22 13:09:30 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Adobe
[2010.01.22 13:09:14 | 00,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.01.22 13:09:09 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.01.22 13:09:09 | 00,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.01.22 13:05:31 | 00,000,000 | ---D | C] -- C:\Programme\X10 Hardware
[2010.01.22 13:05:31 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\X10
[2010.01.22 13:03:48 | 00,050,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrsmdel.exe
[2010.01.22 13:03:33 | 01,161,888 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\AGRSM.sys
[2010.01.22 13:03:33 | 00,050,752 | ---- | C] (Agere Systems) -- C:\Windows\agrsmdel.exe
[2010.01.22 13:03:33 | 00,013,312 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrscoin.dll
[2010.01.22 13:03:33 | 00,009,216 | ---- | C] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
[2010.01.22 13:03:30 | 00,000,000 | ---D | C] -- C:\Windows\Options
[2010.01.22 13:02:53 | 00,081,408 | ---- | C] (Realtek Corporation ) -- C:\Windows\System32\drivers\Rtlh86.sys
[2010.01.22 13:01:04 | 00,000,000 | ---D | C] -- C:\Programme\Silicon Image
[2010.01.22 12:58:54 | 00,098,304 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RTKAUDIOSERVICE.EXE
[2010.01.22 12:58:44 | 00,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.01.22 12:58:21 | 00,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.01.22 12:58:21 | 00,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.01.22 12:58:21 | 00,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.01.22 12:58:21 | 00,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.01.22 12:58:20 | 04,718,592 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
[2010.01.22 12:58:19 | 00,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\maxxaudioapo.dll
[2010.01.22 12:57:01 | 00,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2010.01.22 12:53:39 | 00,000,000 | ---D | C] -- C:\Windows\System32\DEU
[2010.01.22 12:48:43 | 00,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2010.01.22 12:48:29 | 00,000,000 | ---D | C] -- C:\Intel
[2010.01.22 12:39:03 | 00,436,224 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr28.sys
[2010.01.22 12:39:03 | 00,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2010.01.22 12:39:03 | 00,000,000 | ---D | C] -- C:\Programme\RALINK
[2010.01.22 12:36:16 | 00,000,000 | ---D | C] -- C:\Programme\Fingerprint Sensor
[2010.01.22 12:36:03 | 00,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.01.22 12:35:00 | 00,000,000 | ---D | C] -- C:\Windows\System32\ENU
[2010.01.22 12:34:42 | 00,000,000 | ---D | C] -- C:\Programme\Intel
[2010.01.22 12:34:24 | 00,000,000 | ---D | C] -- C:\Programme\Launch Manager
[2010.01.22 12:31:08 | 00,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield
[2010.01.22 12:30:03 | 00,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.01.22 12:30:03 | 00,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.01.22 12:29:52 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\InstallShield
[2010.01.22 12:28:50 | 00,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.01.22 12:27:04 | 00,000,000 | ---D | C] -- C:\Medion
[2010.01.22 12:03:01 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010.01.22 12:02:56 | 00,000,000 | R--D | C] -- C:\Users\Diana\Searches
[2010.01.22 12:02:47 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Identities
[2010.01.22 12:02:46 | 00,000,000 | R--D | C] -- C:\Users\Diana\Contacts
[2010.01.22 12:02:45 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\VirtualStore
[2010.01.22 12:02:41 | 00,000,000 | --SD | C] -- C:\Users\Diana\AppData\Roaming\Microsoft
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Videos
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Saved Games
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Pictures
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Music
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Links
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Favorites
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Downloads
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Documents
[2010.01.22 12:02:41 | 00,000,000 | R--D | C] -- C:\Users\Diana\Desktop
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Vorlagen
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\AppData\Local\Verlauf
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\AppData\Local\Temporary Internet Files
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Startmenü
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\SendTo
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Recent
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Netzwerkumgebung
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Lokale Einstellungen
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Documents\Eigene Videos
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Documents\Eigene Musik
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Eigene Dateien
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Documents\Eigene Bilder
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Druckumgebung
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Cookies
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\AppData\Local\Anwendungsdaten
[2010.01.22 12:02:41 | 00,000,000 | -HSD | C] -- C:\Users\Diana\Anwendungsdaten
[2010.01.22 12:02:41 | 00,000,000 | -H-D | C] -- C:\Users\Diana\AppData
[2010.01.22 12:02:41 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Temp
[2010.01.22 12:02:41 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Local\Microsoft
[2010.01.22 12:02:41 | 00,000,000 | ---D | C] -- C:\Users\Diana\AppData\Roaming\Media Center Programs
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Programme
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.01.22 11:49:59 | 00,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.01.22 11:41:13 | 00,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.01.22 11:36:58 | 00,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 14 Days ==========
[2010.01.23 08:30:02 | 00,786,432 | -HS- | M] () -- C:\Users\Diana\NTUSER.DAT
[2010.01.23 08:12:47 | 00,000,205 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Striker.url
[2010.01.23 08:12:47 | 00,000,203 | ---- | M] () -- C:\Users\Public\Desktop\PC ScanAndSweep.url
[2010.01.23 08:12:47 | 00,000,202 | ---- | M] () -- C:\Users\Public\Desktop\Optimize Internet.url
[2010.01.23 08:12:45 | 00,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Performance Center.lnk
[2010.01.23 08:12:45 | 00,000,629 | ---- | M] () -- C:\Users\Public\Desktop\PC SpeedScan Pro.lnk
[2010.01.23 08:08:03 | 01,461,736 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.01.23 08:08:03 | 00,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.01.23 08:08:03 | 00,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.01.23 08:08:03 | 00,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.01.23 08:08:03 | 00,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.01.23 08:03:24 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.01.23 08:03:24 | 00,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.01.23 08:03:11 | 00,000,749 | RH-- | M] () -- C:\Windows\WindowsShell.Manifest
[2010.01.23 07:59:47 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.01.23 07:59:40 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.01.23 07:59:33 | 00,232,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.01.23 07:58:57 | 21,374,48448 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.23 07:55:58 | 03,619,976 | -H-- | M] () -- C:\Users\Diana\AppData\Local\IconCache.db
[2010.01.23 07:46:29 | 00,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h
[2010.01.23 07:40:45 | 01,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf
[2010.01.23 06:53:52 | 24,248,320 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.01.23 06:53:52 | 00,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.01.23 06:53:52 | 00,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.01.23 06:38:29 | 00,001,609 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.lnk
[2010.01.23 06:29:16 | 00,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.01.23 06:10:18 | 00,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.01.23 06:04:51 | 00,016,072 | ---- | M] () -- C:\Windows\System32\results.xml
[2010.01.22 13:46:13 | 00,002,536 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010.01.22 13:35:58 | 00,050,160 | ---- | M] () -- C:\Users\Diana\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.01.22 13:34:02 | 00,000,284 | ---- | M] () -- C:\Windows\tasks\AppleSoftwareUpdate.job
[2010.01.22 13:31:46 | 00,000,381 | ---- | M] () -- C:\Windows\WISO.INI
[2010.01.22 13:31:45 | 00,000,916 | ---- | M] () -- C:\Users\Public\Desktop\WISO Mein Geld 2008.lnk
[2010.01.22 13:29:17 | 00,001,726 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.01.22 13:21:02 | 00,001,848 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Messenger.lnk
[2010.01.22 13:09:17 | 00,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.01.22 12:55:05 | 00,000,680 | ---- | M] () -- C:\Users\Diana\AppData\Local\d3d9caps.dat
[2010.01.22 12:40:59 | 00,524,288 | -HS- | M] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.01.22 12:40:59 | 00,524,288 | -HS- | M] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.01.22 12:40:59 | 00,065,536 | -HS- | M] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.01.22 12:28:58 | 00,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010.01.22 12:14:05 | 00,006,144 | ---- | M] () -- C:\Users\Diana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.22 12:02:41 | 00,000,020 | -HS- | M] () -- C:\Users\Diana\ntuser.ini
[2010.01.22 11:42:11 | 00,054,990 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.01.22 11:35:59 | 00,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
========== Files Created - No Company Name ==========
[2010.01.23 08:12:47 | 00,000,205 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Striker.url
[2010.01.23 08:12:47 | 00,000,203 | ---- | C] () -- C:\Users\Public\Desktop\PC ScanAndSweep.url
[2010.01.23 08:12:47 | 00,000,202 | ---- | C] () -- C:\Users\Public\Desktop\Optimize Internet.url
[2010.01.23 08:12:38 | 00,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2010.01.23 08:12:36 | 00,217,088 | ---- | C] () -- C:\Windows\System32\AscConTest.dll
[2010.01.23 08:12:35 | 00,000,629 | ---- | C] () -- C:\Users\Public\Desktop\PC SpeedScan Pro.lnk
[2010.01.23 08:12:20 | 00,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Performance Center.lnk
[2010.01.23 07:46:28 | 00,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h
[2010.01.23 07:40:45 | 01,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2010.01.23 06:51:21 | 00,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf
[2010.01.23 06:51:21 | 00,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2010.01.23 06:51:20 | 24,248,320 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl
[2010.01.23 06:38:29 | 00,001,609 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.lnk
[2010.01.23 06:29:16 | 00,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.01.23 06:10:18 | 00,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.01.22 13:35:02 | 00,016,072 | ---- | C] () -- C:\Windows\System32\results.xml
[2010.01.22 13:33:33 | 21,374,48448 | -HS- | C] () -- C:\hiberfil.sys
[2010.01.22 13:31:46 | 00,000,381 | ---- | C] () -- C:\Windows\WISO.INI
[2010.01.22 13:31:45 | 00,000,916 | ---- | C] () -- C:\Users\Public\Desktop\WISO Mein Geld 2008.lnk
[2010.01.22 13:29:17 | 00,001,726 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.01.22 13:28:51 | 00,000,284 | ---- | C] () -- C:\Windows\tasks\AppleSoftwareUpdate.job
[2010.01.22 13:26:40 | 00,002,536 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
[2010.01.22 13:21:02 | 00,001,848 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Messenger.lnk
[2010.01.22 13:11:35 | 00,033,820 | ---- | C] () -- C:\Windows\System32\WMPrfDeu.prx
[2010.01.22 13:11:13 | 00,033,820 | ---- | C] () -- C:\Windows\WMPrfDEU.prx
[2010.01.22 13:09:17 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010.01.22 13:05:31 | 00,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2010.01.22 12:59:03 | 00,000,553 | R--- | C] () -- C:\Windows\USetup.iss
[2010.01.22 12:57:12 | 00,002,096 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2010.01.22 12:57:11 | 01,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2010.01.22 12:57:10 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2010.01.22 12:57:10 | 00,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2010.01.22 12:39:03 | 00,015,312 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010.01.22 12:31:18 | 05,631,520 | ---- | C] () -- C:\Windows\System\DriveIcon.dll
[2010.01.22 12:31:18 | 00,038,660 | ---- | C] () -- C:\Windows\System\sd.ico
[2010.01.22 12:31:18 | 00,037,300 | ---- | C] () -- C:\Windows\System\cf.ico
[2010.01.22 12:31:18 | 00,037,041 | ---- | C] () -- C:\Windows\System\sm.ico
[2010.01.22 12:31:18 | 00,034,530 | ---- | C] () -- C:\Windows\System\ms.ico
[2010.01.22 12:31:18 | 00,005,430 | ---- | C] () -- C:\Windows\System\MyMulti.ico
[2010.01.22 12:28:58 | 00,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2010.01.22 12:13:57 | 00,006,144 | ---- | C] () -- C:\Users\Diana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.22 12:02:43 | 00,000,680 | ---- | C] () -- C:\Users\Diana\AppData\Local\d3d9caps.dat
[2010.01.22 12:02:41 | 00,786,432 | -HS- | C] () -- C:\Users\Diana\NTUSER.DAT
[2010.01.22 12:02:41 | 00,524,288 | -HS- | C] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2010.01.22 12:02:41 | 00,524,288 | -HS- | C] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.01.22 12:02:41 | 00,065,536 | -HS- | C] () -- C:\Users\Diana\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.01.22 12:02:41 | 00,000,020 | -HS- | C] () -- C:\Users\Diana\ntuser.ini
[2008.12.23 10:51:20 | 00,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1624.dll
[2006.11.02 13:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006.11.02 08:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.09 10:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== LOP Check ==========
[2010.01.22 23:51:23 | 00,000,000 | ---D | M] -- C:\Users\Diana\AppData\Roaming\Buhl Data Service GmbH
[2010.01.23 06:55:17 | 00,000,000 | ---D | M] -- C:\Users\Diana\AppData\Roaming\ICQ
[2010.01.23 07:58:02 | 00,004,842 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >