PRJ Downloader

Dieses Thema im Forum "Viren, Würmer, Spyware" wurde erstellt von TIPower, 09.11.2008.

  1. #1 TIPower, 09.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    Hallo!
    Ich habe mir ein Backdoor und ein Trojandownloader eingefange nsie konnten nicht downloaden weil mein AntiVirus (Eset smart Security) hat rechtzeitig die verbindung beendet.

    Der Backdoor hieß:
    System.exe und wahr C:/
    der downloader wahr in der registry der eintrag hieß Windows Update.

    Hijackthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:30, on 2008-11-09
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\agrsmsvc.exe
    C:\Programme\abylonsoft\apmPro\APMPCtrlSer.exe
    C:\WINDOWS\Explorer.EXE
    C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Programme\Bonjour\mDNSResponder.exe
    C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Programme\ESET\ESET Smart Security\ekrn.exe
    C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Programme\ICQ6Toolbar\ICQ Service.exe
    C:\Programme\McAfee\SiteAdvisor\McSACore.exe
    C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
    C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
    C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Programme\Spyware Terminator\sp_rsser.exe
    C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\Dit.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
    C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
    C:\Programme\Java\jre1.6.0_07\bin\jusched.exe
    C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
    C:\Programme\Home Cinema\PowerCinema\PCMService.exe
    C:\Programme\ESET\ESET Smart Security\egui.exe
    C:\Programme\iTunes\iTunesHelper.exe
    C:\Programme\SlySoft\CloneCD\CloneCDTray.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Programme\Windows Media Player\WMPNSCFG.exe
    C:\Programme\Internet Download Manager\IDMan.exe
    C:\Programme\iPod\bin\iPodService.exe
    C:\Programme\Internet Download Manager\IEMonitor.exe
    C:\Programme\Winamp\winampa.exe
    C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
    C:\Programme\Mozilla Firefox 3 Beta 5\firefox.exe
    C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
    C:\Dokumente und Einstellungen\Ole\Desktop\Sachen\Avira\NfS Pro Street.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R3 - URLSearchHook: (no name) - - (no file)
    R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Programme\Internet Download Manager\IDMIECC.dll
    O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Programme\Crawler\Toolbar\ctbr.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programme\BitComet\tools\BitCometBHO_1.2.6.26.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Programme\Crawler\Toolbar\ctbr.dll
    O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [Dit] Dit.exe
    O4 - HKLM\..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Keyboard Status] C:\PROGRA~1\Medion\KeyStat\KeyStat.exe
    O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O5 "LPT1:" /M "Stylus D88"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [PCMService] "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [egui] "C:\Programme\ESET\ESET Smart Security\egui.exe" /hide /waitservice
    O4 - HKLM\..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_15_Download-Version\TrayServer.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Programme\Nero\Nero BackItUp 4\NBKeyScan.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CloneCDTray] "C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Programme\Gemeinsame Dateien\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
    O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [IDMan] C:\Programme\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [RetroRun] C:\Programme\RetroShare\RetroShare.exe -a
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
    O4 - HKUS\S-1-5-21-3198565141-1743790203-2898894196-1009\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NeroMediaHomeUser.4')
    O4 - HKUS\S-1-5-21-3198565141-1743790203-2898894196-1009\..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe (User 'NeroMediaHomeUser.4')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: abylon MANAGER.lnk = C:\Programme\abylonsoft\apmPro\APMPMgr.EXE
    O4 - Global Startup: abylonsoft Module aktivieren.lnk = C:\Programme\abylonsoft\apmPro\APMPSetup.EXE
    O4 - Global Startup: BlueSoleil.lnk = ?
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: Download aller Links mit IDM - C:\Programme\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download FLV-Videoinhalt mit IDM - C:\Programme\Internet Download Manager\IEGetVL.htm
    O8 - Extra context menu item: Download mit IDM - C:\Programme\Internet Download Manager\IEExt.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Programme\Bonjour\ExplorerPlugin.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programme\BitComet\tools\BitCometBHO_1.2.6.26.dll/206 (file missing)
    O9 - Extra button: Secret City - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6\ICQ.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1106843944468
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Programme\Crawler\Toolbar\ctbr.dll
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
    O23 - Service: apm - control service (apmctrl) - abylonsoft - Dr. Thomas Klabunde GbR - C:\Programme\abylonsoft\apmPro\APMPCtrlSer.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Bonjour-Dienst (Bonjour Service) - Apple Inc. - C:\Programme\Bonjour\mDNSResponder.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Programme\ESET\ESET Smart Security\EHttpSrv.exe
    O23 - Service: Eset Service (ekrn) - ESET - C:\Programme\ESET\ESET Smart Security\ekrn.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Programme\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Programme\iPod\bin\iPodService.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Programme\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: Nero MediaHome 4 Service (NeroMediaHomeService.4) - Nero AG - C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 13593 bytes

    Ist nicht mehr das sauberste aber die meisten einträge sind sauber , und die brauche ich noch .

    Malwarebytes:
    Fertig log unten

    Combofix:
    mach ich gleich.

    Counterspy:
    mach ich gleich Wenn ich es nich schaffe morgen

    Spywareterminator:
    mach ich morgen

    ESET SE:
    mach ich morgen
     
  2. AdMan

    schau mal hier: Windows-Wartungs-Tool. Viele Probleme lassen sich damit einfach beheben. Oftmals ist der PC dann auch schneller!
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  3. #2 TIPower, 09.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    Nur C:

    Malwarebytes' Anti-Malware 1.30
    Datenbank Version: 1378
    Windows 5.1.2600 Service Pack 3

    2008-11-09 21:35:31
    mbam-log-2008-11-09 (21-35-31).txt

    Scan-Methode: Quick-Scan
    Durchsuchte Objekte: 29001
    Laufzeit: 11 minute(s), 8 second(s)

    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 0
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 0

    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)

    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)

    Infizierte Registrierungswerte:
    (Keine bösartigen Objekte gefunden)

    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)

    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Dateien:
    (Keine bösartigen Objekte gefunden)


    ___________________________________________________________

    Quick scan:
    Malwarebytes' Anti-Malware 1.30
    Datenbank Version: 1378
    Windows 5.1.2600 Service Pack 3

    2008-11-09 21:23:47
    mbam-log-2008-11-09 (21-23-47).txt

    Scan-Methode: Quick-Scan
    Durchsuchte Objekte: 54502
    Laufzeit: 5 minute(s), 26 second(s)

    Infizierte Speicherprozesse: 0
    Infizierte Speichermodule: 0
    Infizierte Registrierungsschlüssel: 0
    Infizierte Registrierungswerte: 1
    Infizierte Dateiobjekte der Registrierung: 0
    Infizierte Verzeichnisse: 0
    Infizierte Dateien: 1

    Infizierte Speicherprozesse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Speichermodule:
    (Keine bösartigen Objekte gefunden)

    Infizierte Registrierungsschlüssel:
    (Keine bösartigen Objekte gefunden)

    Infizierte Registrierungswerte:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft WinUpdate (Backdoor.Bot) -> Quarantined and deleted successfully.

    Infizierte Dateiobjekte der Registrierung:
    (Keine bösartigen Objekte gefunden)

    Infizierte Verzeichnisse:
    (Keine bösartigen Objekte gefunden)

    Infizierte Dateien:
    C:\system.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

    ______________________________________________________________
     
  4. #3 TIPower, 09.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    spyware terminator:
    Logfile of Spyware Terminator v2.3.0.507 (db:2.011.007.000)
    Scan Time: 2008-11-09 21:39:08 length: 186 s
    Platform: WXP (5.1.0.2600)
    User: Admin
    Boot Mode: Normal
    Scan type: Fast_Spyware_Scan
    Scanned Objects: 79592 (Critical:0)
    Filter: No System items, No Safe items, No Invalid items

    Running Processes
    Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
    Ati2evxx.exe [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
    agrsmsvc.exe [Agere Systems] : C:\WINDOWS\system32\agrsmsvc.exe
    APMPCtrlSer.exe [abylonsoft - Dr. Thomas Klabunde GbR] : C:\Programme\abylonsoft\apmPro\APMPCtrlSer.exe
    AppleMobileDeviceService.exe [Apple Inc.] : C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    BTNtService.exe : C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
    CLCapSvc.exe : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    CLMLServer.exe [Cyberlink] : C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    ekrn.exe [ESET] : C:\Programme\ESET\ESET Smart Security\ekrn.exe
    CLMLService.exe [Cyberlink] : C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    ICQ Service.exe : C:\Programme\ICQ6Toolbar\ICQ Service.exe
    NBService.exe [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
    NMMediaServerService.exe [Nero AG] : C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
    IoctlSvc.exe [Prolific Technology Inc.] : C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
    PnkBstrA.exe : C:\WINDOWS\system32\PnkBstrA.exe
    StarWindServiceAE.exe [Rocket Division Software] : C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    CLSched.exe : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    Dit.exe [ICSI Technology Ltd.] : C:\WINDOWS\Dit.exe
    AGRSMMSG.exe [Agere Systems] : C:\WINDOWS\AGRSMMSG.exe
    KeyStat.exe : C:\Programme\Medion\KeyStat\KeyStat.exe
    E_FATIABE.EXE [SEIKO EPSON CORPORATION] : C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
    PDVDServ.exe [Cyberlink Corp.] : C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
    PCMService.exe [CyberLink Corp.] : C:\Programme\Home Cinema\PowerCinema\PCMService.exe
    egui.exe [ESET] : C:\Programme\ESET\ESET Smart Security\egui.exe
    X10nets.exe [X10] : C:\Programme\Common Files\X10\Common\X10nets.exe
    iPodService.exe [Apple Inc.] : C:\Programme\iPod\bin\iPodService.exe
    IEMonitor.exe [Tonec Inc.] : C:\Programme\Internet Download Manager\IEMonitor.exe
    firefox.exe [Mozilla Corporation] : C:\Programme\Mozilla Firefox 3 Beta 5\firefox.exe

    Internet Settings
    R - HKLM\Software\Microsoft\Internet Explorer\Main, SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R - HKLM\Software\Microsoft\Internet Explorer\Main, CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R - HKLM\Software\Microsoft\Internet Explorer\Search, SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    R - HKLM\Software\Microsoft\Internet Explorer\Search, CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    R - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, ProxyOverride = *.local
    R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
    R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

    BHO
    02 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - [BitComet] : C:\Programme\BitComet\tools\BitCometBHO_1.2.6.26.dll
    02 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - [McAfee, Inc.] : C:\Programme\McAfee\SiteAdvisor\McIEPlg.dll

    Toolbars
    03 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - [McAfee, Inc.] : C:\Programme\McAfee\SiteAdvisor\McIEPlg.dll
    03 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - [ICQ] : C:\Programme\ICQ6Toolbar\ICQToolBar.dll

    StartUps
    04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AlcoholAutomount : : C:\Programme\ALCOHOL SOFT\ALCOHOL 120\AXCMD.EXE
    04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RetroRun : : C:\Programme\RETROSHARE\RETROSHARE.EXE
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Dit : [ICSI Technology Ltd.] : C:\WINDOWS\Dit.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AGRSMMSG : [Agere Systems] : C:\WINDOWS\AGRSMMSG.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Keyboard Status : : C:\Programme\Medion\KeyStat\KeyStat.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, EPSON Stylus D88 Series : [SEIKO EPSON CORPORATION] : C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Adobe Reader Speed Launcher : [Adobe Systems Incorporated] : C:\Programme\ADOBE\READER 8.0\READER\READER_SL.EXE
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RemoteControl : [Cyberlink Corp.] : C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PCMService : [CyberLink Corp.] : C:\Programme\Home Cinema\PowerCinema\PCMService.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, egui : [ESET] : C:\Programme\ESET\ESET Smart Security\egui.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, TrayServer : [MAGIX AG] : C:\Programme\MAGIX\Video_deluxe_15_Download-Version\TrayServer.exe
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NBKeyScan : [Nero AG] : C:\Programme\NERO\NERO BACKITUP 4\NBKEYSCAN.EXE
    04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AppleSyncNotifier : [Apple Inc.] : C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    04 - Startup: %STARTUP%\abylon MANAGER.lnk [abylonsoft - Dr. Thomas Klabunde] : C:\Programme\abylonsoft\apmPro\APMPMgr.EXE
    04 - Startup: %STARTUPALL%\abylonsoft Module aktivieren.lnk [abylonsoft - Dr. Thomas Klabunde] : C:\Programme\abylonsoft\apmPro\APMPSetup.EXE
    04 - Startup: %STARTUPALL%\BlueSoleil.lnk [IVT Corporation] : C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe

    Shell Extensions
    RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Programme\Real\RealPlayer\rpshell.dll
    WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Programme\WinRAR\rarext.dll
    TuneUp Theme Extension - {44440D00-FF19-4AFC-B765-9A0970567D97} - [TuneUp Software GmbH] : C:\WINDOWS\system32\uxtuneup.dll
    Eset Smart Security - Context Menu Shell Extension - {B089FE88-FB52-11D3-BDF1-0050DA34150D} - [ESET] : C:\Programme\ESET\ESET Smart Security\shellExt.dll
    NeroCoverEdLiveIcons Class - {97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} - [Nero AG] : C:\Programme\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
    NeroDigitalIconHandler Class - {1CA6BBC9-E9FA-4021-822B-075DF1837B63} - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
    NeroDigitalPropSheetHandler Class - {846083A4-BFC6-4447-985C-6578B466A7D7} - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
    NeroDigitalColumnHandler Class - {C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
    NeroDigitalInfoHandler Class - {4FBFFA8D-F390-471a-AE46-FEB93623AD63} - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
    NeroDigitalThumbnailHandler Class - {EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\SMC\NeroDigitalExt.dll
    iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - [Apple Inc.] : C:\Programme\iTunes\iTunesMiniPlayer.dll

    Protocol Handler
    McAfee SACore Protocol Handler - {5513F07E-936B-4E52-9B00-067394E91CC5} - [McAfee, Inc.] : C:\Programme\McAfee\SiteAdvisor\McIEPlg.dll

    Services
    23 - [Philips Semiconductors GmbH] : C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
    23 - [Meetinghouse Data Communications] : C:\WINDOWS\system32\DRIVERS\AegisP.sys
    23 - [Agere Systems] : C:\WINDOWS\system32\agrsmsvc.exe
    23 - [Agere Systems] : C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    23 - [abylonsoft - Dr. Thomas Klabunde GbR] : C:\Programme\abylonsoft\apmPro\APMPCtrlSer.exe
    23 - [abylonsoft] : C:\WINDOWS\system32\drivers\APMDrive.sys
    23 - [Apple Inc.] : C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    23 - [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.exe
    23 - [IVT Corporation] : C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
    23 - : C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
    23 - [IVT Corporation] : C:\WINDOWS\system32\Drivers\btcusb.sys
    23 - : C:\WINDOWS\system32\DRIVERS\vbtenum.sys
    23 - [IVT Corporation] : C:\WINDOWS\system32\Drivers\BTHidMgr.sys
    23 - : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
    23 - : C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
    23 - [C-Media Inc.] : C:\WINDOWS\system32\drivers\cmudax.sys
    23 - [Cyberlink] : C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    23 - [ESET] : C:\WINDOWS\system32\DRIVERS\eamon.sys
    23 - [ESET] : C:\WINDOWS\system32\DRIVERS\easdrv.sys
    23 - [ESET] : C:\Programme\ESET\ESET Smart Security\ekrn.exe
    23 - [SlySoft, Inc.] : C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
    23 - [Elaborate Bytes AG] : C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
    23 - [ESET] : C:\WINDOWS\system32\DRIVERS\epfw.sys
    23 - [ESET] : C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
    23 - [ESET] : C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
    23 - [GEAR Software Inc.] : C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    23 - : C:\Programme\ICQ6Toolbar\ICQ Service.exe
    23 - [Apple Inc.] : C:\Programme\iPod\bin\iPodService.exe
    23 - [Nero AG] : C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
    23 - [Nero AG] : C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe
    23 - [Prolific Technology Inc.] : C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
    23 - : C:\WINDOWS\system32\PnkBstrA.exe
    23 - [Ralink Technology Inc.] : C:\WINDOWS\system32\DRIVERS\rt2500usb.sys
    23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfdrv01.sys
    23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfhlp02.sys
    23 - [Protection Technology] : C:\WINDOWS\system32\drivers\sfsync03.sys
    23 - [Protection Technology (StarForce)] : C:\WINDOWS\system32\drivers\sfsync04.sys
    23 - : C:\WINDOWS\system32\Drivers\sptd.sys
    23 - [Rocket Division Software] : C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
    23 - [Acronis] : C:\WINDOWS\system32\DRIVERS\tifsfilt.sys
    23 - [Acronis] : C:\WINDOWS\system32\DRIVERS\timntr.sys
    23 - [IVT Corporation] : C:\WINDOWS\system32\DRIVERS\VComm.sys
    23 - [IVT Corporation] : C:\WINDOWS\system32\Drivers\VcommMgr.sys
    23 - [Winbond Electronics Corp.] : C:\WINDOWS\system32\drivers\wbscr.sys
    23 - [X10] : C:\Programme\Common Files\X10\Common\X10nets.exe
    23 - [X10 Wireless Technology, Inc.] : C:\WINDOWS\system32\Drivers\x10ufx2.sys

    Winlogon Notify
    HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent, DLLName : [ATI Technologies Inc.] : C:\WINDOWS\system32\Ati2evxx.dll

    IE URL Search Hooks
    ICQToolBar - {{855F3B16-6D32-4fe6-8A56-BBB695989046}} - [ICQ] : C:\Programme\ICQ6Toolbar\ICQToolBar.dll

    Advanced Files Report
    %SYSDIR%\Ati2evxx.dll [ATI Technologies Inc.] [ATI External Event Utility for NT, W2K and W9X] MD5=62733C611488FAB76DEB1E66C96A443F SIZE=61440
    %SYSDIR%\Ati2evxx.exe [ATI Technologies Inc.] [ATI External Event Utility for WindowsNT and Windows9X] MD5=BBA22521D24625C7A7B8D57FB20A812E SIZE=405504
    %SYSDIR%\Ati2edxx.dll [ATI Technologies, Inc.] [ATI External Device Utility] MD5=24DCA3ABCC5E6C37330CA8659D0F763D SIZE=40960
    %SYSDIR%\uxtuneup.dll [TuneUp Software GmbH] [TuneUp Utilities] MD5=838C97B3D28BFEBDD11D12ADFE957004 SIZE=28416
    %SYSDIR%\E_FLMABE.DLL [SEIKO EPSON CORPORATION] [EPSON Bi-directional Printer] MD5=7AEC176A5DE912D440E3B37120E2E38F SIZE=79679
    %SYSDIR%\spool\DRIVERS\W32X86\3\E_FUICABE.DLL [SEIKO EPSON CORP.] [EPSON Color Printing System] MD5=D7C4906F72AAA4DFEDFBAE238E8F69D5 SIZE=521728
    %SYSDIR%\spool\DRIVERS\W32X86\3\E_FMAIABE.DLL [SEIKO EPSON Corporation] [EPSON Color Printing System] MD5=F2F1E908AE051099EF276A31E0E04FEF SIZE=72704
    %SYSDIR%\E_FBCBABE.DLL [SEIKO EPSON CORPORATION] [EPSON CBT Engine] MD5=287D9CFC80A94E62437E7CAC7EB32979 SIZE=64000
    %SYSDIR%\E_FBCHABE.DLL [SEIKO EPSON CORPORATION] [EPSON Bidirectional Printer Driver] MD5=3670675EEA8136995287DFB1B7650A5D SIZE=34304
    %SYSDIR%\spool\DRIVERS\W32X86\3\E_FDSPABE.DLL [SEIKO EPSON Corporation] [EPSON Color Printing System] MD5=66FA985C6FCF1C9656B15532A115A5B4 SIZE=55296
    %SYSDIR%\spool\DRIVERS\W32X86\3\E_FJBCABE.DLL [SEIKO EPSON Corporation] [EPSON Color Printing System] MD5=F42A6E4A760CDDC7B6EC64C88BC88765 SIZE=329216
    %SYSDIR%\spool\DRIVERS\W32X86\3\E_FGRCABE.DLL [SEIKO EPSON CORP.] [EPSON Color Printing System] MD5=638270636E85D933FFD3CB3B3CAA3A36 SIZE=77824
    %SYSDIR%\agrsmsvc.exe [Agere Systems] [Agere Soft Modem Call Progress Service] MD5=EFBC44FBD75E4F80BD927AEBF6E7EADE SIZE=13312
    %PROGRAMFILES%\abylonsoft\apmPro\APMPCtrlSer.exe [abylonsoft - Dr. Thomas Klabunde GbR] [abylon protection manager] MD5=11D3D2D7A9F64DEBA59A4EDB84179469 SIZE=231760
    %PROGRAMFILES%\abylonsoft\apmPro\APMPLANG.DLL [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=73FDEE58BD702644C33CDCC92EBF024F SIZE=278864
    %PROGRAMFILES%\abylonsoft\apmPro\APMPCMN32.DLL [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=FC5D51FA0A3D51B2254AA9AAF36504EC SIZE=1584976
    %PROGRAMFILES%\abylonsoft\apmPro\APMPTOOLS.DLL [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=53A51012AB19C61E96EA3500B089836F SIZE=1332560
    %PROGRAMFILES%\McAfee\SiteAdvisor\saHook.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=1B02E5A19F2C1678E719F9A4EA6C8B7C SIZE=13840
    %PROGRAMFILES%\FileZilla FTP Client\fzshellext.dll [fzshellext Dynamic Link Library] MD5=4C1B9F9B127FF56CD6FF5B5DBBE83DA0 SIZE=94720
    %PROGRAMFILES%\Internet Download Manager\idmmkb.dll [Tonec Inc.] [Internet Download Manager] MD5=2DAD6798DFEF87D21E58CF58F0EAE807 SIZE=34488
    %COMMONFILES%\Nero\SMC\NeroDigitalExt.dll [Nero AG] [Nero Digital Tools] MD5=E37A11DC6D87BB330C5573364C5A61BC SIZE=2061608
    %PROGRAMFILES%\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation] [Malwarebytes' Anti-Malware] MD5=B3D6BE8F68F4AAF9065B3A77E236F6DD SIZE=73336
    %PROGRAMFILES%\Nero\Nero 7\Nero BackItUp\NBShell.dll [Nero AG] [Nero BackItUp] MD5=83DC1CE64D202BF50B9220BA906F2D51 SIZE=73728
    %PROGRAMFILES%\Nero\Nero BackItUp 4\NBShell.dll [Nero AG] [Nero BackItUp] MD5=FAD6FE7CEDC72FEEC7589024B63D990D SIZE=283944
    %PROGRAMFILES%\WinRAR\rarext.dll MD5=023707D932BA31314210E6844D33D500 SIZE=129024
    %PROGRAMFILES%\ESET\ESET Smart Security\shellExt.dll [ESET] [ESET Smart Security] MD5=A324697AEB23F0D56A1C9C608FA7280A SIZE=169216
    %PROGRAMFILES%\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG] [Cover Designer] MD5=9773310152596C693B6AEC905B59AE82 SIZE=2135336
    %PROGRAMFILES%\abylonsoft\apmPro\APMPOle.dll [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=BB7502F851619207A30281A4220936DA SIZE=633680
    %SYSDIR%\CmdLineExt03.dll MD5=DB11C63CDBAA1845AD90570EB62C760F SIZE=43520
    %COMMONFILES%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [Apple Inc.] [Apple Mobile Device Service] MD5=B8E865D24F2753A35CC2A9A6A3CE1AD4 SIZE=116040
    %PROGRAMFILES%\IVT Corporation\BlueSoleil\BTNtService.exe MD5=29D286066519E5D0BDFDEB4FB81105AB SIZE=106496
    %PROGRAMFILES%\IVT Corporation\BlueSoleil\Driver\USB\btcusb.dll [IVT Corporation] [IVT usb driver for Bluetooth device] MD5=DD7BCFAEFD650D1372BA8145BC7C9CBF SIZE=32768
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe [CLCapSvc Module] MD5=E2604A34DA5347BEA3746886DCA6D272 SIZE=184399
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLCapEngine.dll [CLCapEngine Dynamic Link Library] MD5=2DF222E390F9CA981ECE7B666AD278E6 SIZE=172117
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\PCMRRec4.dll [CyberLink Corp.] [CyberLink CLRec4.1] MD5=F733F5F80688D4F0F46F08FD6A5910A3 SIZE=1675264
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLCapSvcps.dll MD5=508369E7E9F9036D98AB6354D771A7FC SIZE=28672
    %PROGRAMFILES%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [Cyberlink] [Cyberlink Media Library Server] MD5=2BB11CD367D49098D57A8638ADB5BCF6 SIZE=24576
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrn.exe [ESET] [ESET Smart Security] MD5=09549E695970ED5D53404DCF1D774F4E SIZE=468224
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnScan.dll [ESET] [ESET Smart Security] MD5=E1AF666015F95743217D1A3FFE86008B SIZE=156928
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnAmon.dll [ESET] [ESET Smart Security] MD5=F0266CC055AD49CBA09D9D41B941F545 SIZE=136448
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnEmon.dll [ESET] [ESET Smart Security] MD5=AF49A59FBB23ED110ED9E77125910FD1 SIZE=103680
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnEpfw.dll [ESET] [ESET Smart Security] MD5=C79BE9006B631910C396D9D555B09142 SIZE=259328
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnSmon.dll [ESET] [ESET Smart Security] MD5=AE2838825E8653FAFDB133530F0D82D7 SIZE=189696
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnUpdate.dll [ESET] [ESET Smart Security] MD5=BBA93648CDBDB4D53165CE668E3774FC SIZE=140544
    %PROGRAMFILES%\ESET\ESET Smart Security\updater.dll [ESET] [ESET Smart Security] MD5=08B04B69399DAF6DAAED5DA74B7FF354 SIZE=173312
    %PROGRAMFILES%\ESET\ESET Smart Security\ekrnMailPlugins.dll [ESET] [ESET Smart Security] MD5=27359928E47515D9E5C8C2559B13C7D7 SIZE=103680
    %PROGRAMFILES%\CyberLink\Shared Files\CLML_NTService\CLMLService.exe [Cyberlink] [Cyberlink MediaLibrary NT Service] MD5=0B591A91E838A1C6D11920491C42199E SIZE=737379
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\HomeNetWorking\CLNetMedia.dll [CLNetMedia Module] MD5=DEA8CA9F4B7355F765E883BF3002D06C SIZE=229458
    %PROGRAMFILES%\ICQ6Toolbar\ICQ Service.exe [ICQIEUpdater Module] MD5=A4E43A7AB1202356BEBEB6B798F15488 SIZE=222456
    %PROGRAMFILES%\McAfee\SiteAdvisor\apengine.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=F65D6F6FD2A532663D049BDC78B28914 SIZE=117264
    %PROGRAMFILES%\McAfee\SiteAdvisor\saupkeep.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=EA3B19869A46D8EB7AEB12DC732152B6 SIZE=351248
    %PROGRAMFILES%\McAfee\SiteAdvisor\mcfrmwk.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=B6DD9824B94F89D6603ED8251376C56A SIZE=71696
    %PROGRAMFILES%\McAfee\SiteAdvisor\cntscan.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=8C98CA521207BE5D614C7E69601194F6 SIZE=207376
    %PROGRAMFILES%\McAfee\SiteAdvisor\SACore.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=0CF3376C87913786D0F9EAB3DC9C8A19 SIZE=652304
    %PROGRAMFILES%\McAfee\SiteAdvisor\SASet.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=DD6124ED3EF2AE9B02A0438FB1EC354B SIZE=310800
    %PROGRAMFILES%\McAfee\SiteAdvisor\McSACorePS.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=5B66744F2FEECC9980AA749FA46320D4 SIZE=56336
    %COMMONFILES%\Nero\Nero BackItUp 4\NBService.exe [Nero AG] [Nero BackItUp] MD5=C7F5C284B6F46FCAF6910EA4E644700B SIZE=935208
    %COMMONFILES%\Nero\Nero BackItUp 4\NB.dll [Nero AG] [Nero BackItUp] MD5=A2FF2A9A3099C1C2F0392746AA55E933 SIZE=1152296
    %COMMONFILES%\Nero\Nero BackItUp 4\LBFC.dll [Nero AG] [Nero BackItUp] MD5=82E139A863734C238AF57A20359F980C SIZE=451880
    %COMMONFILES%\Nero\Nero BackItUp 4\NBBurn.dll [Nero AG] [Nero BackItUp] MD5=6DB2004232DD9F21C6BED8AD2AFDC48A SIZE=275752
    %COMMONFILES%\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll [Nero AG] [NeroAPIGlueLayerUnicode] MD5=8BC19EF0C11DE279DD93D809B6404BF8 SIZE=165160
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NMMediaServerService.exe [Nero AG] [Nero MediaHome] MD5=E724D7C550EAA05590121EC0415F7F44 SIZE=427304
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScCoreComponents\NMLogCxx.dll [Nero AG] [Nero Scout] MD5=3CF187134E0CDA6F35BA33534964B7BA SIZE=69632
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScCoreComponents\log4cxx.dll [Nero AG] [Nero Home] MD5=2ED0CE940097BD29F5A9E228C8E0A0F0 SIZE=823296
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NMMediaServer.dll [Nero AG] [Nero MediaHome] MD5=EFFDEB100A9AD3F861C03D12F224F04A SIZE=4842792
    %COMMONFILES%\Nero\AdvrCntr4\AdvrCntr4.dll [Nero AG] [AdvrCntr Module] MD5=FB02BF58322104FF67F149600ED77DF1 SIZE=5723432
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScCoreComponents\NMDataServices.dll [Nero AG] [Nero Scout] MD5=B25824771010CD64BD67128B433CC6BB SIZE=3301376
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScCoreComponents\NMPluginBase.dll [Nero AG] [Nero Scout] MD5=4C6AA1E473D57660CFE69EBEDC26FE45 SIZE=155648
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScCoreComponents\NMCoFoundation.dll [Nero AG] [Nero Scout] MD5=7A751FFFB63308F9B9A155B73F9C1C20 SIZE=724992
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScDataServicesAddOns\NMHDirServices.dll [Nero AG] [Nero Scout] MD5=48662407EAB2E2FE4FD4088BEA0FC0B8 SIZE=712704
    %PROGRAMFILES%\Nero\Nero MediaHome 4\OnlineServices\NOSInternetServices.dll [Nero AG] [Nero Online Services] MD5=EE12A957BB9546396A3814C4506F14FD SIZE=1844520
    %PROGRAMFILES%\Nero\Nero MediaHome 4\Nero.UPnPServices\NMUPnPServices.dll [Nero AG] [Nero MediaHome] MD5=6354F4FE9C05CA0563270C33A0DBBAEC SIZE=1312040
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScMediaLibrary\NMIndexStoreServer.dll [Nero AG] [Nero Scout] MD5=899D95E2C92395C16F7CF10A81FD7A99 SIZE=1867776
    %PROGRAMFILES%\Nero\Nero MediaHome 4\NScMediaLibrary\NMSQLDB.dll [Nero AG] [Nero Scout] MD5=B7849553DFAEFD60B3371E45848F8950 SIZE=274432
    %PROGRAMFILES%\Nero\Nero MediaHome 4\SMC\NeMetaData.dll [Nero AG] [NeMetaData] MD5=6349F4D9BF26967BCF51A3CF9F4D2558 SIZE=1496360
    %PROGRAMFILES%\Nero\Nero MediaHome 4\PTT\NMTVServices.dll [Nero AG] [Nero TV Services Dynamic Link Library] MD5=89DC9CD19581E50D240500B8D39A1DB0 SIZE=1619240
    %PROGRAMFILES%\Nero\Nero MediaHome 4\PTT\NMTTranscoder.dll [Nero AG] [Nero Transcoder Dynamic Link Library] MD5=D6990DDC651CE1DCA90194A65092D033 SIZE=1647912
    %PROGRAMFILES%\Nero\Nero MediaHome 4\OnlineServices\NOSMyNeroRegistration.dll [Nero AG] [Nero Online Services] MD5=FF82DF7B19CC9885E0573D497526D229 SIZE=2241832
    %PROGRAMFILES%\Nero\Nero MediaHome 4\OnlineServices\iconv.dll [Free Software Foundation] [libiconv: character set conversion library] MD5=BC843993F8F7EE886FE78480F0C7242A SIZE=913408
    %PROGRAMFILES%\Nero\Nero BackItUp 4\IoctlSvc.exe [Prolific Technology Inc.] [IoctlSvc Application] MD5=875E4E0661F3A5994DF9E5E3A0A4F96B SIZE=81920
    %SYSDIR%\PnkBstrA.exe MD5=831883B107684301F48ACE752C963984 SIZE=66872
    %PROGRAMFILES%\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [Rocket Division Software] [StarWind Alcohol Edition] MD5=B1691AF4A072CB674D600DB16DD7308E SIZE=275968
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe [CLSched Module] MD5=C4AAA6C350856DDA4B4E07563FBFC1CF SIZE=110669
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLSchMgr.dll [CLSchMgr Dynamic Link Library] MD5=248887BE4DE21368782407FD99A65B28 SIZE=61519
    %PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdsxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=F4EE8A7C4C2951C606B4D1D7A9125B23 SIZE=258048
    %PROGRAMFILES%\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.DEU [ATI Technologies, Inc.] [ATI Desktop Component] MD5=40FAC97EF0BE6730FC84B21BE2A1C159 SIZE=155648
    %PROGRAMFILES%\ATI Technologies\ATI Control Panel\atipdxxx.dll [ATI Technologies, Inc.] [ATI Desktop Component] MD5=DD86126B5D4BE1E2E27CEE396D49E507 SIZE=73728
    %PROGRAMFILES%\Common Files\X10\Common\x10net.dll [X10 Wireless Technology, Inc.] [X10net Module] MD5=8C2B05054F9CDC827ECBE7734DCFD065 SIZE=1089536
    %PROGRAMFILES%\Home Cinema\PowerCinema\helper.dll [CyberLink Corp.]
     
  5. #4 TIPower, 09.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    [CyberLink Helper] MD5=18561A0CD407BE85346B10398EF916E4 SIZE=57398
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\common\CLRCEngine3.dll [CyberLink Corp.] [Cyberlink PowerCinema] MD5=76FD877DF822824F55BF88583A6F4762 SIZE=45200
    %PROGRAMFILES%\Home Cinema\PowerCinema\Kernel\TV\CLCapX.dll [Cyberlink] [Cyberlink CLCapX] MD5=01FB3B641768260BC3D7A9A44200CAA4 SIZE=168011
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiScan.dll [ESET] [ESET Smart Security] MD5=39E495F6C09E1F69ED1F5B2182745501 SIZE=275712
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiAmon.dll [ESET] [ESET Smart Security] MD5=97A6F1036F15EEE80A4B02DB680D8D3B SIZE=103680
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiEmon.dll [ESET] [ESET Smart Security] MD5=A71FE3851F6F629D0D8FCC3F52BB17B5 SIZE=107776
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiEpfw.dll [ESET] [ESET Smart Security] MD5=96786F0C1FD762109AEEBC9DD5A42E9B SIZE=771328
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiSmon.dll [ESET] [ESET Smart Security] MD5=BA7F5ACD6496E05F208F2B2C4A7ADC56 SIZE=152832
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiUpdate.dll [ESET] [ESET Smart Security] MD5=D4BDFC1C6DCC2A6481BE35ACF0115E2D SIZE=226560
    %PROGRAMFILES%\ESET\ESET Smart Security\eguiMailPlugins.dll [ESET] [ESET Smart Security] MD5=728B2D4C60B58D6D2EBA1535FBDD9081 SIZE=91392
    %PROGRAMFILES%\iTunes\iTunesHelper.Resources\de.lproj\iTunesHelperLocalized.DLL [Apple Inc.] [iTunes] MD5=DD750C2D95E642E3D95DF3DD3788886F SIZE=43520
    %PROGRAMFILES%\iTunes\iTunesHelper.Resources\iTunesHelper.DLL [Apple Inc.] [iTunes] MD5=D723885BC459EEE7DB7A82CDED01C5CD SIZE=42496
    %PROGRAMFILES%\QuickTime\QTSystem\QuickTime.qts [Apple Inc.] [QuickTime] MD5=AFDCC9F772B713C98FA28392E7A4BF4A SIZE=13217792
    %COMMONFILES%\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll [Apple Inc.] [iTunesMobileDevice] MD5=A6CCD1900DDEE95A2158D10FC00EC31C SIZE=1191936
    %SYSDIR%\ElbyCDIO.dll [Elaborate Bytes AG] [Elaborate Bytes CDRTools] MD5=A9095F0297E0B7A064660CC4D4F83B7A SIZE=69632
    %PROGRAMFILES%\Common Files\X10\Common\X10nets.exe [X10] [x10 Module] MD5=5A0C788C5BC5F2C993CB60940ADCF95E SIZE=20480
    %PROGRAMFILES%\iPod\bin\iPodService.exe [Apple Inc.] [iTunes] MD5=D2E8EFB8AF35FCF5A7AF22F5A0CE1A82 SIZE=536872
    %PROGRAMFILES%\iPod\bin\iPodService.Resources\de.lproj\iPodServiceLocalized.DLL [Apple Inc.] [iTunes] MD5=1344790F472B105921EBC7531CC49548 SIZE=43520
    %PROGRAMFILES%\iPod\bin\iPodService.Resources\iPodService.DLL [Apple Inc.] [iTunes] MD5=2F5DF20959E1AB594C8649CF7846604A SIZE=42496
    %PROGRAMFILES%\Internet Download Manager\IEMonitor.exe [Tonec Inc.] [IEMonitor Application] MD5=52B3F695EDC908F3575A6834311E2968 SIZE=251312
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\firefox.exe [Mozilla Corporation] [Firefox] MD5=BAC6F7DE724D7F30EBD78648C86B4617 SIZE=307712
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\xul.dll [Mozilla Foundation] [Firefox] MD5=FBF4A948BAD674F619E6D7781CC6B2FE SIZE=9729536
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\sqlite3.dll [sqlite.org] [SQLite Database Library] MD5=99A4D62E1CA4DCD610AFB64F194C1FFA SIZE=395776
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\MOZCRT19.dll [Mozilla Foundation] [Mozilla Custom C Runtime] MD5=1D29CBBE7D65385452A5BC93B1B97719 SIZE=710144
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\js3250.dll [Netscape Communications Corporation] [NETSCAPE] MD5=AFF2C092F6240CE592D75E60667851C2 SIZE=697344
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\nspr4.dll [Mozilla Foundation] [Netscape Portable Runtime] MD5=2A7FC9E36D4B10C78899D6CDDD31F734 SIZE=198144
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\smime3.dll [Mozilla Foundation] [Network Security Services] MD5=0F7283658DCA51BCACE7249AE0D58BEB SIZE=103936
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\nss3.dll [Mozilla Foundation] [Network Security Services] MD5=15B8EEF3649D490648765289A9336B71 SIZE=697856
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\nssutil3.dll [Mozilla Foundation] [Network Security Services] MD5=30B9879E2993F47586FE2429C056BCB3 SIZE=87552
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\plc4.dll [Mozilla Foundation] [Netscape Portable Runtime] MD5=D94F4FE8B030A3B7E27AAB70CE341A21 SIZE=20480
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\plds4.dll [Mozilla Foundation] [Netscape Portable Runtime] MD5=C822704A3355DE4C88138D4C7B71E864 SIZE=17408
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\ssl3.dll [Mozilla Foundation] [Network Security Services] MD5=A617B36BD25C6D3DEF8852DFB6F5542B SIZE=136704
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\xpcom.dll [Mozilla Foundation] [Firefox] MD5=3554E4E4324EE08A44430EB51059F101 SIZE=17920
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\components\browserdirprovider.dll [Mozilla Foundation] [Firefox] MD5=A5BC08A55B522DC29B5DB9B5024D7EB8 SIZE=23040
    %APPDATA%\IDM\idmmzcc2\components\idmmzcc.dll [Tonec Inc.] [Internet Download Manager module] MD5=E432EC75E1761996E1F96947FE2333C2 SIZE=165296
    %APPDATA%\Mozilla\Firefox\Profiles\mk6ekwy7.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll MD5=60E247C66B6CD02B62E58CF9413F6AB1 SIZE=696320
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\softokn3.dll [Mozilla Foundation] [Network Security Services] MD5=4101BDEC4E6A49EF30437D3F8D67D39D SIZE=151552
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\nssdbm3.dll [Mozilla Foundation] [Network Security Services] MD5=D69B73478347C2E89EA26C3DF1906BBC SIZE=103936
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\freebl3.dll [Mozilla Foundation] [Network Security Services] MD5=10923B9982625F4528B0706BEB94CC0A SIZE=233472
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\nssckbi.dll [Mozilla Foundation] [Network Security Services] MD5=2F678C48CDC94EC4A92BC67B67B44CEB SIZE=304640
    %PROGRAMFILES%\Mozilla Firefox 3 Beta 5\components\brwsrcmp.dll [Mozilla Foundation] [Firefox] MD5=65C8C374BBF5DA3529580EBFABD21164 SIZE=134656
    %PROGRAMFILES%\McAfee\SiteAdvisor\components\McFFPlg.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=C40A6435A5168C89EDB9E915E021ABE6 SIZE=77328
    %PROGRAMFILES%\McAfee\SiteAdvisor\McBrwctl.dll [McAfee, Inc.] [McAfee SiteAdvisor] MD5=10AD6FAC677BF6FCA3F23942FE629D0A SIZE=253456
    %PROGRAMFILES%\abylonsoft\apmPro\APMPMgr.EXE [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=5D00247FFADABC5621E53ECB533589B6 SIZE=1570128
    %PROGRAMFILES%\abylonsoft\apmPro\APMPSetup.EXE [abylonsoft - Dr. Thomas Klabunde] [abylon protection manager (apm)] MD5=147EC3C35EF1BE8A6A66D58E56EB9B48 SIZE=1176912
    %PROGRAMFILES%\IVT Corporation\BlueSoleil\BlueSoleil.exe [IVT Corporation] [BlueSoleil] MD5=2431718A89186E5437696D474B260D6B SIZE=1048576
    %PROGRAMFILES%\ICQ6Toolbar\ICQToolBar.dll [ICQ] [ICQToolBar] MD5=96F76412720D0E9AD005CBD6201F688D SIZE=958712
    deskpan.dll
    %PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=68718FBFE1513AAEED9BF319D912BB47 SIZE=49198
    %PROGRAMFILES%\iTunes\iTunesMiniPlayer.dll [Apple Inc.] [iTunes] MD5=55BE33BC1E556A2DDFBC27295CE65BC6 SIZE=132392
    %SYSDIR%\DRIVERS\3xHybrid.sys [Philips Semiconductors GmbH] [Philips Semiconductors 3xHybrid] MD5=1AC06930B96E1B2515ABC3A598E0FCA7 SIZE=666368
    %SYSDIR%\DRIVERS\AegisP.sys [Meetinghouse Data Communications] [AEGIS Client 3.0.0.6] MD5=4B66E250C94C92522C33A759D5D273CB SIZE=15939
    %SYSDIR%\DRIVERS\AGRSM.sys [Agere Systems] [Agere SoftModem Driver] MD5=1CFEBA39FC613E45B49D3EDDFBCDA289 SIZE=1203776
    %SYSDIR%\drivers\APMDrive.sys [abylonsoft] [apmdrive] MD5=3E33B9411FAFA0DBB83E3CCD883E29B5 SIZE=49200
    %SYSDIR%\svchost.exe -k netsvcs
    %SYSDIR%\DRIVERS\blueletaudio.sys [IVT Corporation] [Windows (R) 2000 DDK driver] MD5=31FF5B87C1DD907613CC613224B8E303 SIZE=20096
    %SYSDIR%\Drivers\btcusb.sys [IVT Corporation] [Bluetooth USB Device Driver] MD5=BDF2C32C14EF7AB75DDCC3394D6F80D4 SIZE=22488
    %SYSDIR%\DRIVERS\vbtenum.sys MD5=0448968BA21ACDE511C19F3C0296E23B SIZE=12500
    %SYSDIR%\Drivers\BTHidMgr.sys [IVT Corporation] [BlueSoleil(c)] MD5=F408264F6AD1DC7E7BDD4837440F115D SIZE=28207
    %SYSDIR%\drivers\cmudax.sys [C-Media Inc.] [C-Media Audio Driver (WDM)] MD5=D7FCADA6833A0E243CA89C03BD559BD9 SIZE=1287296
    %SYSDIR%\svchost -k DcomLaunch
    %SYSDIR%\svchost.exe -k NetworkService
    %SYSDIR%\DRIVERS\eamon.sys [ESET] [ESET Smart Security] MD5=68556A9D5339046A85815C3826CAF412 SIZE=39944
    %SYSDIR%\DRIVERS\easdrv.sys [ESET] [ESET Smart Security] MD5=FD90EA14A6DAD9A3E380DC2B84956C0F SIZE=53256
    %SYSDIR%\Drivers\ElbyCDFL.sys [SlySoft, Inc.] [CloneCD] MD5=C61C83501268B0110B5C5DB7E63DEE0C SIZE=27392
    %SYSDIR%\Drivers\ElbyCDIO.sys [Elaborate Bytes AG] [CDRTools] MD5=084A13F18856D610D44D3109A9D2ACDE SIZE=10624
    %SYSDIR%\DRIVERS\epfw.sys [ESET] [ESET Smart Security] MD5=4FCB6BB677EFEF9335204157D7B1B9B9 SIZE=71688
    %SYSDIR%\DRIVERS\Epfwndis.sys [ESET] [ESET Smart Security] MD5=BC2EB5219481B235AE260A88E3922115 SIZE=30728
    %SYSDIR%\DRIVERS\epfwtdi.sys [ESET] [ESET Smart Security] MD5=1BAD7268B8BCC56C259C141C233FB737 SIZE=54280
    %SYSDIR%\DRIVERS\GEARAspiWDM.sys [GEAR Software Inc.] [CD DVD Filter] MD5=AB8A6A87D9D7255C3884D5B9541A6E80 SIZE=15464
    %SYSDIR%\svchost.exe -k HTTPFilter
    %SYSDIR%\svchost.exe -k LocalService
    %SYSDIR%\svchost -k rpcss
    %SYSDIR%\DRIVERS\rt2500usb.sys [Ralink Technology Inc.] [Ralink 802.11g Wireless USB Adapters] MD5=6F6CE24F243458C92B54E0016AD46BD7 SIZE=140544
    %SYSDIR%\drivers\sfdrv01.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=9E7DEE11FD5A4355941A45F13C0ED59A SIZE=51200
    %SYSDIR%\drivers\sfhlp02.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=ECEFB59D2206D281E6D317AF0EA0D8BD SIZE=6656
    %SYSDIR%\drivers\sfsync03.sys [Protection Technology] [StarForce Protection System] MD5=B27F70092A84B2A381D1FCDBBB82F876 SIZE=35328
    %SYSDIR%\drivers\sfsync04.sys [Protection Technology (StarForce)] [SF FrontLine] MD5=05E3038180CD846B0BCA0E915163606A SIZE=50176
    %SYSDIR%\Drivers\sptd.sys SIZE=716272
    %SYSDIR%\svchost.exe -k imgsvc
    %SYSDIR%\DRIVERS\tifsfilt.sys [Acronis] [Acronis True Image] MD5=FF7365534435607391566AB16DA3FD70 SIZE=44704
    %SYSDIR%\DRIVERS\timntr.sys [Acronis] [Acronis True Image] MD5=CC2B976DDD8989E661341A6089755614 SIZE=535232
    %SYSDIR%\DRIVERS\VComm.sys [IVT Corporation] [BlueSoleil] MD5=9EBEE4A060C5364A31AEAA04EAC2AF1E SIZE=61312
    %SYSDIR%\Drivers\VcommMgr.sys [IVT Corporation] [BlueSoleil] MD5=EF0D45ED806B0C9AE9756BFEECB077ED SIZE=82148
    %SYSDIR%\drivers\wbscr.sys [Winbond Electronics Corp.] [Winbond Smartcard Driver] MD5=67014473F902F3023F892C3A0950958A SIZE=19928
    %SYSDIR%\svchost.exe -k WudfServiceGroup
    %SYSDIR%\Drivers\x10ufx2.sys [X10 Wireless Technology, Inc.] [X10 USB Control Interface] MD5=41CF36A3CC7786575247ED456918E112 SIZE=17792
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ACE.dll [Adobe Systems Incorporated] [ACE] MD5=D61F276BF38D9A79E4D456BB40288DD3 SIZE=846336
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AGM.dll [Adobe Systems Incorporated] [AGM] MD5=0B6A7C548C07EE28AFE05E6ABB96CD2E SIZE=5345280
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeLM_libFNP.dll [Macrovision Europe Ltd.] [FLEXnet Publisher (32 bit)] MD5=83B6363E16FB12C73A247CC779E74C04 SIZE=2531328
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\AdobeUpdater.dll [Adobe Systems Incorporated] [Adobe Updater Library] MD5=DFF59761DE2D1D00618F7CB0232108CA SIZE=496128
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\BIB.dll [Adobe Systems Incorporated] [BIB] MD5=AF000DDB9802F88C3E40FA8378B835F7 SIZE=276480
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\FNP_Act_Installer.dll [Macrovision Europe Ltd.] [FLEXnet Publisher (32 bit)] MD5=6F2E09108202E5EB008C69488FAFD27C SIZE=934400
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\MPS.dll [Adobe Systems Incorporated] [MPS] MD5=63FFF89A754FC2B2D9DC37320B04547B SIZE=3798016
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\OperaMgr.dll [Adobe Systems Incorporated] [Adobe Opera Manager] MD5=9F721E5F4AC8EE6DF92060902EE0F587 SIZE=73728
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Photodownloader.exe [Adobe Systems Incorporated] [Adobe Photo Downloader] MD5=FD9E1498650668A1808B8010156E344A SIZE=4937640
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\ASEFormat.8bi MD5=B13A5EBEEDF948B99F4817A7E4750579 SIZE=290816
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\Cineon.8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\Plug-Ins\MMXCore.8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=202368DD475ACA1334C2D4E08715FD2A SIZE=245760
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\adobe_personalization.dll [Adobe Systems Incorporated] [Adobe EPIC Personalization] MD5=690C167A2CFCC36372706572932AA2F3 SIZE=346624
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagli18n28.dll [IBM Corporation and others] [International Components for Unicode] MD5=E110D3350932FD8F193AB3D8A75F51D4 SIZE=671744
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libagluc28.dll [IBM Corporation and others] [International Components for Unicode] MD5=B9460E79EC16BE1416869EB13CE68D2C SIZE=589824
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmmd.dll [Intel Corporation] [Intel(r) C Compiler, Intel(r) C++ Compiler, Intel(r) Fortran Compiler] MD5=A8E9F6ED6912CE1B03A172DB99CC1823 SIZE=2797660
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\libmysqld.dll MD5=6A9DC6FB11A6BF111171AF8FADDC2809 SIZE=2748416
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\ols.dll [Adobe Systems Incorporated] [Adobe Online Services] MD5=EC903FC197E43A61EC1B7B3B3C025584 SIZE=290816
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\pspluginsupport.dll [Adobe Systems Incorporated] [Adobe Photo Downloader 4.0 component] MD5=13C04334BB067006B72A0548795AEE72 SIZE=118784
    %PROGRAMFILES%\Adobe\Adobe Bridge CS3\zlib.dll [ZLib.DLL] MD5=038F501695724FF0A44A0129DE8279DE SIZE=618496
    %PROGRAMFILES%\Adobe\Adobe Device Central CS3\SCL.dll [Adobe Systems Incorporated] [Adobe SCL] MD5=B0B5EE7E84A3558E56126B63483A56CF SIZE=1410048
    %PROGRAMFILES%\Adobe\Adobe Stock Photos CS3\adobe_caps.dll [Adobe Systems Incorporated] [Adobe CAPS] MD5=C4A9FBE8B7D32E29880AE41738166C4B SIZE=220856
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\ARE.dll [Adobe Systems Incorporated] [ARE] MD5=8B507D67731B1C6244BD61E0E92621CD SIZE=319160
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\AXE8SharedExpat.dll [Adobe Systems Incorporated] [AXE8SharedExpat] MD5=EF6873EF162288CD053C31EFAAF366AD SIZE=167936
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\AdobeXMPFiles.dll [Adobe XMP Files] MD5=FD170B371BAD0B3B99FA5B318BE0B599 SIZE=339968
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIB.dll [Adobe Systems Incorporated] [BIB] MD5=A864913759544CB26093B792206C0894 SIZE=282816
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\BIBUtils.dll [Adobe Systems Incorporated] [BIBUtils] MD5=2BD9F80EF217317935D9513320CF9CA6 SIZE=249552
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\Cineon.8bi [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=81F9ACB9E9C30B6766CF21B775D51EB2 SIZE=29184
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\FastCore.8BX [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=EA820925DED97BF9EDACD6A0FCBFD05C SIZE=32768
    %COMMONFILES%\Adobe\Adobe Asset Services CS3\Plug-Ins\PCX.8BI [Adobe Systems, Incorporated] [Adobe Photoshop CS3] MD5=65CFE9BE2452FC842B8EF107107972FC SIZE=22528
    %COMMONFILES%\Adobe\Linguistics\Providers\Plugins\WRLiloPlugin1.0\NFTWin_MacEnc.dll [Winsoft SA - NeuroSoft SA] [NFTWin_MacEnc.dll Dynamic Link Library] MD5=167FC2C88CB8366C2189E82A70281162 SIZE=221184
    %COMMONFILES%\Adobe\Updater5\AdobeUpdater.ar_AE [Adobe Systems Incorporated] [Adobe Updater] MD5=37C241539946B96B1C3C83AE06F43079 SIZE=60608
    %COMMONFILES%\Adobe\Updater5\AdobeUpdater.bg_BG [Adobe Systems Incorporated] [Adobe Updater] MD5=9E888FA177852B86278AAC34B8D0FDDF SIZE=64704
    %COMMONFILES%\Adobe\Updater5\AdobeUpdater.et_EE [Adobe Systems Incorporated] [Adobe Updater] MD5=8973BF847409AE84191BBE8A24A4B167 SIZE=63168
    %COMMONFILES%\Adobe\Updater5\AdobeUpdater.lt_LT [Adobe Systems Incorporated] [Adobe Updater] MD5=310EAE4D478D85DD6FBE0F05F42F2B2B SIZE=63168
    %COMMONFILES%\Adobe\Updater5\AdobeUpdater.uk_UA [Adobe Systems Incorporated] [Adobe Updater] MD5=7766741BF52B87D901453EC62AE9EFCF SIZE=63680
    %SYSDIR%\pxafs.dll [Sonic Solutions] [PxAFS Dynamic Link Library] MD5=21FE7EFA3039632434953955F3BDB235 SIZE=129784
    %WINDIR%\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=CB23B162AC655F24C6711A5F5DF348C6 SIZE=61440
    %WINDIR%\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=1B7524806D0270B81360C63A2FA047CB SIZE=1101824
    %SYSDIR%\mfc80.dll [Microsoft Corporation] [Microsoft® Visual Studio® 2005] MD5=0756161AF3826820B3C1F87780711B7E SIZE=1101824
    %PROGRAMFILES%\Java\jre1.6.0_07\bin\JdbcOdbc.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=F708430AE09C4102933E24CD6D12780D SIZE=36352
    %PROGRAMFILES%\Java\jre1.6.0_07\bin\dcpr.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=D6E7FFCD38ECDFE4BD8DCE29D8D1A654 SIZE=143360
    %PROGRAMFILES%\Java\jre1.6.0_07\bin\ioser12.dll [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=5CF15BC4493299F6645DB27B51278D2A SIZE=12800
    %PROGRAMFILES%\Java\jre1.6.0_07\bin\javacpl.cpl [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=370716E3CA99E6A4346F272DA56017C1 SIZE=73728
    %PROGRAMFILES%\Java\jre1.6.0_07\bin\policytool.exe [Sun Microsystems, Inc.] [Java(TM) Platform SE 6 U7] MD5=1C0C6888952D9EC22A7B5C6FAD0E8160 SIZE=25600
    %COMMONFILES%\Microsoft Shared\GRPHFLT\CGMIMP32.FLT [Microsoft Corporation] [Microsoft Office 2003] MD5=58270DA621B532BF13652B742163A0CD SIZE=284736
    %COMMONFILES%\Microsoft Shared\Smart Tag\FPERSON.DLL [Microsoft Corporation] [Microsoft Office XP] MD5=53879533D9F3B209348B9346DD717E44 SIZE=289336
    %PROGRAMFILES%\Microsoft Works\ltkrn13n.dll [LEAD Technologies, Inc.] [LEADTOOLS(r) DLL for Win32] MD5=9F55BFD2C68DDD94F261B4E7A177042B SIZE=468568

    End of Report


    sorry der text war zu lang.
     
  6. #5 Leonixx, 10.11.2008
    Leonixx

    Leonixx
    Moderator

    Dabei seit:
    17.10.2007
    Beiträge:
    18.903
    Zustimmungen:
    0
    Ort:
    NIX DO
    Zitat Quelle Windows Tweak Forum:
    W32/Colevo-A ist ein E-Mail-fähiger Wurm, der sich an MSN-Messenger-Kontakte des betroffenen Anwenders sendet. Die E-Mail hat folgende Merkmale: [/i]

    W32/Colevo-A kopiert sich in folgende Dateien:
    <Windows>\command.exe
    <Windows>\Hot Girl.scr
    <Windows>\hotmailpass.exe
    <Windows>\Inf.exe
    <Windows>\Internet download .exe
    <Windows>\Internet File.exe
    <Windows>\Part Hard Disk.exe
    <Windows>\Shell.exe
    <Windows>\system.exe
    <Windows>\System32.exe
    <Windows>\System64.pif
    <Windows>\Temp.exe
    <Windows>\All User\Server.exe
    <Windows>\system32\command.com
    <Windows>\system32\net.com
    <Windows>\system32\www.microsoft.com
    <Windows>\system32\Inf.exe
    <Windows>\menu inicio\programas\inicio\www.microsoft\com
    <Recycled>\Evo Morales.scr

    W32/Colevo-A nimmt folgende Änderungen an der Registrierung vor:
    HKCR\htafile\shell\open\command\(Default)
    = "C:\Windows\commands.exe", "%1 %*"
    HKCR\exefile\shell\open\command\(Default)
    = "C:\Windows\command.exe", "%1 %*"
    HKCR\comfile\shell\open\command\(Default)
    = "C:\Windows\Inf.exe", "%1 %*"
    HKCR\batfile\shell\open\command\(Default)
    = "C:\Windows\temp.exe", "%1 %*"
    HKCR\piffile\shell\open\command\(Default)
    = "C:\Windows\commands.exe", "%1 %*"
    HKCR\exefile\NeverShowExt
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System
    = C:\Windows\system.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\1\2\3\4\System
    = C:\Windows\temp.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\System
    = C:\Windows\commands.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\System
    = C:\Windows\system.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\1\2\3\4\System
    = C:\Windows\system.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\System
    = C:\Windows\temp.exe
    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\System
    = C:\Windows\system.exe

    Die folgenden Zeilen werden an den Beginn von win.ini angehängt:
    [windows]
    load=archivo.exe
    run=archivo.exe
    ####Viva el EVO, y jamas erradicaran la Coca Cola!!! mentira colla maldito!!
    (PYN Pablo_Hack@hotmail.com)####

    Folgende Zeilen werden an den Beginn von system.ini angehängt:
    [boot]
    Shell=explorer.exe temp.exe

    Die Datei winstart.bat wird erstellt und enthält die einzige Zeile
    "null=c:\windows\system.exe".

    W32/Colevo-A läuft als Backdoor-Server im Hintergrund und ermöglicht unbefugten Zugriff auf den Computer des Opfers.
    W32/Colevo-A öffnet kontinuierlich den Webbrowser des Benutzers mit einer der folgenden Webseiten:
    http://jeremybigwood.net/Bolivia/images/
    Bolivia.Sept.2K.000.jpg
    http://news.bbc.co.uk/olmedia/775000/images/
    _778100_morales150.jpg
    http://www.commondreams.org/headlines/images/100700-01.jpg
    http://www.ni.laprensa.com.ni/archivo/2002/julio/09/elmundo/
    elmundo-20020709-01.jpg
    http://www.soc.uu.se/mapuche/indgen/puntofinal020822.jpg
    http://www.cannabisculture.com/library/images/images/uploads/
    2409-Evo-morales-speaking.jpg
    http://www.chilevive.cl/news/img/evom.jpg
    http://membres.lycos.fr/asocamerlat/evo morales_bolivia2.gif
    http://news.bbc.co.uk/media/images/38128000/jpg/
    _38128025_020710bolivia300b.jpg


    Tue dir selbst einen Gefallen und setze das System neu auf! Alles andere ist nur ein rumgewürge mit Teilbeseitigungen. Du solltest dich einfach vorsichtiger im Netz bewegen, wenn ich bedenke wie oft du schon hier gepostet hast, das dein Rechner infiziert ist. Entweder hast du ein großes Sicherheitsleck oder du lädst zu viel Mist und bewegst dich auf Crackseiten.

    Mit den bekannten AV-Proggis ist eine Desinfizierung nicht immer möglich bzw. sinnvoll.

    Brain.exe einschalten und dein System bleibt sauber!

    Gruss Leonixx
     
  7. #6 TIPower, 10.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    Ich bin halt zu mutig wenn mir jemand sagt die seite sei gefährlich dann gehe ich da erst drauf und versichere mich ob sie gefährlich sei.
    Combofix:
    ComboFix 08-10-30.12 - Ole 2008-11-10 15:46:42.7 - NTFSx86 MINIMAL
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1031.18.781 [GMT 1:00]
    ausgeführt von:: C:\Dokumente und Einstellungen\Ole\Desktop\ComboFix.exe

    Achtung - Auf diesem PC ist keine Wiederherstellungskonsole installiert !!
    .
    - REDUZIERTER FUNKTIONALITÄTSMODUS -
    .

    ((((((((((((((((((((((( Dateien erstellt von 2008-10-10 bis 2008-11-10 ))))))))))))))))))))))))))))))
    .

    2008-11-10 12:26 . 2008-11-10 12:26 <DIR> d-------- C:\Programme\Strata
    2008-11-09 20:14 . 2008-11-09 20:14 <DIR> d-------- C:\Programme\Winamp
    2008-11-09 20:14 . 2008-11-09 20:16 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Winamp
    2008-11-09 09:27 . 2008-11-09 09:27 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Corel
    2008-11-09 09:27 . 2008-11-09 09:27 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Corel
    2008-11-09 09:27 . 2008-11-10 09:32 88 -r-hs---- C:\WINDOWS\system32\13E00C8982.sys
    2008-11-09 09:24 . 2008-11-09 09:25 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Corel
    2008-11-09 09:24 . 2008-11-09 09:24 <DIR> d-------- C:\Programme\Corel
    2008-11-08 11:45 . 2008-11-08 11:45 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Sports Interactive
    2008-11-08 11:43 . 2008-11-08 11:43 <DIR> d--h----- C:\Programme\Zero G Registry
    2008-11-08 11:43 . 2008-11-08 11:43 <DIR> d-------- C:\Programme\Sports Interactive
    2008-11-08 11:42 . 2008-11-08 11:42 <DIR> d--h----- C:\Dokumente und Einstellungen\Ole\InstallAnywhere
    2008-11-08 08:48 . 2008-11-08 08:48 <DIR> d-------- C:\Programme\Empire Interactive
    2008-11-07 22:11 . 2008-11-07 22:14 <DIR> d-------- C:\Programme\ICQ6
    2008-11-07 22:00 . 2008-11-07 22:00 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\McLoad
    2008-11-07 13:45 . 2008-11-07 13:49 <DIR> d-------- C:\Programme\SlySoft
    2008-11-07 13:36 . 2008-11-07 13:36 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Thinstall
    2008-11-06 16:32 . 2008-11-06 16:33 <DIR> d-------- C:\Programme\RetroShare
    2008-11-06 16:32 . 2008-11-06 20:15 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\RetroShare
    2008-11-05 20:30 . 2008-11-08 17:35 <DIR> d-------- C:\Programme\Internet Download Manager
    2008-11-05 20:30 . 2008-11-05 20:33 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\IDM
    2008-11-05 20:30 . 2008-11-10 15:40 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\DMCache
    2008-11-04 20:43 . 2008-11-04 20:47 <DIR> d-------- C:\Programme\Cheatbook Database 2008
    2008-11-04 14:50 . 2008-11-04 14:50 <DIR> d-------- C:\Programme\iTunes
    2008-11-04 14:50 . 2008-11-04 14:50 <DIR> d-------- C:\Programme\iPod
    2008-11-04 14:50 . 2008-11-04 14:50 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-11-04 14:50 . 2008-04-17 13:12 107,368 --a------ C:\WINDOWS\system32\GEARAspi.dll
    2008-11-04 14:50 . 2008-04-17 13:12 15,464 --a------ C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
    2008-11-02 22:12 . 2008-11-04 14:17 <DIR> d-------- C:\Programme\IcoFX 1.6
    2008-11-02 22:12 . 2008-11-02 22:13 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\IcoFX
    2008-11-02 21:35 . 2008-11-02 21:38 <DIR> d-------- C:\Programme\Carom3D
    2008-11-02 21:23 . 2007-02-05 13:11 139,264 --a------ C:\WINDOWS\NeoUninstall.exe
    2008-11-02 21:23 . 2008-11-02 21:35 26 --a------ C:\WINDOWS\neosetup.INI
    2008-11-01 11:29 . 2008-11-10 15:03 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\dvdcss
    2008-11-01 10:00 . 2008-11-01 11:29 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\vlc
    2008-10-31 16:39 . 2008-10-31 16:39 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf
    2008-10-30 20:35 . 2008-11-08 20:15 <DIR> d-------- C:\Programme\Quick Batch File Compiler
    2008-10-30 15:34 . 2008-10-30 15:41 <DIR> d--h----- C:\WINDOWS\Icons
    2008-10-30 14:54 . 2008-10-30 16:11 2,287,616 --a------ C:\WINDOWS\system32\TUKernel.exe
    2008-10-29 21:06 . 2008-10-29 21:06 <DIR> d-------- C:\Programme\Apple Software Update
    2008-10-29 21:03 . 2008-10-29 21:07 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\.SunDownloadManager
    2008-10-29 20:55 . 2008-10-29 20:55 <DIR> d-------- C:\Programme\Secunia
    2008-10-29 20:50 . 2008-10-29 20:50 <DIR> d-------- C:\Programme\Crawler
    2008-10-29 20:50 . 2008-11-09 21:42 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator
    2008-10-29 20:50 . 2008-10-29 20:50 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    2008-10-29 20:49 . 2008-11-09 21:43 <DIR> d-------- C:\Programme\Spyware Terminator
    2008-10-29 20:49 . 2008-11-09 21:43 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Spyware Terminator
    2008-10-29 20:14 . 2008-10-29 20:14 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Ubisoft
    2008-10-29 20:13 . 2008-10-29 20:13 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
    2008-10-29 17:07 . 2008-10-29 17:07 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\735B
    2008-10-28 11:46 . 2008-09-12 11:44 206,256 --a------ C:\WINDOWS\system32\idmmbc.dll
    2008-10-27 09:04 . 2008-10-27 09:04 7,808 --a------ C:\WINDOWS\system32\drivers\psi_mf.sys
    2008-10-26 19:50 . 2008-10-26 19:50 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\16261
    2008-10-25 17:53 . 2008-11-03 21:32 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-10-25 17:52 . 2008-11-03 21:32 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
    2008-10-25 17:52 . 2008-10-25 17:55 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
    2008-10-25 17:52 . 2008-10-25 17:52 22,328 --a------ C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\PnkBstrK.sys
    2008-10-25 17:42 . 2008-10-25 17:42 <DIR> d--hs---- C:\WINDOWS\ftpcache
    2008-10-24 20:33 . 2008-10-25 15:38 <DIR> d-------- C:\Programme\HyperSnap 6
    2008-10-24 18:23 . 2008-01-18 23:36 1,391,616 --a------ C:\WINDOWS\system32\ActPDF.dll
    2008-10-24 18:23 . 2008-07-12 08:49 884,736 --a------ C:\WINDOWS\system32\SaveTo.dll
    2008-10-24 18:23 . 2007-09-10 10:32 524,288 --a------ C:\WINDOWS\system32\PrtPass.exe
    2008-10-24 12:19 . 2008-10-24 12:19 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Windows Search
    2008-10-24 12:09 . 2008-10-24 12:09 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
    2008-10-24 12:09 . 2008-10-24 19:56 <DIR> d-------- C:\Programme\Windows Desktop Search
    2008-10-24 12:08 . 2008-03-07 18:02 192,000 -----c--- C:\WINDOWS\system32\dllcache\offfilt.dll
    2008-10-24 12:08 . 2008-03-07 18:02 98,304 -----c--- C:\WINDOWS\system32\dllcache\nlhtml.dll
    2008-10-24 12:08 . 2008-03-07 18:02 29,696 -----c--- C:\WINDOWS\system32\dllcache\mimefilt.dll
    2008-10-24 12:06 . 2008-10-15 17:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
    2008-10-22 13:23 . 2008-10-22 13:23 <DIR> d-------- C:\Programme\Windows Installer Clean Up
    2008-10-22 13:23 . 2008-10-22 13:23 <DIR> d-------- C:\Programme\MSECACHE
    2008-10-21 19:23 . 2008-11-10 15:40 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\apm
    2008-10-21 19:21 . 2008-11-08 15:29 <DIR> d-------- C:\Programme\abylonsoft
    2008-10-21 19:21 . 2008-10-21 19:22 49,200 --------- C:\WINDOWS\system32\drivers\APMDrive.sys
    2008-10-21 19:21 . 2008-10-21 19:22 187 --a------ C:\WINDOWS\APMPReg.ini
    2008-10-21 14:03 . 2008-10-21 14:03 142,096 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
    2008-10-20 16:43 . 2008-10-25 23:02 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Auslogics
    2008-10-20 16:35 . 2008-10-20 16:35 <DIR> d-------- C:\Programme\Auslogics
    2008-10-20 15:58 . 2008-10-24 19:59 <DIR> d-------- C:\Programme\Tastenteufel
    2008-10-20 15:56 . 2006-06-29 12:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
    2008-10-19 07:17 . 2008-11-01 10:37 <DIR> d-------- C:\Programme\Vuze
    2008-10-18 11:16 . 2008-10-18 11:16 <DIR> d-------- C:\Dokumente und Einstellungen\NetworkService\Eigene Dateien
    2008-10-17 21:28 . 2008-10-20 17:25 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\uTorrent
    2008-10-17 17:21 . 2008-10-20 16:48 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\MailWasherPro
    2008-10-16 17:27 . 2008-10-16 17:27 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten\Nero
    2008-10-16 17:18 . 2005-02-06 17:05 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\WINDOWS
    2008-10-16 17:18 . 2005-01-26 21:08 <DIR> d--h----- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Vorlagen
    2008-10-16 17:18 . 2005-01-27 17:39 <DIR> d---s---- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\UserData
    2008-10-16 17:18 . 2005-01-26 21:05 <DIR> dr------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Startmenü
    2008-10-16 17:18 . 2005-01-26 21:05 <DIR> d--h----- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Netzwerkumgebung
    2008-10-16 17:18 . 2008-11-10 15:46 <DIR> d--h----- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Lokale Einstellungen
    2008-10-16 17:18 . 2005-02-15 02:07 <DIR> dr------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Favoriten
    2008-10-16 17:18 . 2005-02-15 02:13 <DIR> dr------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Eigene Dateien
    2008-10-16 17:18 . 2005-01-26 21:05 <DIR> d--h----- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Druckumgebung
    2008-10-16 17:18 . 2005-02-06 14:35 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten\You've Got Pictures Screensaver
    2008-10-16 17:18 . 2005-02-16 23:02 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten\CyberLink
    2008-10-16 17:18 . 2008-07-18 12:55 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten\Apple Computer
    2008-10-16 17:18 . 2008-05-19 14:40 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten\AOL
    2008-10-16 17:18 . 2008-10-16 17:27 <DIR> dr-h----- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4\Anwendungsdaten
    2008-10-16 17:18 . 2008-10-20 17:29 <DIR> d-------- C:\Dokumente und Einstellungen\NeroMediaHomeUser.4
    2008-10-16 16:36 . 2008-10-16 16:37 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Nero
    2008-10-16 16:19 . 2008-10-16 16:19 4,757 --a------ C:\WINDOWS\Irremote.ini
    2008-10-16 16:16 . 2008-10-16 16:16 <DIR> d-------- C:\Programme\Windows Sidebar
    2008-10-16 15:59 . 2008-10-16 17:09 <DIR> d-------- C:\Programme\Gemeinsame Dateien\Nero
    2008-10-16 15:59 . 2008-10-16 16:10 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nero
    2008-10-16 13:55 . 2008-09-08 11:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-16 13:53 . 2008-08-14 14:19 2,191,488 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-16 13:53 . 2008-08-14 14:19 2,147,840 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-16 13:53 . 2008-08-14 14:19 2,068,352 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-16 13:53 . 2008-08-14 14:19 2,026,496 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-16 13:53 . 2008-09-15 16:24 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-15 19:54 . 2008-10-15 19:54 96,640 --a------ C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\GDIPFONTCACHEV1.DAT
    2008-10-15 13:56 . 2008-10-15 13:56 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\ESET
    2008-10-15 13:55 . 2008-10-15 13:55 <DIR> d-------- C:\Programme\ESET
    2008-10-15 13:55 . 2008-10-15 13:55 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ESET
    2008-10-12 11:27 . 2008-11-05 19:22 <DIR> d-------- C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\teamspeak2
    2008-10-12 11:27 . 2008-10-12 11:27 34,064 --a------ C:\WINDOWS\system32\lhacm.acm
    2008-10-12 11:25 . 2008-10-24 19:59 <DIR> d-------- C:\Programme\Teamspeak2_RC2
    2008-10-11 08:01 . 2008-11-08 15:16 <DIR> d-------- C:\Programme\phase5
    2008-10-11 08:01 . 2008-10-11 08:01 <DIR> d-------- C:\Programme\FileZilla FTP Client

    .
    (((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-11-10 14:40 17,408 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
    2008-11-10 14:06 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\ICQ
    2008-11-10 11:35 14,186 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
    2008-11-10 11:26 --------- d--h--w C:\Programme\InstallShield Installation Information
    2008-11-09 20:25 --------- d-----w C:\Programme\Mozilla Firefox 3 Beta 5
    2008-11-09 20:16 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\FileZilla
    2008-11-07 21:13 --------- d-----w C:\Programme\ICQ6Toolbar
    2008-11-07 21:08 --------- d-----w C:\Programme\ICQLite
    2008-11-03 15:05 --------- d-----w C:\Programme\McAfee
    2008-11-01 09:36 --------- d-----w C:\Programme\Mozilla Thunderbird
    2008-10-29 20:10 --------- d-----w C:\Programme\Bonjour
    2008-10-29 20:08 --------- d-----w C:\Programme\QuickTime
    2008-10-29 20:08 --------- d-----w C:\Programme\Gemeinsame Dateien\Apple
    2008-10-29 19:57 --------- d-----w C:\Programme\CCleaner
    2008-10-29 06:22 --------- d-----w C:\Programme\ScanWizard 5
    2008-10-25 08:39 956 ----a-w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\wklnhst.dat
    2008-10-23 19:33 --------- d-----w C:\Programme\Malwarebytes' Anti-Malware
    2008-10-22 14:10 38,496 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-22 14:10 15,504 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-21 12:49 --------- d-----w C:\Programme\Microsoft Silverlight
    2008-10-18 14:58 --------- d-----w C:\Programme\BitComet
    2008-10-16 16:18 --------- d-----w C:\Programme\Nero
    2008-10-15 19:30 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\MAGIX
    2008-10-15 19:29 --------- d-----w C:\Programme\MAGIX
    2008-10-15 19:29 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
    2008-10-15 12:28 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
    2008-10-10 11:24 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton
    2008-10-10 11:23 --------- d-----w C:\Programme\Gemeinsame Dateien\Symantec Shared
    2008-10-02 18:45 8,464 ----a-w C:\WINDOWS\system32\sporder.dll
    2008-09-29 10:31 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\SPORE
    2008-09-29 08:25 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
    2008-09-28 18:30 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Atari
    2008-09-25 17:04 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NortonInstaller
    2008-09-25 13:59 --------- d-----w C:\Programme\coolspot AG
    2008-09-20 17:59 --------- d-----w C:\Programme\Gemeinsame Dateien\DVDVideoSoft
    2008-09-20 15:39 3,532 ----a-w C:\drmHeader.bin
    2008-09-15 15:24 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-09-15 13:37 361,728 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-09-15 13:37 --------- d-----w C:\Programme\TuneUp Utilities 2008
    2008-09-15 13:36 --------- d-----w C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
    2008-09-14 14:38 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Sunbelt
    2008-09-14 14:37 --------- d-----w C:\Programme\Sunbelt Software
    2008-09-14 14:37 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sunbelt
    2008-09-14 07:33 --------- d-----w C:\Programme\Hasbro
    2008-09-13 17:12 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2008-09-12 18:04 --------- d-----w C:\Programme\DVDVideoSoft
    2008-09-11 15:27 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\DivX
    2008-09-11 12:48 --------- d-----w C:\Programme\DivX
    2008-09-10 17:45 --------- d-----w C:\Programme\Gemeinsame Dateien\McAfee
    2008-09-10 17:45 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SiteAdvisor
    2008-09-10 17:45 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
    2008-09-10 14:04 --------- d-----w C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\TuneUp Software
    2008-09-10 14:04 --------- d-----w C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
    2008-08-29 09:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe
    2008-08-29 08:53 65,536 ----a-w C:\WINDOWS\system32\jdns_sd.dll
    2008-08-29 08:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll
    2008-08-26 17:07 1,419,232 ----a-w C:\WINDOWS\system32\wdfcoinstaller01005.dll
    2008-08-26 07:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-08-14 13:19 2,147,840 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 13:19 2,026,496 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-01 15:00 1 ----a-w C:\Dokumente und Einstellungen\Ole\SI.bin
    2008-07-16 10:51 56 --sh--r C:\WINDOWS\system32\3CF9367163.sys
    2005-02-06 13:08 8 --sh--r C:\WINDOWS\system32\D5D86239B1.sys
    2008-05-30 11:51 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\MSHist012008051920080526\index.dat
    2008-05-30 11:51 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Verlauf\History.IE5\MSHist012008053020080531\index.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-11-01_11.12.12,35 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-10-29 19:12:35 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
    + 2008-11-08 07:59:56 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
    - 2008-10-29 19:12:36 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
    + 2008-11-08 07:59:56 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
    - 2008-10-29 19:12:36 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
    + 2008-11-08 07:59:56 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
    - 2008-10-29 19:12:26 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:49 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:28 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:51 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:29 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:52 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:29 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:52 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:30 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:53 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:31 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:53 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:31 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:54 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:32 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:54 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:33 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:54 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:36 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    + 2008-11-08 07:59:56 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
    - 2008-10-29 19:12:37 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
    + 2008-11-08 07:59:57 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
    - 2008-10-29 19:12:37 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
    + 2008-11-08 07:59:57 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
    - 2008-10-29 19:12:37 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
    + 2008-11-08 07:59:57 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
    - 2008-10-29 19:12:37 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
    + 2008-11-08 07:59:57 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
    - 2008-10-29 19:12:34 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    + 2008-11-08 07:59:55 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
    + 2008-11-09 08:25:16 394,534 ----a-r C:\WINDOWS\Installer\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}\ARPPRODUCTICON.exe
    + 2008-11-09 08:25:16 22,486 ----a-r C:\WINDOWS\Installer\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}\NewShortcut1.73D5A293_D496_4B44_B535_AA8F98088895.exe
    + 2008-11-04 13:50:58 102,400 ----a-r C:\WINDOWS\Installer\{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}\iTunesIco.exe
    + 2008-11-07 12:49:27 15,360 ----a-w C:\WINDOWS\system32\BASSMOD.dll
    - 2008-03-05 13:56:58 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll
    + 2008-03-05 14:56:58 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll
    - 2008-02-05 21:07:36 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll
    + 2008-02-05 22:07:36 462,864 ----a-w C:\WINDOWS\system32\d3dx10_37.dll
    - 2008-03-05 13:56:58 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll
    + 2008-03-05 14:56:58 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll
    + 2005-05-03 15:34:02 27,392 ----a-w C:\WINDOWS\system32\drivers\ElbyCDFL.sys
    + 2005-04-21 11:40:36 10,624 ----a-w C:\WINDOWS\system32\drivers\ElbyCDIO.sys
    + 2008-04-17 12:12:54 107,368 -c--a-w C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspi.dll
    + 2008-04-17 12:12:54 15,464 -c--a-w C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
    + 2008-10-01 12:01:28 32,000 -c--a-w C:\WINDOWS\system32\DRVSTORE\usbaapl_246F92BBD6449C86FC3F3F28C40D59AC1F69C558\usbaapl.sys
    + 2005-04-21 13:45:35 69,632 ----a-w C:\WINDOWS\system32\ElbyCDIO.dll
     
  8. #7 TIPower, 10.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    + 2007-08-28 11:00:00 1,101,824 ----a-w C:\WINDOWS\system32\mfc80.dll
    + 2007-08-28 11:00:00 548,864 ----a-w C:\WINDOWS\system32\msvcp80.dll
    + 2007-08-28 11:00:00 626,688 ----a-w C:\WINDOWS\system32\msvcr80.dll
    + 2007-06-05 12:20:30 1,459,752 ----a-w C:\WINDOWS\system32\PSIKey.dll
    + 2007-06-05 12:20:32 177,704 ----a-w C:\WINDOWS\system32\PSIService.exe
    - 2008-03-05 14:00:06 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll
    + 2008-03-05 15:00:06 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll
    - 2008-03-05 14:03:20 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll
    + 2008-03-05 15:03:20 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll
    - 2008-03-05 14:03:54 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll
    + 2008-03-05 15:03:54 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll
    - 2007-11-06 23:19:32 161,784 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
    + 2007-11-07 00:19:32 161,784 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_312cf0e9\atl90.dll
    - 2007-11-06 18:23:58 224,768 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
    + 2007-11-06 19:23:58 224,768 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcm90.dll
    - 2007-11-06 23:19:34 568,832 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
    + 2007-11-07 00:19:34 568,832 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll
    - 2007-11-06 23:19:34 655,872 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
    + 2007-11-07 00:19:34 655,872 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll
    - 2007-11-06 23:19:38 1,156,600 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
    + 2007-11-07 00:19:38 1,156,600 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90.dll
    - 2007-11-06 23:19:38 1,162,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
    + 2007-11-07 00:19:38 1,162,744 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfc90u.dll
    - 2007-11-06 20:51:08 59,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
    + 2007-11-06 21:51:08 59,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90.dll
    - 2007-11-06 20:51:08 59,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
    + 2007-11-06 21:51:08 59,904 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_a173767a\mfcm90u.dll
    - 2007-11-06 23:19:16 41,472 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
    + 2007-11-07 00:19:16 41,472 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90chs.dll
    - 2007-11-06 23:19:16 41,984 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
    + 2007-11-07 00:19:16 41,984 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90cht.dll
    - 2007-11-06 23:19:28 60,928 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
    + 2007-11-07 00:19:28 60,928 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90deu.dll
    - 2007-11-06 23:19:22 54,272 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
    + 2007-11-07 00:19:22 54,272 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90enu.dll
    - 2007-11-06 23:19:22 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
    + 2007-11-07 00:19:22 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esn.dll
    - 2007-11-06 23:19:22 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
    + 2007-11-07 00:19:22 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90esp.dll
    - 2007-11-06 23:19:28 60,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
    + 2007-11-07 00:19:28 60,416 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90fra.dll
    - 2007-11-06 23:19:28 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
    + 2007-11-07 00:19:28 59,392 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90ita.dll
    - 2007-11-06 23:19:16 47,104 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
    + 2007-11-07 00:19:16 47,104 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90jpn.dll
    - 2007-11-06 23:19:16 46,592 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
    + 2007-11-07 00:19:16 46,592 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_11f3ea3a\mfc90kor.dll
    - 2007-11-06 23:19:22 54,272 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
    + 2007-11-07 00:19:22 54,272 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_ecc42bd1\vcomp90.dll
    .
    -- Snapshot auf jetziges Datum zurückgesetzt --
    .
    (((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
    "AlcoholAutomount"="C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-09-08 4608]
    "WMPNSCFG"="C:\Programme\Windows Media Player\WMPNSCFG.exe" [2006-11-03 204288]
    "IDMan"="C:\Programme\Internet Download Manager\IDMan.exe" [2008-11-05 2606512]
    "RetroRun"="C:\Programme\RetroShare\RetroShare.exe" [2008-06-19 17383424]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ATIPTA"="C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-01-12 344064]
    "Keyboard Status"="C:\PROGRA~1\Medion\KeyStat\KeyStat.exe" [2005-01-25 411648]
    "EPSON Stylus D88 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE" [2005-01-27 98304]
    "TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2005-02-06 180269]
    "Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
    "SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "RemoteControl"="C:\Programme\Home Cinema\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
    "PCMService"="C:\Programme\Home Cinema\PowerCinema\PCMService.exe" [2005-02-17 118926]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "egui"="C:\Programme\ESET\ESET Smart Security\egui.exe" [2008-08-18 1447168]
    "TrayServer"="C:\Programme\MAGIX\Video_deluxe_15_Download-Version\TrayServer.exe" [2008-08-07 90112]
    "NBKeyScan"="C:\Programme\Nero\Nero BackItUp 4\NBKeyScan.exe" [2008-09-24 2254120]
    "QuickTime Task"="C:\Programme\QuickTime\QTTask.exe" [2008-09-06 413696]
    "AppleSyncNotifier"="C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936]
    "iTunesHelper"="C:\Programme\iTunes\iTunesHelper.exe" [2008-10-01 289576]
    "CloneCDTray"="C:\Programme\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 57344]
    "WinampAgent"="C:\Programme\Winamp\winampa.exe" [2008-07-09 36352]
    "Corel Photo Downloader"="C:\Programme\Gemeinsame Dateien\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 531272]
    "Dit"="Dit.exe" [2004-07-20 C:\WINDOWS\Dit.exe]
    "Verknüpfung mit der High Definition Audio-Eigenschaftenseite"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-10-08 C:\WINDOWS\AGRSMMSG.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

    C:\Dokumente und Einstellungen\Ole\Startmen￾\Programme\Autostart\
    abylon MANAGER.lnk - C:\Programme\abylonsoft\apmPro\APMPMgr.EXE [2008-10-21 1570128]

    C:\Dokumente und Einstellungen\All Users\Startmen￾\Programme\Autostart\
    abylonsoft Module aktivieren.lnk - C:\Programme\abylonsoft\apmPro\APMPSetup.EXE [2008-10-21 1176912]
    BlueSoleil.lnk - C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe [2005-01-27 1048576]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.I420"= i420vfw.dll
    "VIDC.JPEG"= JpegCode.dll
    "VIDC.MJPG"= JpegCode.dll
    "MSVideo"= CSvidcap.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%WinDir%\\system32\\fxsclnt.exe"=
    "%ProgramFiles%\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "C:\\Programme\\Home Cinema\\PowerCinema\\PowerCinema.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Programme\\Messenger\\msmsgs.exe"=
    "C:\\Programme\\Nero\\Nero MediaHome 4\\NMMediaServerService.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "F:\\CoD4MW\\iw3mp.exe"=
    "F:\\Assassins Creed\\AssassinsCreed_Dx9.exe"=
    "F:\\Assassins Creed\\AssassinsCreed_Dx10.exe"=
    "F:\\Assassins Creed\\AssassinsCreed_Launcher.exe"=
    "C:\\Programme\\Bonjour\\mDNSResponder.exe"=
    "C:\\Programme\\iTunes\\iTunes.exe"=
    "C:\\Programme\\ICQ6\\ICQ.exe"=
    "C:\\Programme\\Empire Interactive\\FlatOut Ultimate Carnage\\Fouc.exe"=
    "C:\\Programme\\Sports Interactive\\Football Manager 2008\\fm.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "24848:TCP"= 24848:TCP:BitComet 24848 TCP
    "24848:UDP"= 24848:UDP:BitComet 24848 UDP
    "7689:TCP"= 7689:TCP:BitComet 7689 TCP
    "7689:UDP"= 7689:UDP:BitComet 7689 UDP
    "8446:TCP"= 8446:TCP:BitComet 8446 TCP
    "8446:UDP"= 8446:UDP:BitComet 8446 UDP

    R0 sfsync03;StarForce Protection Synchronization Driver (version 3.x);C:\WINDOWS\system32\drivers\sfsync03.sys [2005-12-06 35328]
    S1 APMDRIVE;APMPDRIVE DRIVER;C:\WINDOWS\system32\drivers\APMDrive.sys [2008-10-21 49200]
    S2 apmctrl;apm - control service;C:\Programme\abylonsoft\apmPro\APMPCtrlSer.exe [2008-10-16 231760]
    S2 ICQ Service;ICQ Service;C:\Programme\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Programme\McAfee\SiteAdvisor\McSACore.exe [2008-10-08 203280]
    S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
    S2 NeroMediaHomeService.4;Nero MediaHome 4 Service;C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe [2008-10-01 427304]
    S2 UxTuneUp;TuneUp Designerweiterung;C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
    S3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2005-02-09 666368]
    S3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2008-11-10 17408]
    S3 cdrmkaun;cdrmkaun;C:\DOKUME~1\Ole\LOKALE~1\Temp\cdrmkaun.sys [ ]
    S3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Programme\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 1527900]
    S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-26 13352]
    S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver;C:\WINDOWS\system32\NSNDIS5.SYS [ ]
    S3 PSI;PSI;C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-10-27 7808]
    S3 SBRE;SBRE;C:\WINDOWS\system32\drivers\SBREdrv.sys [ ]
    S3 TuneUp.Defrag;TuneUp Drive Defrag-Dienst;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-09-15 361728]
    S3 wbscr;Winbond Smartcard Reader for I/O;C:\WINDOWS\system32\drivers\wbscr.sys [2002-04-24 19928]
    S3 ZSMC0305;A4 TECH PC Camera V;C:\WINDOWS\system32\Drivers\usbVM305.sys [ ]

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{CC168798-9F22-AEC7-E80E-FEFCBB7080C3}]
    C:\WINDOWS\svchost.exe
    .
    Inhalt des "geplante Tasks" Ordners

    2008-11-10 C:\WINDOWS\Tasks\1-Klick-Wartung.job
    - C:\Programme\TuneUp Utilities 2008\OneClickStarter.exe [2008-08-21 17:47]

    2008-11-04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
    .
    .
    ------- Zusätzlicher Suchlauf -------
    .
    FireFox -: Profile - C:\Dokumente und Einstellungen\Ole\Anwendungsdaten\Mozilla\Firefox\Profiles\mk6ekwy7.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.yodl.de/href.php?hrefname=FF-splug_google&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.schülervz.de/
    FF -: plugin - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll
    FF -: plugin - C:\Programme\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll
    FF -: plugin - C:\Programme\Microsoft Silverlight\2.0.31005.0\npctrl.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\np32dsw.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npBitCometAgent.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npdivx32.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npDivxPlayerPlugin.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npLegitCheckPlugin.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npnul32.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\nppdf32.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin2.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin3.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin4.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin5.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin6.dll
    FF -: plugin - C:\Programme\Mozilla Firefox 3 Beta 5\plugins\npqtplugin7.dll
    FF -: plugin - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npdsplay.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin2.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin3.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin4.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin5.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin6.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npqtplugin7.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\NPSWF32.dll
    FF -: plugin - F:\Opera 9.5\program\plugins\npwmsdrm.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-11-10 15:47:52
    Windows 5.1.2600 Service Pack 3 NTFS

    Scanne versteckte Prozesse...

    Scanne versteckte Autostarteinträge...

    Scanne versteckte Dateien...

    Scan erfolgreich abgeschlossen
    versteckte Dateien: 0

    **************************************************************************
    .
    --------------------- Durch laufende Prozesse gestartete DLLs ---------------------

    Prozess: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\tsd32.dll
    .
    Zeit der Fertigstellung: 2008-11-10 15:53:39
    ComboFix-quarantined-files.txt 2008-11-10 14:53:35
    ComboFix2.txt 2008-11-01 10:12:54
    ComboFix3.txt 2008-10-31 15:00:40
    ComboFix4.txt 2008-10-13 13:29:40

    Vor Suchlauf: 16 Verzeichnis(se), 14,704,185,344 Bytes frei
    Nach Suchlauf: 16 Verzeichnis(se), 14,706,626,560 Bytes frei

    471 --- E O F --- 2008-10-21 12:39:02
     
  9. #8 stockcarpilot, 10.11.2008
    stockcarpilot

    stockcarpilot
    Moderator

    Dabei seit:
    20.06.2008
    Beiträge:
    4.123
    Zustimmungen:
    6
    Ort:
    NRW
    Hallo TIPower

    Mir ist auch aufgefallen, das du oft Probleme hast. Hast du denn schon mal das Programm Sandboxie ausprobiert?. Habe es seit mehreren Monaten Installiert und bin ganz zufrieden.
    Das Programm ist aber trotzdem kein Freifahrt Schein.


    Gruß stockcarpilot
     
  10. AdMan

    Es ist generell erstmal empfehlenswert alle ggf. veralteten oder fehlerhaften Treiber zu scannen und auf neue zu aktualisieren. Hier kannst du einen Treiber-Scanner downloaden. Das erspart oftmals viel Ärger und hilft gegen diverse Probleme.
    Registrieren bzw. einloggen, um diese und auch andere Anzeigen zu deaktivieren.
  11. #9 TIPower, 11.11.2008
    TIPower

    TIPower Erfahrener Benutzer

    Dabei seit:
    26.03.2008
    Beiträge:
    2.200
    Zustimmungen:
    0
    Ich habe das schon drauf gehabt , aber das war nach 10 Tagen nervig dann musste ich immer warten weil da immer werbung von kaufen kam.

    Also habe ich von www.computerguard.de
     
  12. #10 stockcarpilot, 11.11.2008
    stockcarpilot

    stockcarpilot
    Moderator

    Dabei seit:
    20.06.2008
    Beiträge:
    4.123
    Zustimmungen:
    6
    Ort:
    NRW
    Hallo

    Wenn ich surfe benutze ich den Firefox. Auf Seiten die vielleicht nicht "ganz ungefährlich sind" Sandboxie.
    Mich nervt auch ein wenig die 10 sek. Wartezeit. Aber da ich ihn nicht so oft benutze kann ich es verschmerzen.

    Gruß stockcarpilot
     
Thema:

PRJ Downloader

Die Seite wird geladen...

PRJ Downloader - Ähnliche Themen

  1. Trotz voll verfügbarer Internetleitung, kann ich nur noch sehr langsam surfen. Download funzt aber..

    Trotz voll verfügbarer Internetleitung, kann ich nur noch sehr langsam surfen. Download funzt aber..: Abend. Bin nu am Ende meiner Geduld und würde gerne Wissen woran das liegen kann das meine Internetleitung bei allen Speedtest als verfügbar...
  2. Download Link zum Updaten WIN 7 WIN 8.1

    Download Link zum Updaten WIN 7 WIN 8.1: Hier ein guter Link zum Update auf WIN 19 http://www.microsoft.com/en-us/software-download/windows10 emmes
  3. Seitenaufbau und Download Probleme!

    Seitenaufbau und Download Probleme!: Hallo Liebe Pc Gemeinde (oder wie man euch nennt :D) Ich habe folgendes Problem. Seit Donnerstag den 07.05.2015, habe ich Probleme eine Browser...
  4. Download Key Windows 8.1 Pro

    Download Key Windows 8.1 Pro: Hallo, ich würde mir gerne einen Key für Windows 8.1 Pro online kaufen. Leider kenne ich mich überhaupt nicht so gut aus.... Ich habe diese Seite...
  5. High-Ping bei Download & Surfen.

    High-Ping bei Download & Surfen.: Hallo, Ich bin total am verzweifeln und hoffe ihr könnt mir hier helfen :| Undzwar: Ich habe seit ca. Februar totale Internetprobleme, das...