| |
| |||||||
Log-Analyse und Auswertung: Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fälWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.08.2011, 21:43
| #1 |
 |  Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Hallo zusammen ! Seit einigen Stunden werde ich immer wenn ich etwas Google und einen Link anklicke über eine Seite auf eine Werbeseite umgeleitet ... wenn ich zurück gehe und den Link noch einmal öffne funktioniert alles einwandfrei ! Ausserdem sind das Sicherheitscenter und der Windows Defender deaktiviert und lassen sich auch nicht mehr aktivieren (resp sie lassen sich schon, sobald ich sie jedoch wieder aufrufe sind sie wieder deaktiviert o.0 ) Was ich auch bemerkt habe ist dass als ich zum Beispiel Skype aktualisiert habe kam die Meldung dass die Webseite mehrer Dateien downloaden möchte und ob ich das zulassen wolle, was ich natürrlich verneint habe ! Allerdings beunruhigt mich das, da Skype doch eigentlich vertrauenswürdig sein sollte !! ? Die Werbungssache ist eigentlich nur nervig .. was mich schon eher beunruhigt ist die Deaktivierung von Sicherheitscenter und windows Defender (welcher ausserdem weder in der Systemsteuerung noch in "programme und Funktionen" zu finden ist ... ) da ich somit nichts mehr (einigermassen) sicher downloaden kann ... Ausserdem hat mein Antivirprogramm in diesen 3 h schon 4 Malwares gefunden (obwohl ich nicht gedownloadet habe) und blockiert ... Bitte um Hilfe !! Bin verzweifelt ... habe alles schon gescannt und weiss jetzt nicht was machen :'(( Ich hänge die Text Dateien an Danke für die Hilfe  PS: Sry dass so viele Dateien angehängt sind ... habe es nicht besser hinbekommen ( höchsten 97,7 MB)  |
|
16.08.2011, 13:38
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!
__________________ |
|
16.08.2011, 19:02
| #3 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Danke für die schnelle antwort
__________________ Habe Antimalware laufen gelassen hat nichts gefunden ... habe dann allerdings bemerkt dass sie nicht auf dem aktuellsten Stand war ...  Nun ja ... habe sie aktualisiert und bin im Mom am scannen ... habe jedoch scho mit OTL gescannt und auch das Defogger laufen lassen ... hänge die beiden Dateien mal an |
|
16.08.2011, 19:06
| #4 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Der erste Teil von der OTL Code:
ATTFilter OTL logfile created on: 16.08.2011 20:39:30 - Run 2 OTL by OldTimer - Version 3.2.26.2 Folder = C:\Users\Daniel Chvojan\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 5,99 Gb Total Physical Memory | 3,67 Gb Available Physical Memory | 61,30% Memory free 11,98 Gb Paging File | 9,43 Gb Available in Paging File | 78,72% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 279,21 Gb Total Space | 199,69 Gb Free Space | 71,52% Space Free | Partition Type: NTFS Drive D: | 298,09 Gb Total Space | 149,98 Gb Free Space | 50,31% Space Free | Partition Type: NTFS Drive E: | 18,59 Gb Total Space | 3,00 Gb Free Space | 16,16% Space Free | Partition Type: NTFS Drive F: | 99,34 Mb Total Space | 92,75 Mb Free Space | 93,37% Space Free | Partition Type: FAT32 Computer Name: DANIELCHVOJAN | User Name: Daniel Chvojan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe PRC - [2011.07.06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.06.29 09:42:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.30 19:15:09 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2010.11.05 18:37:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2009.12.01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe PRC - [2009.12.01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe PRC - [2009.10.06 23:57:00 | 000,296,360 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe PRC - [2009.10.06 23:57:00 | 000,169,376 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe PRC - [2009.10.06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe PRC - [2009.10.06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe PRC - [2009.08.25 19:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2006.10.05 12:37:04 | 000,061,440 | ---- | M] (Sigmatel) -- C:\Windows\system\w98eject.exe ========== Modules (SafeList) ========== MOD - [2011.08.15 18:55:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll MOD - [2011.08.15 18:20:53 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll MOD - [2011.08.15 18:20:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll MOD - [2011.08.15 18:20:32 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll MOD - [2011.08.15 18:20:21 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll MOD - [2011.08.15 18:20:04 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll MOD - [2011.08.15 18:19:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll MOD - [2011.08.15 18:19:53 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll MOD - [2011.08.15 18:19:52 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll MOD - [2011.08.15 18:19:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll MOD - [2011.08.15 18:19:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll MOD - [2011.08.15 18:19:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll MOD - [2011.08.15 18:19:29 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll MOD - [2011.08.15 18:19:24 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll MOD - [2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll MOD - [2011.08.06 04:20:06 | 009,075,768 | ---- | M] (The ICU Project) -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\icudt.dll MOD - [2011.08.06 04:20:00 | 026,362,424 | ---- | M] (Google Inc.) -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\chrome.dll MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll MOD - [2011.07.06 19:52:40 | 002,224,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll MOD - [2011.07.06 19:52:40 | 000,521,264 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll MOD - [2011.07.06 19:52:40 | 000,174,128 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll MOD - [2011.07.06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe MOD - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe MOD - [2011.06.29 09:42:30 | 002,589,544 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll MOD - [2011.06.29 09:42:30 | 000,873,832 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll MOD - [2011.06.29 09:42:30 | 000,446,312 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll MOD - [2011.06.29 09:42:30 | 000,304,488 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll MOD - [2011.06.29 09:42:30 | 000,290,664 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll MOD - [2011.06.29 09:42:30 | 000,174,440 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll MOD - [2011.06.29 09:42:30 | 000,121,704 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll MOD - [2011.06.15 20:30:25 | 000,063,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL MOD - [2011.06.15 20:30:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MOD - [2011.06.15 20:30:06 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll MOD - [2011.06.15 20:30:06 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll MOD - [2011.06.15 20:26:51 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll MOD - [2011.06.15 20:26:51 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll MOD - [2011.06.01 10:16:54 | 000,496,976 | ---- | M] (vbAccelerator) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx MOD - [2011.05.24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll MOD - [2011.05.03 21:26:49 | 001,740,800 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll MOD - [2011.05.03 21:26:49 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll MOD - [2011.05.03 21:26:49 | 000,452,608 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll MOD - [2011.05.03 21:26:49 | 000,432,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll MOD - [2011.05.03 21:26:49 | 000,142,848 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll MOD - [2011.05.03 21:26:49 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll MOD - [2011.05.03 21:26:49 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll MOD - [2011.05.03 21:26:49 | 000,092,160 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll MOD - [2011.05.03 21:26:49 | 000,086,016 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll MOD - [2011.05.03 21:26:49 | 000,053,248 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll MOD - [2011.05.03 21:26:49 | 000,051,712 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll MOD - [2011.05.03 21:26:49 | 000,013,312 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll MOD - [2011.05.03 21:26:48 | 003,266,560 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll MOD - [2011.05.03 21:26:48 | 000,958,464 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll MOD - [2011.05.03 21:26:48 | 000,531,456 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll MOD - [2011.05.03 21:26:48 | 000,358,912 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll MOD - [2011.05.03 21:26:48 | 000,257,024 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll MOD - [2011.05.03 21:26:48 | 000,212,992 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll MOD - [2011.05.03 21:26:48 | 000,094,208 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll MOD - [2011.05.03 21:26:47 | 002,863,616 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll MOD - [2011.05.03 21:26:47 | 002,186,752 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll MOD - [2011.05.03 21:26:47 | 000,777,216 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll MOD - [2011.05.03 21:26:47 | 000,529,408 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll MOD - [2011.05.03 21:26:47 | 000,379,904 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll MOD - [2011.05.03 21:26:47 | 000,256,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll MOD - [2011.05.03 21:26:46 | 003,234,816 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll MOD - [2011.05.03 21:26:46 | 001,577,984 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll MOD - [2011.05.03 21:26:45 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.05.03 21:26:45 | 000,832,000 | ---- | M] (Oracle) -- C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll MOD - [2011.05.03 21:26:45 | 000,287,232 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll MOD - [2011.05.03 21:26:45 | 000,083,968 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll MOD - [2011.05.03 21:26:45 | 000,024,064 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll MOD - [2011.05.03 21:26:44 | 013,914,112 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll MOD - [2011.05.03 21:26:44 | 001,317,376 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll MOD - [2011.05.03 21:26:44 | 001,071,616 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll MOD - [2011.05.03 21:26:44 | 000,951,296 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll MOD - [2011.05.03 21:26:44 | 000,066,560 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll MOD - [2011.05.03 21:26:44 | 000,029,184 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll MOD - [2011.05.03 21:26:44 | 000,026,112 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll MOD - [2011.05.03 21:26:43 | 001,649,152 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll MOD - [2011.05.03 21:26:43 | 000,869,888 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll MOD - [2011.05.03 21:26:43 | 000,311,296 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll MOD - [2011.05.03 21:26:42 | 001,033,728 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll MOD - [2011.05.03 21:26:42 | 000,700,928 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll MOD - [2011.05.03 21:26:42 | 000,396,800 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll MOD - [2011.05.03 21:26:42 | 000,148,480 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll MOD - [2011.05.03 21:26:42 | 000,135,680 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll MOD - [2011.04.30 19:15:09 | 000,039,784 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll MOD - [2011.03.30 00:33:49 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MOD - [2011.03.30 00:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MOD - [2011.03.21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe MOD - [2011.03.11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll MOD - [2011.03.11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll MOD - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe MOD - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin MOD - [2010.11.20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll MOD - [2010.11.20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll MOD - [2010.11.20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll MOD - [2010.11.20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll MOD - [2010.11.20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll MOD - [2010.11.20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll MOD - [2010.11.20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll MOD - [2010.11.20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll MOD - [2010.11.20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll MOD - [2010.11.20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll MOD - [2010.11.20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll MOD - [2010.11.20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll MOD - [2010.11.20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll MOD - [2010.11.20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll MOD - [2010.11.20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll MOD - [2010.11.20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL MOD - [2010.11.20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll MOD - [2010.11.20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL MOD - [2010.11.20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll MOD - [2010.11.20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll MOD - [2010.11.20 14:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll MOD - [2010.11.20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll MOD - [2010.11.20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll MOD - [2010.11.20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll MOD - [2010.11.20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll MOD - [2010.11.20 14:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MOD - [2010.11.20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll MOD - [2010.11.19 12:42:42 | 000,083,456 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.11.05 18:37:31 | 000,288,616 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll MOD - [2010.11.05 18:37:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2010.11.05 03:57:40 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll MOD - [2010.11.05 03:53:31 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll MOD - [2010.03.03 12:22:52 | 000,025,448 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll MOD - [2010.02.25 11:07:11 | 000,054,120 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll MOD - [2010.02.24 03:07:06 | 000,101,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll MOD - [2010.02.22 11:56:14 | 000,092,520 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll MOD - [2010.02.19 13:30:01 | 000,062,312 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll MOD - [2010.01.26 14:12:06 | 000,025,448 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll MOD - [2010.01.14 11:59:43 | 000,008,552 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll MOD - [2010.01.14 11:59:43 | 000,005,480 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll MOD - [2010.01.14 11:59:42 | 000,005,480 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll MOD - [2010.01.09 08:10:58 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll MOD - [2009.12.14 16:24:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll MOD - [2009.12.01 13:37:48 | 000,674,880 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOCache.dll MOD - [2009.12.01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll MOD - [2009.12.01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll MOD - [2009.12.01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe MOD - [2009.12.01 13:37:46 | 000,334,912 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DPFPApi.dll MOD - [2009.12.01 13:37:46 | 000,240,704 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DpClback.dll MOD - [2009.11.29 19:20:40 | 007,716,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll MOD - [2009.10.16 21:47:40 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MFC71.dll MOD - [2009.10.06 23:57:08 | 004,838,776 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\PCMRRec4.dll MOD - [2009.10.06 23:57:02 | 000,279,976 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll MOD - [2009.10.06 23:57:02 | 000,259,488 | ---- | M] (Cyberlink) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll MOD - [2009.10.06 23:57:02 | 000,120,232 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll MOD - [2009.10.06 23:57:02 | 000,038,184 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapSvcps.dll MOD - [2009.10.06 23:57:00 | 000,464,168 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll MOD - [2009.10.06 23:56:58 | 000,062,832 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll MOD - [2009.10.06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe MOD - [2009.10.06 23:56:44 | 000,066,856 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll MOD - [2009.10.06 23:56:40 | 000,075,048 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\Common\CLRCEngine3.dll MOD - [2009.10.06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe MOD - [2009.10.06 00:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll MOD - [2009.09.29 16:25:56 | 002,359,296 | ---- | M] (HP) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll MOD - [2009.09.29 16:25:52 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CeeWriter.dll MOD - [2009.09.29 16:25:50 | 000,253,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll MOD - [2009.09.29 16:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2009.09.29 16:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2009.09.29 16:25:42 | 000,143,360 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll MOD - [2009.09.29 16:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2009.09.29 16:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2009.09.29 16:25:38 | 000,032,768 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll MOD - [2009.09.29 16:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2009.09.29 16:25:36 | 000,032,768 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll MOD - [2009.09.29 16:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2009.09.29 16:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2009.09.29 16:25:22 | 000,147,456 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll MOD - [2009.09.29 16:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll MOD - [2009.09.29 16:25:06 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll MOD - [2009.09.17 15:54:48 | 000,161,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll MOD - [2009.09.17 15:54:48 | 000,079,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll MOD - [2009.09.17 15:54:46 | 000,064,352 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.ObjectBuilder.dll MOD - [2009.08.25 19:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe MOD - [2009.08.20 13:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2009.08.20 13:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2009.08.20 13:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009.07.21 13:22:24 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll MOD - [2009.07.15 12:18:18 | 000,359,992 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll MOD - [2009.07.14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll MOD - [2009.07.14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll MOD - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll MOD - [2009.07.14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL MOD - [2009.07.14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll MOD - [2009.07.14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll MOD - [2009.07.14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll MOD - [2009.07.14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll MOD - [2009.07.14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll MOD - [2009.07.14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll MOD - [2009.07.14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll MOD - [2009.07.14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll MOD - [2009.07.14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll MOD - [2009.07.14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll MOD - [2009.07.14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll MOD - [2009.07.14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvbvm60.dll MOD - [2009.07.14 03:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll MOD - [2009.07.14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll MOD - [2009.07.14 03:15:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctfui.dll MOD - [2009.07.14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll MOD - [2009.07.14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll MOD - [2009.07.14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll MOD - [2009.07.14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll MOD - [2009.07.14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll MOD - [2009.07.14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll MOD - [2009.07.14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll MOD - [2009.07.14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll MOD - [2009.07.14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll MOD - [2009.07.14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll MOD - [2009.07.14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll MOD - [2009.07.14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll MOD - [2009.07.14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll MOD - [2009.07.14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll MOD - [2009.07.14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll MOD - [2009.07.14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll MOD - [2009.07.14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll MOD - [2009.07.14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll MOD - [2009.07.14 03:14:53 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advpack.dll MOD - [2009.07.14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll MOD - [2009.07.14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll MOD - [2009.06.10 23:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll MOD - [2009.06.10 23:14:57 | 000,778,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PresentationNative_v0300.dll MOD - [2006.10.05 12:37:04 | 000,061,440 | ---- | M] (Sigmatel) -- C:\Windows\system\w98eject.exe MOD - [2006.10.04 09:22:02 | 000,040,960 | ---- | M] (vbAccelerator) -- C:\Windows\SysWOW64\SSubTmr6.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.10.21 09:35:26 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe -- (STacSV) SRV:64bit: - [2009.07.08 14:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe -- (AESTFilters) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.29 09:42:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.04.30 19:15:09 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.12.01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost) SRV - [2009.10.06 23:57:00 | 000,296,360 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2009.10.06 23:57:00 | 000,169,376 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2009.09.04 14:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.02.22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc) SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== Geändert von Eag (16.08.2011 um 20:02 Uhr) |
|
16.08.2011, 19:51
| #5 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Und Teil 2 Code:
ATTFilter ========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.29 09:42:30 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.29 09:42:30 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.13 15:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.20 13:19:55 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.03.20 13:19:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.01.13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.10.21 09:35:26 | 000,501,760 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.10.03 05:58:12 | 000,258,560 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.09.17 22:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.09.17 22:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.09.17 22:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.09.17 22:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.09.03 16:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009.08.22 11:54:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.08.15 08:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.08.08 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.08 14:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009.07.08 14:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009.06.29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 08:32:52 | 000,311,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2009.04.29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.10.16 21:47:06 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/24 01:43:16] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://hp.ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A CA 50 4D 1F DF CA 01 [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel Chvojan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel Chvojan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.04.25 19:11:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2010.04.25 19:11:11 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Programme\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [C:\Free Video Zilla\FVZilla.exe] File not found
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [Realtime Audio Engine] File not found
O4 - Startup: C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.253
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) - File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.08.16 18:26:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{DF2D4E15-C6D0-4391-A196-ED63CD07F733}
[2011.08.16 18:26:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{20A3358D-527B-40C4-86EC-90E3BBCEAF41}
[2011.08.15 18:17:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{AF67E1D8-04AA-4D70-A97E-48D55D892A06}
[2011.08.15 18:16:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{1165376B-8330-4544-A856-884B62B0B0E5}
[2011.08.15 18:16:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{023FC94C-71C3-48D5-AE03-B0A5048CB350}
[2011.08.14 23:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011.08.14 23:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.08.14 22:04:10 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.08.14 22:04:10 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.08.14 22:04:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.08.14 22:04:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.08.14 21:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.14 21:55:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.08.14 21:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.08.14 21:35:32 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
[2011.08.14 21:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.14 21:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.14 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Omnifone_Ltd
[2011.08.14 18:42:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.08.14 18:41:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\newfolder3
[2011.08.14 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2011.08.14 18:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2011.08.14 18:41:35 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Downloaded Installations
[2011.08.14 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011.08.14 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011.08.14 18:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.08.14 12:50:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D492034D-212F-42D0-B9C1-DF14FC8D2E9D}
[2011.08.14 12:50:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{EB73D160-3DAA-4619-9534-940AFC568B06}
[2011.08.13 18:37:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{752D3C07-5549-47D0-AE56-47A7DAD26C80}
[2011.08.13 11:16:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6578D1DC-9D86-41EF-8FBF-48CFFA87031F}
[2011.08.12 22:45:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{1CACA662-C22C-47FC-9B50-10081CC50EDE}
[2011.08.12 22:45:01 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{261888C5-6C5F-47D4-97B9-13B14BF465A5}
[2011.08.12 12:31:25 | 000,000,000 | ---D | C] -- C:\output
[2011.08.12 12:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FixFoto
[2011.08.12 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\FixFoto
[2011.08.12 12:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixFoto
[2011.08.12 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{10F95A60-8CE3-43C8-8DAB-D574B744876E}
[2011.08.12 10:44:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A1F417E2-EAC9-4F9E-B893-99E744FD55C9}
[2011.08.11 10:21:03 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.11 10:21:03 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.11 10:21:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.11 10:21:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.11 10:21:03 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.11 10:21:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.11 10:21:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.11 10:21:03 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.11 10:21:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.11 10:20:53 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.11 10:20:53 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.11 10:20:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.11 10:20:53 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.11 10:20:53 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.11 10:20:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.11 10:20:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.11 10:20:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.11 10:20:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.11 10:20:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.11 10:20:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.11 10:20:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.11 10:20:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.11 10:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.11 10:20:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.11 10:20:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.11 10:20:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.11 10:20:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.11 10:20:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.11 10:20:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.11 10:20:34 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.08.11 10:20:34 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.08.11 10:20:33 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.11 10:20:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.11 10:20:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.11 10:20:32 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.11 10:20:32 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.11 10:20:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.11 10:20:25 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.11 10:20:25 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.11 10:20:24 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.11 10:17:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{52253305-ECBF-4D23-8A6D-AF60B0D0A83A}
[2011.08.11 10:17:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0B5EFCF8-B6C6-435F-833F-02ED5C23A123}
[2011.08.10 17:14:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{34BD6B10-2948-4182-BD4F-1C9C92CD0721}
[2011.08.10 17:13:57 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{41FBE14E-F58A-4D2D-8747-779BF8E1A211}
[2011.08.10 10:17:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.08.10 10:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2011.08.10 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SamLogic CD-Menu Creator 2010
[2011.08.10 10:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamLogic
[2011.08.10 10:07:55 | 000,037,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\VIREG32.EXE
[2011.08.10 10:01:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{2898E3F5-D3E1-42AB-BA30-DDF71D8028E0}
[2011.08.09 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Jens Lorek
[2011.08.09 22:52:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\TubeBox!
[2011.08.09 22:52:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\TubeBox
[2011.08.09 22:51:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!
[2011.08.09 22:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jens Lorek
[2011.08.09 21:53:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Eigene Dateien
[2011.08.09 17:10:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Autoplay
[2011.08.09 17:10:39 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx
[2011.08.09 17:10:39 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2011.08.09 17:10:39 | 000,057,344 | ---- | C] (GalloSoft) -- C:\Windows\SysWow64\GraphicalMenu.ocx
[2011.08.09 17:10:38 | 000,339,968 | ---- | C] (Arafasoft hxxp://www.arafasoft.com/) -- C:\Windows\SysWow64\Asimcr.ocx
[2011.08.09 17:10:38 | 000,046,080 | ---- | C] (Microsoft Corp) -- C:\Windows\SysWow64\MCIWNDX.OCX
[2011.08.09 13:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011.08.09 11:39:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{03A5DB27-77BA-458E-A124-C6B6770F4F12}
[2011.08.09 11:39:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{CEF150B4-8A32-4283-A41B-F18E97D826F7}
[2011.08.09 11:39:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B0930E95-1B80-42A0-A483-A6877CC8C5D4}
[2011.08.08 10:13:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6C1711EA-6840-437F-9A2D-DD0085131E6E}
[2011.08.08 10:13:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{DE162A56-704F-4BF0-8CD4-6DFA0A9709AB}
[2011.08.07 17:38:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.08.07 17:36:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D7525202-756B-4D97-88FB-4D869D0D5F03}
[2011.08.07 16:11:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{BA730CFF-3851-4ED6-A7D8-F2D950F60CA5}
[2011.08.07 16:09:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B46866C7-7168-49CA-9C63-AF3C4C8A7D17}
[2011.08.07 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{03985C4D-05C3-4F6F-8B2E-A54E6C03C7C5}
[2011.08.07 12:23:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{BDB3B849-7100-4DEF-B1F6-4DC05996E8CF}
[2011.08.07 12:23:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6D9151A7-40B3-4A6C-B793-355F00077809}
[2011.08.06 17:19:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Downloads
[2011.08.06 12:50:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D14360B9-2F24-48A3-9F73-5BA28B7E9516}
[2011.08.05 13:34:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{C4C904CC-44B4-434A-A807-7F599047A929}
[2011.08.05 13:34:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B500821D-86F9-4BDF-824F-9643ABFF112D}
[2011.08.05 12:25:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Musik
[2011.08.05 12:22:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{AC854A95-2EC2-425A-B550-2F6FEAE2CF6E}
[2011.08.04 14:49:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{FF98D455-6088-4B9A-83B7-306641995273}
[2011.08.04 14:49:38 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{854CB2C6-840D-4516-8407-F8657F3DDEA2}
[2011.08.04 14:49:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{C3F764DD-0A3E-41EC-8DAC-0FADA5ABC855}
[2011.08.03 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0626EC51-541C-4B9E-9D4A-65D27C107FA1}
[2011.08.03 09:50:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{80EB4210-E61A-43B9-A49E-D6E1A1B1227D}
[2011.08.02 13:32:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{E6713FC3-79B8-4070-B58C-A85844AA51CB}
[2011.08.02 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B4D23319-1F09-4F0F-AECB-F9F3FE31189D}
[2011.08.01 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D95CFBC1-48DF-45FD-B23B-E3CF22F1760A}
[2011.08.01 19:32:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{67B1AAFE-1999-422D-BA90-841C3C859C7B}
[2011.07.31 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\GetRightToGo
[2011.07.31 17:28:24 | 000,856,064 | ---- | C] (Essien Research & Development) -- C:\Windows\SysWow64\mpgfiltr.ax
[2011.07.31 17:28:24 | 000,245,760 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\VideoEdit.ocx
[2011.07.31 17:28:24 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2011.07.31 17:28:24 | 000,147,456 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\viscomqtenc.dll
[2011.07.31 17:28:24 | 000,110,592 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomaudioencoder.dll
[2011.07.31 17:28:24 | 000,098,304 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\viscomtran.dll
[2011.07.31 17:28:24 | 000,090,112 | ---- | C] (L544⑩ Technology) -- C:\Windows\SysWow64\viscomframe.dll
[2011.07.31 17:28:24 | 000,081,920 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomwave.dll
[2011.07.31 17:28:23 | 001,703,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2011.07.31 17:28:23 | 000,221,184 | ---- | C] (Veign Chris Hanscom Http://www.veign.com) -- C:\Windows\SysWow64\JwldButn2b.ocx
[2011.07.31 17:28:23 | 000,200,704 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalExpBar6.ocx
[2011.07.31 17:28:23 | 000,094,208 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomaudiodata.dll
[2011.07.31 17:28:23 | 000,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalIml6.ocx
[2011.07.31 17:28:23 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\SSubTmr6.dll
[2011.07.31 16:49:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\avidemux
[2011.07.31 10:00:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Windows Live Writer
[2011.07.31 10:00:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Windows Live Writer
[2011.07.31 09:59:57 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{F34C2996-F9A5-4641-A754-A1FC5013C6B2}
[2011.07.31 09:59:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{4552A368-7AFD-443E-B505-CE7F932E452E}
[2011.07.31 09:59:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0AC5F78C-3731-4C3D-AA31-1F7608181D57}
[2011.07.31 00:07:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Ulead Systems
[2011.07.30 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Media Player Classic
[2011.07.30 16:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.07.30 16:29:48 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.07.30 16:29:48 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2011.07.30 16:29:48 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011.07.30 16:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.07.30 15:28:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Filme
[2011.07.30 14:29:10 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.07.30 13:57:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vRevealR 2.0 Crack installer
[2011.07.30 13:19:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Malwarebytes
[2011.07.30 13:18:59 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.30 13:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.30 13:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.30 13:18:55 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.30 13:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.30 12:54:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\MotionDSP
[2011.07.30 12:54:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\MotionDSP
[2011.07.30 12:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vReveal 3
[2011.07.30 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\MOVAVI
[2011.07.30 12:28:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{27E9C0AD-46DA-48B3-AC3B-52A68FCB0F4B}
[2011.07.30 12:28:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{40BFB819-55FE-4125-9025-AC1B3D110D20}
[2011.07.29 12:00:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My PSP Files
[2011.07.29 12:00:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Corel
[2011.07.29 11:43:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{9CC1540C-69A6-4EA2-B7DB-9E99A01A77B5}
[2011.07.29 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{5651D530-BC01-4D95-B6DA-4199029B8C82}
[2011.07.29 11:07:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{2853F94F-2BAC-4180-A1E3-6BF44FA5937A}
[2011.07.28 21:28:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\FVZilla
[2011.07.28 21:28:24 | 000,000,000 | ---D | C] -- C:\downloads
[2011.07.28 16:58:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Electronic Arts
[2011.07.28 16:08:06 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{14754AE2-8E78-403B-907D-AFB8290B32F3}
[2011.07.28 10:15:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{ECD82560-0107-465C-A4F5-67A73BF89E57}
[2011.07.26 10:58:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{9DCF6C72-2AAA-4D82-8046-52B942AFD6A2}
[2011.07.25 17:30:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\SKIDROW
[2011.07.25 10:58:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A5534B8A-AF0E-4B53-B1D0-D3CAB2918A66}
[2011.07.24 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Games
[2011.07.24 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\My Games
[2011.07.24 20:35:16 | 000,233,472 | ---- | C] (Immersion Corporation) -- C:\Windows\SysNative\IFC23.dll
[2011.07.24 16:02:39 | 000,000,000 | ---D | C] -- C:\VCRedist
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\miles
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\Locale
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\EULA
[2011.07.24 16:01:34 | 000,000,000 | ---D | C] -- C:\DirectX
[2011.07.24 16:01:34 | 000,000,000 | ---D | C] -- C:\Debug
[2011.07.24 15:23:56 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.07.24 15:23:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.07.24 15:23:56 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.07.24 15:23:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.07.24 15:23:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011.07.24 15:23:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.07.24 15:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sid Meier's Civilization V
[2011.07.24 14:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.07.24 14:43:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A75EDC35-376E-4D35-A49F-65EF5E924F42}
[2011.07.24 13:30:54 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.07.24 13:25:37 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011.07.24 13:17:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Windows Live
[2011.07.24 11:51:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\uTorrent
[2011.07.24 11:14:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.07.24 11:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.07.24 10:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softendo.com
[2011.07.22 14:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softendo.com
[2011.07.21 13:13:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\WICHTIG
[2011.07.21 12:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Awem
[2011.07.21 11:36:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\ElevatedDiagnostics
[2011.07.21 11:32:39 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.07.21 10:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011.07.21 10:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2011.07.21 10:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2011.07.21 09:31:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.07.20 17:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
[2011.07.20 16:19:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle Of Rome
[2011.07.20 15:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2011.07.20 12:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.07.19 15:48:46 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Awem
[2011.07.19 15:45:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle Of Rome 2
[2011.07.19 11:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Rome
[4 C:\Users\Daniel Chvojan\AppData\Local\*.tmp files -> C:\Users\Daniel Chvojan\AppData\Local\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.16 20:17:00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264936456-2933647673-22141408-1000UA.job
[2011.08.16 20:15:01 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.16 19:54:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.16 19:17:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264936456-2933647673-22141408-1000Core.job
[2011.08.16 18:32:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.16 18:32:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.16 18:25:40 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.16 18:24:19 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.08.16 18:24:13 | 000,000,334 | -HS- | M] () -- C:\Windows\tasks\jgza.job
[2011.08.16 18:24:00 | 529,690,623 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.15 21:45:23 | 000,302,592 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\qrn90wmy.exe
[2011.08.15 21:39:12 | 000,000,000 | ---- | M] () -- C:\Users\Daniel Chvojan\defogger_reenable
[2011.08.15 18:37:33 | 000,050,477 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Defogger.exe
[2011.08.14 23:08:48 | 001,662,944 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.08.14 22:57:29 | 000,410,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.08.14 22:06:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.14 22:04:07 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.08.14 22:04:07 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.08.14 22:04:07 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.08.14 22:04:07 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
[2011.08.14 21:27:03 | 000,231,828 | ---- | M] () -- C:\Users\Daniel Chvojan\Documents\cc_20110814_212642.reg
[2011.08.14 21:09:45 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.14 20:51:08 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.14 20:51:08 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.14 20:51:08 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.14 20:51:08 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.14 20:51:08 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.14 18:53:15 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011.08.14 18:53:15 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011.08.14 18:41:42 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2011.08.14 18:41:40 | 000,000,228 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2011.08.12 12:22:00 | 000,000,912 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\FixFoto.lnk
[2011.08.10 10:17:57 | 000,002,662 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Google Chrome.lnk
[2011.08.10 10:17:20 | 000,001,245 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Ashampoo MyAutoplay Menu.lnk
[2011.08.09 21:39:02 | 000,012,165 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1_navi.JPG
[2011.08.09 21:38:58 | 000,046,349 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.0
[2011.08.09 21:38:58 | 000,025,069 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.JPG
[2011.08.03 15:01:32 | 000,016,603 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\WIEHNACHTE.odt
[2011.07.31 17:32:49 | 000,008,704 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.30 13:18:59 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.30 13:02:07 | 000,063,488 | RHS- | M] () -- C:\Windows\SysWow64\cmmon32O.dll
[2011.07.30 12:42:54 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011.07.30 12:42:54 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011.07.30 12:42:50 | 000,005,117 | ---- | M] () -- C:\ProgramData\hvcatrnw.tht
[2011.07.24 17:41:12 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
[2011.07.22 15:20:08 | 000,000,052 | ---- | M] () -- C:\Windows\mafosav.INI
[2011.07.22 10:00:00 | 000,074,752 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.22 10:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2011.07.21 10:01:17 | 000,126,464 | ---- | M] (AlcaTech) -- C:\Windows\SysWow64\Setup.dll
[4 C:\Users\Daniel Chvojan\AppData\Local\*.tmp files -> C:\Users\Daniel Chvojan\AppData\Local\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.15 21:45:26 | 000,302,592 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\qrn90wmy.exe
[2011.08.15 21:37:04 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\defogger_reenable
[2011.08.15 18:37:36 | 000,050,477 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\Defogger.exe
[2011.08.14 23:08:41 | 001,662,944 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.08.14 21:54:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.08.14 21:26:44 | 000,231,828 | ---- | C] () -- C:\Users\Daniel Chvojan\Documents\cc_20110814_212642.reg
[2011.08.14 21:09:45 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.14 18:41:42 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011.08.14 18:41:40 | 000,000,228 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2011.08.12 12:22:00 | 000,000,912 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\FixFoto.lnk
[2011.08.10 10:17:20 | 000,001,245 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\Ashampoo MyAutoplay Menu.lnk
[2011.08.09 21:39:02 | 000,012,165 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1_navi.JPG
[2011.08.09 21:38:58 | 000,046,349 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.0
[2011.08.09 21:38:58 | 000,025,069 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.JPG
[2011.08.06 15:59:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2011.08.03 10:54:45 | 000,016,603 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\WIEHNACHTE.odt
[2011.07.31 17:28:24 | 000,598,016 | ---- | C] () -- C:\Windows\SysWow64\viscomqtde.dll
[2011.07.31 17:00:55 | 002,669,056 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\VirtualDub.exe
[2011.07.30 16:29:50 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.07.30 16:29:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.07.30 16:29:47 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.07.30 16:29:47 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.07.30 16:29:47 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.30 13:18:59 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.30 13:02:08 | 000,000,334 | -HS- | C] () -- C:\Windows\tasks\jgza.job
[2011.07.30 13:02:07 | 000,063,488 | RHS- | C] () -- C:\Windows\SysWow64\cmmon32O.dll
[2011.07.30 12:42:54 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2011.07.30 12:42:54 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011.07.30 12:42:50 | 000,005,117 | ---- | C] () -- C:\ProgramData\hvcatrnw.tht
[2011.07.24 17:41:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011.07.24 13:28:39 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.07.24 13:28:17 | 000,001,339 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.07.24 13:27:45 | 000,001,423 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011.07.24 13:27:15 | 000,002,451 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011.07.22 14:28:41 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.07.16 18:49:26 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2011.07.16 18:49:26 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2011.07.16 18:49:25 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011.07.14 22:12:52 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{AF367AAD-0A72-41BD-923E-4207CF4DF079}
[2011.07.06 22:51:01 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{DD969EB8-D537-4D37-A1AF-A69ED710ACF5}
[2011.06.29 22:48:08 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{5E7A5561-9A16-4949-B819-4A61845B083C}
[2011.06.29 22:46:32 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{D132C775-0C7A-44F6-A529-596C9C214141}
[2011.03.31 13:52:59 | 000,051,421 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpSNAPSHOT_20110331_8.JPG
[2011.03.03 21:13:25 | 000,096,151 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO (1).JPG
[2011.02.23 11:22:04 | 000,028,748 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\UserTile.png
[2011.02.04 22:31:43 | 000,688,188 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0089.JPG
[2011.01.01 20:58:30 | 000,454,460 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0013.0
[2011.01.01 20:58:30 | 000,158,946 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0013.JPG
[2011.01.01 20:58:13 | 000,246,402 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0043.JPG
[2011.01.01 20:58:12 | 000,603,861 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0043.0
[2010.11.10 10:06:53 | 000,925,028 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpP1000730.JPG
[2010.10.31 21:29:10 | 000,034,805 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpSNAPSHOT_20101031.JPG
[2010.10.10 13:39:38 | 007,655,189 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBIROCHÈRE-PANORAMA.JPG
[2010.09.23 21:19:45 | 000,006,862 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\.freeciv-client-rc-2.2
[2010.09.21 13:41:51 | 000,153,712 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS.JPG
[2010.09.21 13:41:14 | 000,014,994 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS_CROP.JPG
[2010.09.21 13:41:14 | 000,014,799 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS_CROP.0
[2010.09.10 15:27:05 | 000,117,081 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpELI ZUM BEARBEITE ;P.JPG
[2010.09.04 14:47:44 | 000,298,869 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO01_002_CROP_CROP.JPG
[2010.09.04 14:43:33 | 000,393,738 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO.JPG
[2010.09.04 14:41:17 | 001,163,138 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO01_002.JPG
[2010.08.08 16:47:52 | 000,000,846 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\wklnhst.dat
[2010.08.02 21:01:32 | 000,368,276 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO 0079.JPG
[2010.08.02 21:01:07 | 000,494,767 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO 0079.0
[2010.08.02 14:23:11 | 000,208,885 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpPLAYMATE_MONTAG_GROSS_1.JPG
[2010.08.02 14:17:58 | 000,122,242 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBILD0625[1].JPG
[2010.08.02 14:11:21 | 000,117,081 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBILD0606.JPG
[2010.07.01 21:28:53 | 000,448,718 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpIMG_8226.JPG
[2010.06.30 18:38:10 | 000,518,252 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpIMG_8216.JPG
[2010.04.25 19:05:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.04.21 19:18:29 | 000,008,704 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.28 17:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2010.02.24 03:00:42 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2010.02.24 03:00:42 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2010.02.24 03:00:42 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2010.02.24 03:00:42 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2010.02.24 03:00:42 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2010.02.24 03:00:42 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2010.02.24 02:25:51 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010.02.24 02:25:51 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010.01.09 01:27:54 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009.09.29 16:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== Alternate Data Streams ==========
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2E65951B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:890CC2F3
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A5B56640
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2
< End of report >
Geändert von Eag (16.08.2011 um 20:04 Uhr) |
|
16.08.2011, 20:10
| #6 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Hier die Ergebnisse von Malwarebytes ' Anti- Maleware ... nun ja Ergebnisse sind es ja nicht unbedingt Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7480
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
16.08.2011 20:54:49
mbam-log-2011-08-16 (20-54-49).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 402014
Laufzeit: 56 Minute(n), 26 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
16.08.2011, 20:13
| #7 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl ach ja ... der letzte Malwarebytes der was gefunden hat ... als es angefangen hat ... als ich es entfernt habe haben die Symptome im Internet aufgehört ... allerdings lässt sich das Sicherheitscenter immer noch nicht aktivieren ... :S Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7441
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14.08.2011 13:46:50
mbam-log-2011-08-14 (13-46-50).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 174487
Laufzeit: 2 Minute(n), 18 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\ZU6RKI1ONY (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
16.08.2011, 20:17
| #8 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Dann gibt es noch das ergebniss vom defogger ... allerdings ist es viel zu kurz und ein richtiger scan wurde auch nicht ausgeführt obwohl es in den Tipps für Hilfesuchenden (oder so ähnlich) heisst das könne einige Minuten in anspruch nehmen ... Hier mal die Datei: defogger_disable by jpshortstuff (23.02.10.1) Log created at 20:45 on 16/08/2011 (Daniel Chvojan) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- |
|
17.08.2011, 10:12
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Führe auch bitte ESET aus, danach sehen wir weiter. ESET Online Scanner
n.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.08.2011, 20:01
| #10 | |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fälZitat:
Kommt dazu ... es heisst der Defender würde weiterhin laufen ... nur in den Diensten wird er als Deaktiviert angezeigt !!! o.0 seehr speziell ( allerdings scheint er ja dann noch zu laufen was eigentlich kein schlechtes Zeichen wäre oder ?) |
|
17.08.2011, 20:04
| #11 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Oder heisst das nur das mein PC vollkommen kaputt ist ? :S Wäre es gescheiter meinen PC neu aufzusetzen ? Naja ich werde zuerst alles mögliche versuchen .. |
|
17.08.2011, 21:54
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fälZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.08.2011, 20:45
| #13 |
| | Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl Ah ja danke hat funktioniert .... konnte leider erst jetzt and den Pc ... werde den Scan mal durchführen und die Resultate sollten morgen drinnen sein ... was ich allerdings immer noch nicht ganz verstehe ist das mit dem Defender ( wieso wird angezeigt dass er läuft ? In den Diensten steht ja das Gegenteil o.0) |
|
| Themen zu Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl |
| aktivieren, aufrufe, besser, blockiert, dateien, deaktiviert, defender, downloaden, funktioniert, going on earth virus, goingonearth, goingonearth entfernen, google, hallo zusammen, klicke, link, meldung, nervig, nicht mehr, nichts, programme, programme und funktionen, seite, sicherheitscenter, systemsteuerung, umgeleitet, virus, win, windows |
Linear-Darstellung
