| |
| |||||||
Log-Analyse und Auswertung: Internet Explorer öffnet Seiten mit WerbungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.05.2010, 04:58
| #1 |
| |  Internet Explorer öffnet Seiten mit Werbung Hallo liebes Trojaner-Board, ich wende mich heute mit einer Bitte an euch mir mit folgendem Problem zu helfen: Mein Internet Explorer öffnet andauernd Seiten mit Werbung die ich zwar wieder wegklicken kann, aber es nervt. Dazu tretten noch andere komische Phänomene auf, wie zum Beispiel, dass ich nichts mehr öffnen kann mit Doppelklick. Stattdessen erscheint die Editierbox für den Namen der Datei oder des Ordners oder was auch immer. Im folgenden "arbeite" ich die Punkte ab. 1.CCleaner vollständig ausgeführt 2.Malwarebytes gibt mir folgende Logdatei: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4140 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 25.05.2010 05:42:06 mbam-log-2010-05-25 (05-42-06).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 117168 Laufzeit: 5 Minute(n), 29 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 4 Infizierte Registrierungswerte: 1 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 6 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\Florian\AppData\Local\Temp\Jxf.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully. C:\Users\Florian\downloads\Serial_RecordPad.45059.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully. C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Users\Florian\AppData\Local\Temp\Jxh.exe (Trojan.FakeAlert) -> Delete on reboot. C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. 3. Rsit konnte ich nicht verwenden aus folgendem Grund: Kostenloser Bilder Upload Service - Gratis Bilder hochladen / uploaden ohne Anmeldung Jedoch funktioniert HijackThis selber immer noch, daher kann ich ein Logfile wenn nötig nachreichen. Ich arbeite mit Win7 Enterprise 32bit Version. Ich hoffe ihr könnt mir mit meinem Problem weiterhelfen MfG Solluno =) |
|
25.05.2010, 14:10
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Internet Explorer öffnet Seiten mit Werbung Hallo und
__________________ bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
25.05.2010, 15:36
| #3 |
| | Internet Explorer öffnet Seiten mit Werbung Vielen dank für die Antwort =)
__________________Malewarebyts, Voller Scan - Log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 4140 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 25.05.2010 16:23:24 mbam-log-2010-05-25 (16-23-24).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Durchsuchte Objekte: 227824 Laufzeit: 59 Minute(n), 33 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 2 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 2 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\Users\Florian\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully. C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully. |
|
25.05.2010, 15:39
| #4 |
| | Internet Explorer öffnet Seiten mit Werbung OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.05.2010 16:25:25 - Run 1 OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Florian\Downloads Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 75,96 Gb Total Space | 23,97 Gb Free Space | 31,56% Space Free | Partition Type: NTFS Drive D: | 54,25 Gb Total Space | 18,07 Gb Free Space | 33,31% Space Free | Partition Type: FAT32 Drive E: | 18,82 Gb Total Space | 17,39 Gb Free Space | 92,41% Space Free | Partition Type: FAT32 F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded Drive I: | 596,02 Gb Total Space | 264,16 Gb Free Space | 44,32% Space Free | Partition Type: FAT32 Computer Name: FLORIAN-PC Current User Name: Florian Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files\iTunes\iTunes.exe (Apple Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\IObit\Game Booster\gbtray.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmprph.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\prevhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) ========== Modules (SafeList) ========== MOD - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (WLMS) -- C:\Windows\System32\wlms\wlms.exe (Microsoft Corporation) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.) SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys () DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV - (U6000ALL) U6000 TV Box(ALL) -- C:\Windows\System32\drivers\U6000ALL.sys () DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys () DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.) DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.) DRV - (DSDrv4) -- C:\PROGRA~2\DScaler\DSDrv4.sys () DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (Atc002) -- C:\Windows\System32\drivers\l260x86.sys (Atheros Communications, Inc.) DRV - (EIO1) -- C:\Windows\System32\drivers\EIO1.sys (ASUSTeK Computer Inc.) DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology) DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology) DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology) DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.seelensturm.com" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2 FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80 FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.08 04:39:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.24 09:48:05 | 000,000,000 | ---D | M] [2010.05.08 03:40:57 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions [2010.05.24 17:46:07 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions [2010.05.08 13:48:56 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2010.05.08 05:21:59 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66} [2010.05.08 05:24:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.05.08 05:22:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\opensearch@ask.com [2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions [2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions [2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions [2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions [2010.05.25 14:28:55 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010.05.25 14:28:55 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.05.08 04:09:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.05.08 04:09:03 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O4 - HKLM..\Run: [ Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{09ae9360-6707-11df-a19c-001e8c12810e}\Shell - "" = AutoRun O33 - MountPoints2\{09ae9360-6707-11df-a19c-001e8c12810e}\Shell\AutoRun\command - "" = H:\Set-up.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.05.25 14:31:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\skypePM [2010.05.25 14:29:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Skype [2010.05.25 14:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2010.05.25 14:28:37 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2010.05.25 14:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.05.25 05:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2010.05.25 05:49:34 | 000,000,000 | ---D | C] -- C:\rsit [2010.05.25 05:34:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes [2010.05.25 05:34:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.05.25 05:34:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.05.25 05:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010.05.25 05:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.05.25 05:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010.05.24 14:53:40 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Florian\Desktop\HiJackThis204.exe [2010.05.24 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\audacity_temp [2010.05.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Recordpad [2010.05.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Recordpad [2010.05.24 13:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound [2010.05.24 13:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software [2010.05.24 13:41:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\NCH Swift Sound [2010.05.24 10:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010.05.24 09:55:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2010.05.24 09:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010.05.24 09:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2010.05.24 09:31:51 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DAEMON Tools Lite [2010.05.24 09:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010.05.24 09:25:22 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage [2010.05.24 01:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle [2010.05.24 01:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast [2010.05.23 22:31:39 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll [2010.05.23 16:54:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Logitech [2010.05.23 16:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2010.05.23 16:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2010.05.23 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\GHISLER [2010.05.23 14:25:54 | 000,000,000 | ---D | C] -- C:\totalcmd [2010.05.23 14:25:54 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\GHISLER [2010.05.23 12:08:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2010.05.21 21:49:11 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Ulead VideoStudio SE [2010.05.21 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2010.05.21 21:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media-Komponenten [2010.05.21 21:21:00 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\mIRC [2010.05.21 21:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC [2010.05.21 18:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010.05.20 21:08:57 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DScaler4 [2010.05.20 20:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\DScaler [2010.05.20 20:19:17 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Adobe [2010.05.20 20:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.05.20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010.05.20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010.05.20 17:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mydrv [2010.05.20 16:58:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Ulead VideoStudio [2010.05.20 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Ulead Systems [2010.05.20 16:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo [2010.05.20 16:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components [2010.05.20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems [2010.05.20 16:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems [2010.05.20 16:37:15 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\SER9PL.sys [2010.05.20 16:28:19 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\MAGIX [2010.05.20 16:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared [2010.05.20 16:25:41 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe [2010.05.20 16:25:41 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll [2010.05.20 16:25:41 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll [2010.05.20 16:25:41 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll [2010.05.20 16:25:41 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll [2010.05.20 16:25:41 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll [2010.05.20 16:25:41 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll [2010.05.20 16:25:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll [2010.05.20 16:25:41 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll [2010.05.20 16:25:41 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll [2010.05.20 16:25:41 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll [2010.05.20 16:25:40 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll [2010.05.20 16:25:40 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll [2010.05.20 16:25:40 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll [2010.05.20 16:25:40 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll [2010.05.20 16:25:40 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll [2010.05.20 16:25:40 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll [2010.05.20 16:25:40 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll [2010.05.20 16:25:40 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll [2010.05.20 16:25:40 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll [2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll [2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll [2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll [2010.05.20 16:25:40 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll [2010.05.20 16:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2010.05.20 16:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services [2010.05.20 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Noël Danjou [2010.05.20 14:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Grabber [2010.05.15 02:15:24 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\dvdcss [2010.05.13 17:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2010.05.13 17:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2010.05.12 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Verlauf [2010.05.11 14:27:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org [2010.05.11 14:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2010.05.09 23:17:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.05.09 22:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2010.05.09 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2010.05.09 17:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\Messer [2010.05.09 16:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\No23 Recorder [2010.05.09 13:32:12 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Acreon [2010.05.09 13:32:10 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\._Revolution_ [2010.05.09 09:39:54 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.05.09 09:39:54 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.05.09 09:39:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.05.09 09:39:50 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.05.09 09:39:48 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.05.09 09:39:48 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010.05.09 09:39:43 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010.05.09 09:39:43 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010.05.09 09:39:42 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010.05.09 09:39:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.05.09 09:39:36 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.05.09 09:39:36 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.05.09 09:39:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.05.09 09:39:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.05.09 09:39:32 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.05.09 09:39:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010.05.09 09:39:32 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010.05.09 09:39:30 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.05.09 09:39:30 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.05.09 09:39:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.05.09 09:39:21 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.05.08 23:19:03 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\TechSmith [2010.05.08 23:18:53 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Camtasia Studio [2010.05.08 23:16:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime [2010.05.08 23:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2010.05.08 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared [2010.05.08 23:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith [2010.05.08 22:25:00 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Harry Potter [2010.05.08 19:46:08 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\ICQ [2010.05.08 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\vlc [2010.05.08 16:32:03 | 000,046,592 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll [2010.05.08 16:32:03 | 000,019,456 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusbd-9x.exe [2010.05.08 16:32:03 | 000,018,944 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusbd-nt.exe [2010.05.08 16:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32-0.1.10.1 [2010.05.08 14:15:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\gtk-2.0 [2010.05.08 13:58:07 | 000,000,000 | ---D | C] -- C:\Users\Florian\.thumbnails [2010.05.08 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\gegl-0.0 [2010.05.08 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\.gimp-2.6 [2010.05.08 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\FireShot [2010.05.08 13:21:04 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Avira [2010.05.08 12:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.05.08 12:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.05.08 12:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2010.05.08 12:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010.05.08 12:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010.05.08 12:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.05.08 12:20:37 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll [2010.05.08 12:20:37 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll [2010.05.08 12:20:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll [2010.05.08 12:20:37 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys [2010.05.08 12:20:37 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll [2010.05.08 12:20:37 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll [2010.05.08 12:20:37 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll [2010.05.08 12:20:36 | 014,129,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll [2010.05.08 12:20:36 | 005,320,192 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys [2010.05.08 12:20:36 | 005,320,192 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys [2010.05.08 12:20:36 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll [2010.05.08 12:20:36 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll [2010.05.08 12:20:36 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll [2010.05.08 12:20:36 | 000,372,736 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe [2010.05.08 12:20:36 | 000,233,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll [2010.05.08 12:20:36 | 000,172,032 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe [2010.05.08 12:20:36 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys [2010.05.08 12:20:36 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe [2010.05.08 12:20:36 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll [2010.05.08 12:20:36 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll [2010.05.08 12:20:36 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll [2010.05.08 12:20:36 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll [2010.05.08 12:20:36 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll [2010.05.08 12:20:36 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll [2010.05.08 12:20:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll [2010.05.08 12:20:36 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll [2010.05.08 12:20:36 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll [2010.05.08 12:20:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\ati8703_Win7Vista32 [2010.05.08 12:20:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\WinRAR [2010.05.08 12:17:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Download Manager [2010.05.08 12:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.05.08 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Blizzard Entertainment [2010.05.08 11:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus! [2010.05.08 11:33:29 | 000,012,672 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\System32\drivers\EIO1.sys [2010.05.08 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\VGAINFO [2010.05.08 06:05:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\ATI [2010.05.08 06:05:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\ATI [2010.05.08 06:00:36 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\ElevatedDiagnostics [2010.05.08 05:58:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L2 [2010.05.08 05:53:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2010.05.08 05:51:57 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2010.05.08 05:51:55 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2010.05.08 05:51:54 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2010.05.08 05:51:54 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2010.05.08 05:51:54 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2010.05.08 05:51:54 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2010.05.08 05:51:50 | 001,083,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2010.05.08 05:51:48 | 003,086,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2010.05.08 05:51:47 | 001,775,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2010.05.08 05:51:44 | 000,058,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2010.05.08 05:51:43 | 000,367,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2010.05.08 05:51:39 | 003,583,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2010.05.08 05:51:31 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2010.05.08 05:51:31 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2010.05.08 05:51:31 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2010.05.08 05:51:31 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2010.05.08 05:51:29 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2010.05.08 05:51:29 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2010.05.08 05:51:28 | 000,253,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2010.05.08 05:51:27 | 001,312,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2010.05.08 05:51:25 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2010.05.08 05:51:25 | 000,253,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2010.05.08 05:51:25 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2010.05.08 05:51:25 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2010.05.08 05:51:22 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2010.05.08 05:51:22 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2010.05.08 05:51:22 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2010.05.08 05:51:22 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2010.05.08 05:51:21 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2010.05.08 05:51:21 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2010.05.08 05:51:21 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2010.05.08 05:51:21 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2010.05.08 05:51:21 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2010.05.08 05:51:21 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2010.05.08 05:51:21 | 000,145,760 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2010.05.08 05:51:21 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2010.05.08 05:51:21 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2010.05.08 05:51:21 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2010.05.08 05:51:21 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2010.05.08 05:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010.05.08 05:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2010.05.08 05:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2010.05.08 05:51:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2010.05.08 05:50:48 | 001,251,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010.05.08 05:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010.05.08 05:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab [2010.05.08 05:47:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\SystemRequirementsLab [2010.05.08 05:47:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.05.08 05:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft [2010.05.08 04:51:03 | 000,000,000 | R-SD | C] -- C:\Users\Florian\Documents\My Stationery [2010.05.08 04:46:03 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Meine empfangenen Dateien [2010.05.08 04:30:39 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\opmusic [2010.05.08 04:21:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Apple Computer [2010.05.08 04:21:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Apple Computer [2010.05.08 04:21:21 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll [2010.05.08 04:21:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010.05.08 04:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2010.05.08 04:19:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Apple [2010.05.08 04:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2010.05.08 04:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010.05.08 04:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010.05.08 04:16:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.05.08 04:15:33 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers [2010.05.08 04:14:06 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\DVDVideoSoft [2010.05.08 04:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2010.05.08 04:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2010.05.08 04:13:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.05.08 04:13:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.05.08 04:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect [2010.05.08 04:13:17 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Winamp [2010.05.08 04:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2010.05.08 04:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010.05.08 04:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2010.05.08 04:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010.05.08 04:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2010.05.08 04:09:36 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\uTorrent [2010.05.08 04:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010.05.08 04:09:17 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.05.08 04:09:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.05.08 04:09:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.05.08 04:09:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.05.08 04:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live [2010.05.08 04:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010.05.08 04:07:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\JDownloader [2010.05.08 04:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0 [2010.05.08 04:05:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DivX [2010.05.08 04:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine [2010.05.08 04:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2010.05.08 04:04:55 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\FFOutput [2010.05.08 04:04:47 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll [2010.05.08 04:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime [2010.05.08 04:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.05.08 04:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity [2010.05.08 03:59:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\Tracing [2010.05.08 03:58:07 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.05.08 03:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010.05.08 03:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2010.05.08 03:56:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010.05.08 03:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2010.05.08 03:55:43 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.05.08 03:55:42 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.05.08 03:55:42 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.05.08 03:55:42 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.05.08 03:55:42 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.05.08 03:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.05.08 03:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010.05.08 03:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010.05.08 03:55:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.05.08 03:53:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.05.08 03:51:21 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.05.08 03:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2010.05.08 03:48:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Macromedia [2010.05.08 03:48:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Adobe [2010.05.08 03:48:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.05.08 03:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar [2010.05.08 03:47:55 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010.05.08 03:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.1 [2010.05.08 03:40:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Mozilla [2010.05.08 03:40:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Mozilla [2010.05.08 03:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010.05.08 03:35:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\ICQ [2010.05.08 03:35:25 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\AOL [2010.05.08 03:29:39 | 000,000,000 | R--D | C] -- C:\Users\Florian\Searches [2010.05.08 03:29:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Identities [2010.05.08 03:29:26 | 000,000,000 | R--D | C] -- C:\Users\Florian\Contacts [2010.05.08 03:29:18 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\VirtualStore [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Vorlagen [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Verlauf [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Temporary Internet Files [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Startmenü [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\SendTo [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Recent [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Netzwerkumgebung [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Lokale Einstellungen [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Videos [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Musik [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Eigene Dateien [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Bilder [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Druckumgebung [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Cookies [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Anwendungsdaten [2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Anwendungsdaten [2010.05.08 03:29:16 | 000,000,000 | --SD | C] -- C:\Users\Florian\AppData\Roaming\Microsoft [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Videos [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Saved Games [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Pictures [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Music [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Links [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Favorites [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Downloads [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Documents [2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Desktop [2010.05.08 03:29:16 | 000,000,000 | -H-D | C] -- C:\Users\Florian\AppData [2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Temp [2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Microsoft [2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Media Center Programs [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.05.08 03:21:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.05.08 03:18:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.05.08 03:07:10 | 000,000,000 | -HSD | C] -- C:\Boot [2010.05.08 02:06:05 | 000,028,672 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\l260x86.sys [2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl ========== Files - Modified Within 30 Days ========== [2010.05.25 16:27:18 | 001,835,008 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT [2010.05.25 16:23:40 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\etti.sys [2010.05.25 15:08:41 | 000,126,577 | ---- | M] () -- C:\Users\Florian\Desktop\sad_smiley_by_shangyne.jpg [2010.05.25 15:05:52 | 000,003,399 | ---- | M] () -- C:\Windows\messer.ini [2010.05.25 14:41:57 | 242,073,600 | ---- | M] () -- C:\Users\Florian\Desktop\20100525-143653.MPG [2010.05.25 14:41:57 | 000,000,526 | ---- | M] () -- C:\Windows\win.ini [2010.05.25 14:31:29 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat [2010.05.25 14:28:39 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.05.25 05:42:16 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\amau.sys [2010.05.25 05:34:21 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.25 05:25:46 | 000,001,831 | ---- | M] () -- C:\Users\Florian\Desktop\CCleaner.lnk [2010.05.25 05:23:44 | 000,011,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.05.25 05:23:44 | 000,011,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.05.25 05:18:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.05.25 05:18:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.05.25 05:18:02 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys [2010.05.25 05:16:23 | 002,791,923 | -H-- | M] () -- C:\Users\Florian\AppData\Local\IconCache.db [2010.05.24 15:04:16 | 003,693,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.05.24 14:53:41 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Florian\Desktop\HiJackThis204.exe [2010.05.24 13:48:42 | 000,169,984 | ---- | M] () -- C:\Windows\Jqegea.exe [2010.05.24 10:00:07 | 000,089,232 | ---- | M] () -- C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT [2010.05.24 09:48:06 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.05.24 09:32:44 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys [2010.05.24 09:32:44 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010.05.24 01:33:52 | 000,000,949 | ---- | M] () -- C:\Users\Florian\Desktop\SopCast.lnk [2010.05.23 22:29:36 | 000,000,899 | ---- | M] () -- C:\Users\Florian\Desktop\DScaler.lnk [2010.05.23 20:42:43 | 000,012,895 | ---- | M] () -- C:\Users\Florian\.recently-used.xbel [2010.05.23 20:27:30 | 005,011,796 | ---- | M] () -- C:\Users\Florian\Desktop\FireShot capture #004 - 'YouTube - Kanal von KonshinLP' - www_youtube_com_user_KonshinLP.png [2010.05.23 16:54:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010.05.23 16:54:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010.05.23 16:08:37 | 000,012,288 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.23 14:25:55 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander.lnk [2010.05.22 09:47:27 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010.05.22 09:47:27 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.05.22 09:47:27 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.05.22 09:47:27 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.05.22 09:47:27 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.05.21 21:21:00 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk [2010.05.20 14:27:30 | 000,001,793 | ---- | M] () -- C:\Users\Florian\Desktop\EZ Grabber.lnk [2010.05.13 20:57:29 | 000,000,213 | ---- | M] () -- C:\Users\Florian\Desktop\Portal.url [2010.05.13 18:52:46 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.05.12 23:42:47 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI [2010.05.12 22:36:55 | 000,064,295 | ---- | M] () -- C:\Users\Florian\Desktop\Kons.jpg [2010.05.09 22:25:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.05.09 18:55:35 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk [2010.05.09 16:09:48 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\No23 Recorder.lnk [2010.05.09 15:21:25 | 000,756,483 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin2.jpg [2010.05.08 23:16:45 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2010.05.08 16:50:40 | 000,000,740 | ---- | M] () -- C:\Users\Florian\Desktop\Fraps.lnk [2010.05.08 16:24:51 | 000,448,619 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin.jpg [2010.05.08 16:23:57 | 017,627,344 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin.xcf [2010.05.08 12:53:45 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.05.08 11:41:39 | 000,001,455 | ---- | M] () -- C:\Users\Florian\Desktop\Launcher.lnk [2010.05.08 04:55:13 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010.05.08 04:17:03 | 000,001,197 | ---- | M] () -- C:\Users\Florian\Desktop\DVDVideoSoft Free Studio.lnk [2010.05.08 04:16:24 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010.05.08 04:16:23 | 000,000,356 | RHS- | M] () -- C:\Boot.ini.saved [2010.05.08 04:09:53 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.05.08 04:09:02 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.05.08 04:09:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.05.08 04:09:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.05.08 04:09:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.05.08 04:08:21 | 000,000,860 | ---- | M] () -- C:\Users\Florian\Desktop\JDownloader.lnk [2010.05.08 04:08:07 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010.05.08 04:04:40 | 000,001,156 | ---- | M] () -- C:\Users\Florian\Desktop\Format Factory.lnk [2010.05.08 04:03:34 | 000,000,913 | ---- | M] () -- C:\Users\Florian\Desktop\Audacity.lnk [2010.05.08 03:58:47 | 000,001,287 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Movie Maker.lnk [2010.05.08 03:57:30 | 000,000,020 | ---- | M] () -- C:\Windows\$û„ [2010.05.08 03:57:20 | 000,002,200 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Mail.lnk [2010.05.08 03:56:46 | 000,002,068 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Messenger .lnk [2010.05.08 03:55:54 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.08 03:48:10 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.1.lnk [2010.05.08 03:39:54 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.05.08 03:31:43 | 000,524,288 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010.05.08 03:31:43 | 000,524,288 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010.05.08 03:31:43 | 000,065,536 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010.05.08 03:29:17 | 000,000,020 | -HS- | M] () -- C:\Users\Florian\ntuser.ini [2010.05.08 03:22:44 | 000,043,797 | ---- | M] () -- C:\Windows\System32\license.rtf [2010.05.08 03:20:47 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010.05.04 22:02:38 | 000,000,212 | -H-- | M] () -- C:\Boot.BAK [2010.04.30 17:25:10 | 001,083,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2010.04.30 17:25:04 | 001,775,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2010.04.30 17:25:04 | 000,058,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2010.04.30 17:24:58 | 003,583,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2010.04.30 17:24:58 | 000,367,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2010.04.30 16:59:12 | 003,086,752 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.04.28 18:45:24 | 001,251,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010.04.27 20:51:40 | 001,738,072 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2010.04.27 20:51:32 | 000,253,272 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2010.04.27 20:51:24 | 000,253,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2010.04.27 20:51:04 | 001,312,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2010.04.27 13:50:10 | 000,299,424 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl ========== Files Created - No Company Name ========== [2010.05.25 16:23:40 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\etti.sys [2010.05.25 15:08:40 | 000,126,577 | ---- | C] () -- C:\Users\Florian\Desktop\sad_smiley_by_shangyne.jpg [2010.05.25 14:36:53 | 242,073,600 | ---- | C] () -- C:\Users\Florian\Desktop\20100525-143653.MPG [2010.05.25 14:31:29 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2010.05.25 14:28:39 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.05.25 05:42:16 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\amau.sys [2010.05.25 05:34:21 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.05.25 05:25:46 | 000,001,831 | ---- | C] () -- C:\Users\Florian\Desktop\CCleaner.lnk [2010.05.24 13:48:55 | 000,169,984 | ---- | C] () -- C:\Windows\Jqegea.exe [2010.05.24 09:48:06 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.05.24 09:32:44 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys [2010.05.24 09:32:44 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010.05.24 01:33:52 | 000,000,949 | ---- | C] () -- C:\Users\Florian\Desktop\SopCast.lnk [2010.05.24 01:33:12 | 005,387,807 | ---- | C] () -- C:\Users\Florian\Desktop\Setup-SopCast-3.2.9-2010-3-23.exe [2010.05.23 22:31:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010.05.23 20:42:43 | 000,012,895 | ---- | C] () -- C:\Users\Florian\.recently-used.xbel [2010.05.23 20:27:30 | 005,011,796 | ---- | C] () -- C:\Users\Florian\Desktop\FireShot capture #004 - 'YouTube - Kanal von KonshinLP' - www_youtube_com_user_KonshinLP.png [2010.05.23 16:54:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2010.05.23 16:54:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2010.05.23 14:25:55 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander.lnk [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF [2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF [2010.05.21 21:21:00 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk [2010.05.20 20:41:45 | 000,000,899 | ---- | C] () -- C:\Users\Florian\Desktop\DScaler.lnk [2010.05.20 16:37:15 | 000,026,719 | ---- | C] () -- C:\Windows\System32\SERSPL.VXD [2010.05.20 16:25:40 | 000,038,492 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib [2010.05.20 16:23:19 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010.05.20 14:27:29 | 000,001,793 | ---- | C] () -- C:\Users\Florian\Desktop\EZ Grabber.lnk [2010.05.13 19:14:11 | 000,000,213 | ---- | C] () -- C:\Users\Florian\Desktop\Portal.url [2010.05.13 17:59:29 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.05.12 22:36:54 | 000,064,295 | ---- | C] () -- C:\Users\Florian\Desktop\Kons.jpg [2010.05.09 22:25:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.05.09 17:52:51 | 000,003,399 | ---- | C] () -- C:\Windows\messer.ini [2010.05.09 16:09:48 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\No23 Recorder.lnk [2010.05.09 16:02:52 | 000,012,288 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.05.09 15:18:33 | 000,756,483 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin2.jpg [2010.05.08 23:16:45 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2010.05.08 19:49:35 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2010.05.08 16:49:12 | 000,000,740 | ---- | C] () -- C:\Users\Florian\Desktop\Fraps.lnk [2010.05.08 16:32:03 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys [2010.05.08 14:35:41 | 017,627,344 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin.xcf [2010.05.08 14:15:14 | 000,448,619 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin.jpg [2010.05.08 12:53:45 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.05.08 12:20:37 | 000,497,760 | ---- | C] () -- C:\Windows\System32\atiumdva.cap [2010.05.08 12:20:37 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2010.05.08 12:20:36 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2010.05.08 12:20:36 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb [2010.05.08 12:20:36 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml [2010.05.08 11:41:17 | 000,001,455 | ---- | C] () -- C:\Users\Florian\Desktop\Launcher.lnk [2010.05.08 04:55:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.05.08 04:30:36 | 002,542,728 | ---- | C] () -- C:\Users\Florian\Desktop\WowMatrix.exe [2010.05.08 04:30:35 | 000,236,544 | ---- | C] () -- C:\Users\Florian\Desktop\Chrono.exe [2010.05.08 04:30:33 | 000,000,069 | R--- | C] () -- C:\Users\Florian\Desktop\listen.pls [2010.05.08 04:16:23 | 000,000,212 | -H-- | C] () -- C:\Boot.BAK [2010.05.08 04:14:08 | 000,001,197 | ---- | C] () -- C:\Users\Florian\Desktop\DVDVideoSoft Free Studio.lnk [2010.05.08 04:09:53 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2010.05.08 04:08:21 | 000,000,860 | ---- | C] () -- C:\Users\Florian\Desktop\JDownloader.lnk [2010.05.08 04:08:07 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2010.05.08 04:04:40 | 000,001,156 | ---- | C] () -- C:\Users\Florian\Desktop\Format Factory.lnk [2010.05.08 04:03:34 | 000,000,913 | ---- | C] () -- C:\Users\Florian\Desktop\Audacity.lnk [2010.05.08 04:03:13 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk [2010.05.08 03:58:47 | 000,001,287 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Movie Maker.lnk [2010.05.08 03:57:30 | 000,000,020 | ---- | C] () -- C:\Windows\$û„ [2010.05.08 03:57:20 | 000,002,200 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Mail.lnk [2010.05.08 03:56:46 | 000,002,068 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Messenger .lnk [2010.05.08 03:55:53 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.05.08 03:48:10 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.1.lnk [2010.05.08 03:39:54 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.05.08 03:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010.05.08 03:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010.05.08 03:29:17 | 000,262,144 | -HS- | C] () -- C:\Users\Florian\ntuser.dat.LOG1 [2010.05.08 03:29:17 | 000,065,536 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010.05.08 03:29:17 | 000,000,020 | -HS- | C] () -- C:\Users\Florian\ntuser.ini [2010.05.08 03:29:17 | 000,000,000 | -HS- | C] () -- C:\Users\Florian\ntuser.dat.LOG2 [2010.05.08 03:29:16 | 001,835,008 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT [2010.05.08 03:20:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.05.08 03:17:45 | 1610,014,720 | -HS- | C] () -- C:\hiberfil.sys [2010.05.08 03:07:17 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2010.05.08 03:07:11 | 000,383,562 | RHS- | C] () -- C:\bootmgr [2010.01.14 21:45:18 | 000,230,784 | ---- | C] () -- C:\Windows\System32\drivers\U6000ALL.sys [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2007.06.08 19:12:12 | 000,262,144 | ---- | C] () -- C:\Windows\System32\GTTunerCard.dll [2004.07.29 02:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2003.06.28 14:34:20 | 000,069,707 | ---- | C] () -- C:\Windows\System32\DISP_OPT1.dll [2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL < End of report > |
|
25.05.2010, 15:42
| #5 |
| | Internet Explorer öffnet Seiten mit Werbung OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.05.2010 16:25:25 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Users\Florian\Downloads
Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,96 Gb Total Space | 23,97 Gb Free Space | 31,56% Space Free | Partition Type: NTFS
Drive D: | 54,25 Gb Total Space | 18,07 Gb Free Space | 33,31% Space Free | Partition Type: FAT32
Drive E: | 18,82 Gb Total Space | 17,39 Gb Free Space | 92,41% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 596,02 Gb Total Space | 264,16 Gb Free Space | 44,32% Space Free | Partition Type: FAT32
Computer Name: FLORIAN-PC
Current User Name: Florian
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01910143-8233-1C88-A42A-F5ABD56385F9}" = Catalyst Control Center Graphics Full Existing
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04CB28D7-BDF0-2502-4365-ED13D6D956F4}" = CCC Help Russian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{121B5E98-2DA8-8DB2-09CD-9770C9F92AB7}" = CCC Help Turkish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16EFE2ED-CC6A-C4C0-8405-283D5BFE7A84}" = CCC Help Hungarian
"{1DE1C304-BF2F-4A11-690D-49CE4EF57FFE}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27397BCD-6F21-E671-976A-3C422E415751}" = Catalyst Control Center Localization All
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E04DB15-3C1A-0D5C-68C3-62F7C42092D0}" = CCC Help Thai
"{36ADAD6D-F66C-175F-CE54-481EBB9D1FD9}" = CCC Help Danish
"{3DCA0088-989B-4EF3-B3E4-4A164FD39D95}" = Catalyst Control Center - Branding
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F191EA4-1DC6-66FD-E7A3-DE536CF0BC1B}" = ccc-utility
"{409F157D-BB55-A4C1-AF39-846F27BFC8CB}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4253A57A-650F-4E62-E662-AF7BF84C1D4C}" = CCC Help German
"{4350FB28-7330-7A5D-A997-69076760EC94}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5B6455A4-E812-479B-A762-C2356244CF97}" = AV Grabber
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{5FE38283-3658-58D8-4FA9-803C71997B96}" = CCC Help Spanish
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64A3B0CC-2EBC-A1D9-620A-BADC5A09F7A9}" = CCC Help Czech
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{714DA01B-9279-3697-5173-278635EDD8EE}" = CCC Help English
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7543BF13-8614-EE1B-D1B6-988D0E512329}" = Catalyst Control Center Graphics Full New
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E6BDEB2-17E7-1F93-E4FE-B2FF074335FB}" = CCC Help Portuguese
"{88A7AE4B-726F-2C25-284D-1F8F452250E4}" = CCC Help Chinese Traditional
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8B44248C-EEC9-190E-7760-EE671FF93D54}" = CCC Help Norwegian
"{900CFEB5-88D6-9937-A866-D1A4E94DB5DE}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADFCB53-EB4F-2410-BCAE-9CF582B0CAE5}" = Catalyst Control Center Graphics Light
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A24E4888-B0D0-89A4-7DED-DCC0CB9CCD54}" = Catalyst Control Center Core Implementation
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4759EE0-D18A-5115-1A07-E65A4B0CE0F7}" = CCC Help French
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B5E95F5D-BE5B-3088-30B4-F4EA8D2A7EDA}" = CCC Help Finnish
"{BBFE04E3-BF31-8808-0704-EEAB004E13FB}" = ccc-core-static
"{C392E89E-7DFC-4D4C-D1BF-77688A63E406}" = CCC Help Chinese Standard
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D69832F7-1B31-4200-2192-DED3966C61B3}" = CCC Help Dutch
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E23F0E-08CE-279A-3777-C5108486A613}" = CCC Help Greek
"{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Drv
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E42CB4C7-D188-15AE-E7F4-96634FF6368D}" = CCC Help Polish
"{E5811418-F477-D3DE-210C-7D7A512E1EFD}" = Catalyst Control Center Graphics Previews Vista
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FC048853-11AC-27E0-A928-48099E987D66}" = CCC Help Korean
"{FE4795D7-A814-C945-DAFF-73FC42ECFD90}" = CCC Help Swedish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AMCap" = AMCap
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DScaler 4 Test Version_is1" = DScaler 4 Test Version
"DScaler 4.1.15_is1" = DScaler 4.1.15
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FormatFactory" = FormatFactory 2.30
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.4
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Game Booster_is1" = Game Booster
"InstallShield_{5B6455A4-E812-479B-A762-C2356244CF97}" = EZ Grabber
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messer_is1" = Messer v0.992
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"SopCast" = SopCast 3.2.9
"Steam App 400" = Portal
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.17
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.05.2010 04:16:22 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,
Zeitstempel: 0x4bbc56b6 Name des fehlerhaften Moduls: CoolType.dll, Version: 5.7.82.7602,
Zeitstempel: 0x4b9807c4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000d3a11 ID des fehlerhaften
Prozesses: 0x156c Startzeit der fehlerhaften Anwendung: 0x01cafb176f117771 Pfad der
fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe Photoshop CS5\CoolType.dll
Berichtskennung:
a2bd89ec-670c-11df-a19c-001e8c12810e
Error - 24.05.2010 05:50:54 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
0x455814e4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdadb Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002fc47 ID des fehlerhaften Prozesses:
0x1ecc Startzeit der fehlerhaften Anwendung: 0x01cafb266b0e3cc9 Pfad der fehlerhaften
Anwendung: C:\Program Files\Audacity\audacity.exe Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: d7984ade-6719-11df-a19c-001e8c12810e
Error - 24.05.2010 05:59:08 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
0x455814e4 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdadb Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002fc47 ID des fehlerhaften Prozesses:
0x165c Startzeit der fehlerhaften Anwendung: 0x01cafb26b391ebda Pfad der fehlerhaften
Anwendung: C:\Program Files\Audacity\audacity.exe Pfad des fehlerhaften Moduls:
C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: fde13e3a-671a-11df-a19c-001e8c12810e
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 360: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 192: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 444: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 24.05.2010 09:35:27 | Computer Name = Florian-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7600.16415 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 838 Startzeit: 01cafb419fd9bae9 Endzeit: 47 Anwendungspfad:
C:\Program Files\Windows Media Player\wmplayer.exe Berichts-ID: 34567925-6739-11df-a1f3-001e8c12810e
Error - 25.05.2010 01:18:07 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.0.5.0, Zeitstempel:
0x4b64ae05 Name des fehlerhaften Moduls: vlc.exe, Version: 1.0.5.0, Zeitstempel:
0x4b64ae05 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001749 ID des fehlerhaften Prozesses:
0x928 Startzeit der fehlerhaften Anwendung: 0x01cafbc9a501d428 Pfad der fehlerhaften
Anwendung: C:\Program Files\VideoLAN\VLC\vlc.exe Pfad des fehlerhaften Moduls: C:\Program
Files\VideoLAN\VLC\vlc.exe Berichtskennung: e65c905d-67bc-11df-939f-001e8c12810e
[ System Events ]
Error - 24.05.2010 23:08:50 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01 sfvfs02
Error - 24.05.2010 23:14:59 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfvfs02.sys konnte nicht geladen werden.
Error - 24.05.2010 23:14:59 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 24.05.2010 23:15:16 | Computer Name = Florian-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?05.?2010 um 05:14:16 unerwartet heruntergefahren.
Error - 24.05.2010 23:16:02 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01 sfvfs02
Error - 24.05.2010 23:17:56 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfvfs02.sys konnte nicht geladen werden.
Error - 24.05.2010 23:17:56 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
Error - 24.05.2010 23:19:02 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01 sfvfs02
Error - 25.05.2010 07:41:13 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
Error - 25.05.2010 08:46:48 | Computer Name = Florian-PC | Source = bowser | ID = 8003
Description =
< End of report >
Es tut mir unendlich leid, dass ich 3 Beiträge hintereinander machen musste, aber vom Platz her hat es nicht gepasst  Hoffe das sind die richtigen Logs. |
|
25.05.2010, 19:29
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Internet Explorer öffnet Seiten mit WerbungZitat:
 Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr. Für Dich geht es hier weiter => Neuaufsetzen des Systems Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken. Danach nie wieder sowas anrühren!
__________________ --> Internet Explorer öffnet Seiten mit Werbung |
|
| Themen zu Internet Explorer öffnet Seiten mit Werbung |
| .dll, anti-malware, datei, dateien, explorer, folge, gratis, hijack, hijackthis, internet, internet explorer, local\temp, logdatei, logfile, malwarebytes' anti-malware, microsoft, namen, problem, seite, seiten, software, system, system32, temp, trojan.downloader, trojaner-board, werbung, win7, öffnet, öffnet seiten |
Linear-Darstellung
