Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Avast findet "Win32 Virut" auf Externer Festplatte

Avast findet "Win32 Virut" auf Externer Festplatte


Log-Analyse und Auswertung: Avast findet "Win32 Virut" auf Externer Festplatte

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 18.10.2010, 22:30   #1
PurpleWine
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Hallo
Ich habe heute mein System, Vista 64bit, frisch aufgesetzt und nachdem soweit Treiber und Antivirensoftware (Avast) installiert waren direkt einen scan durchführen lassen.

Als Ergebnis wurden mir von Avast Funde

-in "E:\System Volume Information\_restore{A0753BA3-2f21-4CC3-889C-E18C3FA44C55}\RP2\"
-die Datei "A0002832.exe"(erster Fund in Liste) und Dateien, deren namen Zahlen von "2832" an haben bis 3096 ("A0003096.exe" = letzter Fund in Liste)
-unter dem Namen "Win32:Virut" bzw einmal ("A0002924.exe") "Win32:Virut-KZ@dam" angezeigt.

Ich kann über keine Fehlfunktion klagen und kann den Ordner auf der Externen Festplatte nicht öffnen.

Hier nun das HJT-LogFile:HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:16, on 18.10.2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ICQ7.2\ICQ.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [Google Update] "C:\Users\ Benutzername \AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix: 
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6326 bytes
--- --- ---

Dies ist mein erster Beitrag und ich hoffe korrekt gepostet zu haben, so dass ihr mir zur Selbsthilfe weiterhelfen könnt.

So Far

PurpleWine
Geändert von PurpleWine (18.10.2010 um 22:32 Uhr) Grund: Os hinzugefügt

Alt 19.10.2010, 10:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 19.10.2010, 15:32   #3
PurpleWine
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Habe nun beide Scans durchgeführt, Malware scheint nichts geunden zu haben, die anderen sind zu hoch für mich!

Hier also die Logs:
Malwarebyte
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4881

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

19.10.2010 16:21:48
mbam-log-2010-10-19 (16-21-48).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 132486
Laufzeit: 2 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)




Und Otl:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 19.10.2010 16:24:25 - Run 1
OTL by OldTimer - Version 3.2.15.2     Folder = C:\Users\Ownageman\Desktop\DLs
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 403,66 Gb Free Space | 86,67% Space Free | Partition Type: NTFS
Drive D: | 610,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 298,09 Gb Total Space | 5,04 Gb Free Space | 1,69% Space Free | Partition Type: NTFS
 
Computer Name: OWNAGEMAN-PC | User Name: Ownageman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ownageman\Desktop\DLs\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ownageman\Desktop\DLs\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrB) -- C:\Windows\SysNative\PnkBstrB.exe File not found
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys ()
DRV:64bit: - (P17) -- C:\Windows\SysNative\drivers\P17.sys ()
DRV:64bit: - (AtcL001) -- C:\Windows\SysNative\DRIVERS\l160x64.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Winamp Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query="
FF - prefs.js..browser.search.selectedEngine: "Winamp Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.18 21:18:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.19 00:22:14 | 000,000,000 | ---D | M]
 
[2010.10.18 21:18:11 | 000,000,000 | ---D | M] -- C:\Users\Ownageman\AppData\Roaming\mozilla\Extensions
[2010.10.19 00:30:36 | 000,000,000 | ---D | M] -- C:\Users\Ownageman\AppData\Roaming\mozilla\Firefox\Profiles\raqmy040.default\extensions
[2010.10.19 00:29:48 | 000,001,196 | ---- | M] () -- C:\Users\Ownageman\AppData\Roaming\Mozilla\FireFox\Profiles\raqmy040.default\searchplugins\winamp-search.xml
[2010.10.18 21:18:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.09.14 23:32:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 23:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.09.14 23:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.09.14 23:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.09.14 23:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [P17RunE] C:\Windows\SysWow64\P17RunE.dll (Creative Technology Ltd.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.07.27 08:59:10 | 000,000,055 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2006.10.25 03:29:39 | 000,000,000 | ---D | M] - D:\AutoUpd -- [ CDFS ]
O33 - MountPoints2\{ab823b04-dad4-11df-a3e6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ab823b04-dad4-11df-a3e6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\CTRun\Start.exe -- [2007.01.15 11:02:57 | 000,063,240 | R--- | M] (Creative Technology Ltd.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.19 03:33:57 | 000,011,776 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRES.DLL
[2010.10.19 02:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative Labs
[2010.10.19 01:02:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mimefilt.dll
[2010.10.19 01:02:15 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscb.dll
[2010.10.19 01:02:15 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshooks.dll
[2010.10.19 01:02:14 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssitlb.dll
[2010.10.19 01:02:13 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chsbrkr.dll
[2010.10.19 01:02:13 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\thawbrkr.dll
[2010.10.19 01:02:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2010.10.19 01:02:13 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\offfilt.dll
[2010.10.19 01:02:13 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\korwbrkr.dll
[2010.10.19 01:02:13 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\propdefs.dll
[2010.10.19 01:02:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstrc.dll
[2010.10.19 01:02:13 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssprxy.dll
[2010.10.19 01:02:12 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\chtbrkr.dll
[2010.10.19 01:02:12 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2010.10.19 01:02:12 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2010.10.19 01:02:12 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2010.10.19 01:02:12 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2010.10.19 01:02:12 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2010.10.19 01:02:12 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlhtml.dll
[2010.10.19 01:02:12 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2010.10.19 01:02:12 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xmlfilter.dll
[2010.10.19 01:02:12 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtffilt.dll
[2010.10.19 00:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.10.19 00:44:27 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.10.19 00:44:27 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.10.19 00:44:27 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.10.19 00:44:26 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.10.19 00:43:43 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.10.19 00:43:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.10.19 00:43:02 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.10.19 00:42:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WindowsPowerShell
[2010.10.19 00:41:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WindowsPowerShell
[2010.10.19 00:40:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrsmgr.dll
[2010.10.19 00:40:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmplpxy.dll
[2010.10.19 00:40:43 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrssrv.dll
[2010.10.19 00:40:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pwrshplugin.dll
[2010.10.19 00:40:36 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmRes.dll
[2010.10.19 00:40:35 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecutil.exe
[2010.10.19 00:40:35 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wecapi.dll
[2010.10.19 00:40:34 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wevtfwd.dll
[2010.10.19 00:40:34 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrs.exe
[2010.10.19 00:40:34 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrshost.exe
[2010.10.19 00:40:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wsmprovhost.exe
[2010.10.19 00:40:28 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2010.10.19 00:40:28 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2010.10.19 00:40:28 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winrscmd.dll
[2010.10.19 00:40:28 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2010.10.19 00:40:28 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2010.10.19 00:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2010.10.19 00:22:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Winamp Toolbar
[2010.10.19 00:22:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Toolbar
[2010.10.19 00:21:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.10.19 00:21:27 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Winamp
[2010.10.19 00:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2010.10.19 00:16:27 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.19 00:16:27 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.19 00:16:25 | 002,873,820 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2010.10.19 00:15:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2010.10.19 00:15:18 | 000,000,000 | ---D | C] -- C:\Programme\Creative
[2010.10.19 00:13:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2010.10.19 00:13:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DATA
[2010.10.19 00:13:06 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\Desktop\Vista
[2010.10.19 00:12:31 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\WinRAR
[2010.10.18 23:42:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.10.18 23:42:40 | 000,525,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.10.18 23:42:38 | 001,822,720 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SkyTel.exe
[2010.10.18 23:42:37 | 001,356,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlUpd64.exe
[2010.10.18 23:42:33 | 005,055,488 | ---- | C] (Realtek Semiconductor) -- C:\Windows\RAVCpl64.exe
[2010.10.18 23:42:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.10.18 23:42:30 | 000,520,192 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.10.18 23:42:30 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010.10.18 23:39:15 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardcpl.cpl
[2010.10.18 23:39:13 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationNative_v0300.dll
[2010.10.18 23:39:13 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2010.10.18 23:39:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2010.10.18 23:39:12 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2010.10.18 23:39:09 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2010.10.18 23:36:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.10.18 23:32:42 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscorier.dll
[2010.10.18 23:32:39 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscories.dll
[2010.10.18 23:30:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshhttp.dll
[2010.10.18 23:30:12 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\httpapi.dll
[2010.10.18 23:27:11 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.10.18 23:27:11 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.10.18 23:27:11 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSDvbNP.ax
[2010.10.18 23:27:09 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.10.18 23:27:08 | 000,428,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2010.10.18 23:27:08 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2010.10.18 22:50:55 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.10.18 22:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010.10.18 22:39:24 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Malwarebytes
[2010.10.18 22:39:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.18 22:39:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.18 22:39:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.18 22:35:16 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\Desktop\MFTools
[2010.10.18 22:32:58 | 000,272,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\polstore.dll
[2010.10.18 22:32:58 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\winipsec.dll
[2010.10.18 22:32:58 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FwRemoteSvr.dll
[2010.10.18 22:32:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2010.10.18 22:32:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2010.10.18 22:32:23 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshext.dll
[2010.10.18 22:32:22 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrobj.dll
[2010.10.18 22:32:22 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2010.10.18 22:32:10 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NlsLexicons0007.dll
[2010.10.18 22:30:58 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2010.10.18 22:30:54 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010.10.18 22:30:53 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.10.18 22:30:53 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.10.18 22:30:53 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2010.10.18 22:30:52 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.10.18 22:30:52 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2010.10.18 22:30:52 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.10.18 22:30:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2010.10.18 22:30:52 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010.10.18 22:30:43 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\kbd106n.dll
[2010.10.18 22:30:27 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netiohlp.dll
[2010.10.18 22:30:27 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\NETSTAT.EXE
[2010.10.18 22:30:27 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ARP.EXE
[2010.10.18 22:30:27 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ROUTE.EXE
[2010.10.18 22:30:27 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRINFO.EXE
[2010.10.18 22:30:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\finger.exe
[2010.10.18 22:30:27 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TCPSVCS.EXE
[2010.10.18 22:30:27 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\HOSTNAME.EXE
[2010.10.18 22:30:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2010.10.18 22:29:38 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2010.10.18 22:29:10 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshrm.dll
[2010.10.18 22:29:08 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpeffects.dll
[2010.10.18 22:28:37 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.10.18 22:28:37 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.10.18 22:28:37 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.10.18 22:28:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.10.18 22:28:36 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.10.18 22:28:36 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.10.18 22:28:36 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdrm.dll
[2010.10.18 22:28:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.10.18 22:28:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.10.18 22:27:50 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sdohlp.dll
[2010.10.18 22:27:44 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMNetMgr.dll
[2010.10.18 22:27:44 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\logagent.exe
[2010.10.18 22:27:40 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVCORE.DLL
[2010.10.18 22:27:39 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2010.10.18 22:27:28 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpdxm.dll
[2010.10.18 22:27:27 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2010.10.18 22:27:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2010.10.18 22:27:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2010.10.18 22:27:26 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.tlb
[2010.10.18 22:27:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amcompat.tlb
[2010.10.18 22:26:59 | 010,624,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.10.18 22:26:57 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.10.18 22:26:32 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2010.10.18 22:26:32 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.10.18 22:26:32 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.10.18 22:26:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avicap32.dll
[2010.10.18 22:26:19 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2010.10.18 22:26:15 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\amxread.dll
[2010.10.18 22:26:15 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apilogen.dll
[2010.10.18 22:26:11 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2010.10.18 22:26:09 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\raschap.dll
[2010.10.18 22:26:09 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2010.10.18 22:26:04 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.10.18 22:25:48 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.10.18 22:25:44 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2010.10.18 22:25:44 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010.10.18 22:25:43 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010.10.18 22:25:39 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.10.18 22:25:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.10.18 22:25:36 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.10.18 22:24:57 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010.10.18 22:24:53 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2010.10.18 22:24:42 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2010.10.18 22:24:39 | 000,512,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.10.18 22:24:38 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.10.18 22:24:26 | 003,080,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.10.18 22:24:26 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.10.18 22:24:23 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlansec.dll
[2010.10.18 22:24:23 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlanmsm.dll
[2010.10.18 22:24:23 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\L2SecHC.dll
[2010.10.18 22:24:19 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2010.10.18 22:24:08 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdtcprx.dll
[2010.10.18 22:24:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xolehlp.dll
[2010.10.18 22:23:59 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MP4SDECD.DLL
[2010.10.18 22:23:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\traffic.dll
[2010.10.18 22:23:50 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pacerprf.dll
[2010.10.18 22:23:50 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshqos.dll
[2010.10.18 22:23:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.10.18 22:23:46 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.10.18 22:23:44 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PortableDeviceApi.dll
[2010.10.18 22:23:41 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.10.18 22:23:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.10.18 22:23:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.10.18 22:23:41 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dciman32.dll
[2010.10.18 22:23:37 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.10.18 22:23:34 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PhotoMetadataHandler.dll
[2010.10.18 22:23:33 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WindowsCodecsExt.dll
[2010.10.18 22:23:27 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Faultrep.dll
[2010.10.18 22:23:25 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\connect.dll
[2010.10.18 22:23:23 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.10.18 22:23:21 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dataclen.dll
[2010.10.18 22:08:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010.10.18 22:07:53 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.10.18 22:07:47 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.10.18 22:07:47 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.10.18 22:07:45 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.10.18 22:07:44 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.10.18 22:07:44 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.10.18 22:07:44 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.10.18 22:07:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.10.18 22:07:43 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.10.18 22:07:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.10.18 22:07:42 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.10.18 22:07:42 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.10.18 22:07:42 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.10.18 22:07:41 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.10.18 22:07:40 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.10.18 22:07:40 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.10.18 22:07:39 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.10.18 22:07:39 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.10.18 22:07:39 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.10.18 22:07:38 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.10.18 22:07:37 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.10.18 22:07:37 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.10.18 22:07:37 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.10.18 22:07:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.10.18 22:07:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.10.18 22:07:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.10.18 22:07:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.10.18 22:07:35 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.10.18 22:07:35 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.10.18 22:07:34 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.10.18 22:07:34 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.10.18 22:07:33 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.10.18 22:07:33 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.10.18 22:07:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.10.18 22:07:32 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.10.18 22:07:31 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.10.18 22:07:31 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.10.18 22:07:30 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.10.18 22:07:30 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.10.18 22:07:29 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.10.18 22:07:29 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.10.18 22:07:28 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.10.18 22:07:28 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.10.18 22:07:28 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.10.18 22:07:26 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.10.18 22:07:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.10.18 22:07:25 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.10.18 22:07:25 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.10.18 22:07:24 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.10.18 22:07:24 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.10.18 22:07:23 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.10.18 22:07:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.10.18 22:07:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.10.18 22:07:22 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.10.18 22:07:20 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.10.18 22:07:19 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.10.18 22:07:19 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.10.18 22:07:18 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.10.18 22:07:17 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.10.18 22:07:15 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.10.18 22:07:15 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.10.18 22:07:14 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.10.18 22:07:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.10.18 22:07:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.10.18 22:07:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.10.18 22:07:12 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.10.18 22:07:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.10.18 22:07:10 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.10.18 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\TS3Client
[2010.10.18 21:55:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys
[2010.10.18 21:47:48 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\Documents\ICQ
[2010.10.18 21:43:57 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\ICQ
[2010.10.18 21:43:56 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\AOL
[2010.10.18 21:43:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.10.18 21:39:15 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010.10.18 21:32:24 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.10.18 21:32:23 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.10.18 21:31:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.10.18 21:31:22 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.10.18 21:31:22 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.10.18 21:31:15 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.10.18 21:31:06 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.10.18 21:30:55 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.10.18 21:30:46 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.10.18 21:30:36 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.10.18 21:30:33 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.10.18 21:25:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.10.18 21:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.10.18 21:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.10.18 21:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.10.18 21:24:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.10.18 21:23:55 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.10.18 21:23:55 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Skype
[2010.10.18 21:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.10.18 21:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.10.18 21:23:24 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.10.18 21:23:21 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip
[2010.10.18 21:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.10.18 21:22:49 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\Google
[2010.10.18 21:22:10 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\Desktop\DLs
[2010.10.18 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Mozilla
[2010.10.18 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\Mozilla
[2010.10.18 21:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.10.18 21:00:25 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.10.18 21:00:24 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.10.18 20:58:47 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Macromedia
[2010.10.18 20:58:47 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Adobe
[2010.10.18 20:58:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.10.18 20:41:17 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2010.10.18 20:41:16 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2010.10.18 20:41:16 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2010.10.18 20:41:10 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2010.10.18 20:41:10 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2010.10.18 20:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.10.18 20:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2010.10.18 20:10:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Attansic
[2010.10.18 20:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Attansic
[2010.10.18 20:00:22 | 000,000,000 | ---D | C] -- C:\Windows\ASUSInstAll
[2010.10.18 19:54:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.10.18 19:54:24 | 000,000,000 | ---D | C] -- C:\Intel
[2010.10.18 19:52:17 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.10.18 19:52:06 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2010.10.18 19:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.10.18 19:49:16 | 000,647,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mscomct2.ocx
[2010.10.18 19:49:15 | 000,053,248 | ---- | C] (Creative Technology Ltd ) -- C:\Windows\Ctregrun.exe
[2010.10.18 19:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2010.10.18 19:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2010.10.18 19:48:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2010.10.18 19:47:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.10.18 19:47:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.10.18 19:41:22 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Searches
[2010.10.18 19:41:12 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Identities
[2010.10.18 19:41:10 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Contacts
[2010.10.18 19:41:09 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\VirtualStore
[2010.10.18 19:41:05 | 000,000,000 | --SD | C] -- C:\Users\Ownageman\AppData\Roaming\Microsoft
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Videos
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Saved Games
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Pictures
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Music
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Links
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Favorites
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Downloads
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Documents
[2010.10.18 19:41:05 | 000,000,000 | R--D | C] -- C:\Users\Ownageman\Desktop
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Vorlagen
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\AppData\Local\Verlauf
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\AppData\Local\Temporary Internet Files
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Startmenü
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\SendTo
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Recent
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Netzwerkumgebung
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Lokale Einstellungen
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Documents\Eigene Videos
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Documents\Eigene Musik
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Eigene Dateien
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Documents\Eigene Bilder
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Druckumgebung
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Cookies
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\AppData\Local\Anwendungsdaten
[2010.10.18 19:41:05 | 000,000,000 | -HSD | C] -- C:\Users\Ownageman\Anwendungsdaten
[2010.10.18 19:41:05 | 000,000,000 | -H-D | C] -- C:\Users\Ownageman\AppData
[2010.10.18 19:41:05 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\Temp
[2010.10.18 19:41:05 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Local\Microsoft
[2010.10.18 19:41:05 | 000,000,000 | ---D | C] -- C:\Users\Ownageman\AppData\Roaming\Media Center Programs
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.10.18 19:28:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.10.18 19:27:35 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010.10.18 19:27:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.10.18 19:27:06 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.10.18 18:32:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.10.18 18:28:15 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.10.18 18:28:03 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.19 16:22:23 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.19 16:22:23 | 000,628,504 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.19 16:22:23 | 000,595,798 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.19 16:22:23 | 000,126,248 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.19 16:22:23 | 000,103,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.19 16:09:06 | 000,037,301 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.10.19 16:09:06 | 000,037,301 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.10.19 16:07:59 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.19 16:07:59 | 000,003,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.19 16:07:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.19 04:28:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992758402-1675454078-1596989462-1000UA.job
[2010.10.19 01:07:55 | 000,228,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.19 00:20:31 | 002,330,791 | ---- | M] () -- C:\Users\Ownageman\Documents\Unbenannt.wma
[2010.10.19 00:16:27 | 000,419,840 | ---- | M] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.19 00:16:27 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.10.19 00:16:27 | 000,133,632 | ---- | M] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.19 00:16:27 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.10.19 00:13:35 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2010.10.18 23:42:40 | 000,525,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.10.18 23:42:30 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2010.10.18 23:35:55 | 000,001,042 | ---- | M] () -- C:\Users\Ownageman\Desktop\Launcher.exe - Verknüpfung.lnk
[2010.10.18 22:52:36 | 000,000,763 | ---- | M] () -- C:\Users\Ownageman\Desktop\NTREGOPT.lnk
[2010.10.18 22:52:36 | 000,000,744 | ---- | M] () -- C:\Users\Ownageman\Desktop\ERUNT.lnk
[2010.10.18 22:39:17 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.18 22:23:50 | 000,001,928 | ---- | M] () -- C:\Users\Ownageman\Desktop\HijackThis.lnk
[2010.10.18 22:23:35 | 000,189,248 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.18 22:23:24 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.10.18 22:23:24 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.18 21:27:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992758402-1675454078-1596989462-1000Core.job
[2010.10.18 21:00:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.10.18 20:26:32 | 000,000,732 | ---- | M] () -- C:\Users\Ownageman\AppData\Local\d3d9caps64.dat
[2010.10.18 20:10:54 | 000,012,034 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2010.10.18 19:54:01 | 000,011,853 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2010.10.18 19:45:30 | 000,000,104 | ---- | M] () -- C:\Users\Ownageman\Desktop\Computer - Verknüpfung.lnk
[2010.10.18 19:27:08 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010.10.18 18:33:43 | 000,060,826 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2010.10.19 03:33:57 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\INRES.DLL
[2010.10.19 03:33:57 | 000,003,072 | ---- | C] () -- C:\Windows\SysNative\CTXFIRES.DLL
[2010.10.19 03:33:57 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2010.10.19 02:26:32 | 000,270,208 | ---- | C] () -- C:\Windows\SysNative\MpSigStub.exe
[2010.10.19 01:02:16 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\wsepno.dll
[2010.10.19 01:02:15 | 000,106,605 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.10.19 01:02:15 | 000,106,605 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2010.10.19 01:02:15 | 000,080,896 | ---- | C] () -- C:\Windows\SysNative\propdefs.dll
[2010.10.19 01:02:15 | 000,067,072 | ---- | C] () -- C:\Windows\SysNative\xmlfilter.dll
[2010.10.19 01:02:15 | 000,044,544 | ---- | C] () -- C:\Windows\SysNative\msscb.dll
[2010.10.19 01:02:15 | 000,043,008 | ---- | C] () -- C:\Windows\SysNative\rtffilt.dll
[2010.10.19 01:02:15 | 000,037,376 | ---- | C] () -- C:\Windows\SysNative\mimefilt.dll
[2010.10.19 01:02:15 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.10.19 01:02:15 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin
[2010.10.19 01:02:15 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\msshooks.dll
[2010.10.19 01:02:14 | 000,087,552 | ---- | C] () -- C:\Windows\SysNative\mssitlb.dll
[2010.10.19 01:02:13 | 001,676,800 | ---- | C] () -- C:\Windows\SysNative\chsbrkr.dll
[2010.10.19 01:02:13 | 000,921,088 | ---- | C] () -- C:\Windows\SysNative\propsys.dll
[2010.10.19 01:02:13 | 000,347,648 | ---- | C] () -- C:\Windows\SysNative\srchadmin.dll
[2010.10.19 01:02:13 | 000,317,440 | ---- | C] () -- C:\Windows\SysNative\thawbrkr.dll
[2010.10.19 01:02:13 | 000,316,928 | ---- | C] () -- C:\Windows\SysNative\msshsq.dll
[2010.10.19 01:02:13 | 000,280,064 | ---- | C] () -- C:\Windows\SysNative\offfilt.dll
[2010.10.19 01:02:13 | 000,181,248 | ---- | C] () -- C:\Windows\SysNative\nlhtml.dll
[2010.10.19 01:02:13 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.dll
[2010.10.19 01:02:13 | 000,040,448 | ---- | C] () -- C:\Windows\SysNative\mssprxy.dll
[2010.10.19 01:02:12 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2010.10.19 01:02:12 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex
[2010.10.19 01:02:12 | 006,100,480 | ---- | C] () -- C:\Windows\SysNative\chtbrkr.dll
[2010.10.19 01:02:12 | 000,796,672 | ---- | C] () -- C:\Windows\SysNative\mssvp.dll
[2010.10.19 01:02:12 | 000,498,176 | ---- | C] () -- C:\Windows\SysNative\mssph.dll
[2010.10.19 01:02:12 | 000,312,832 | ---- | C] () -- C:\Windows\SysNative\mssphtb.dll
[2010.10.19 01:02:12 | 000,258,560 | ---- | C] () -- C:\Windows\SysNative\SearchProtocolHost.exe
[2010.10.19 01:02:12 | 000,112,128 | ---- | C] () -- C:\Windows\SysNative\SearchFilterHost.exe
[2010.10.19 01:02:12 | 000,078,848 | ---- | C] () -- C:\Windows\SysNative\msstrc.dll
[2010.10.19 01:02:12 | 000,073,728 | ---- | C] () -- C:\Windows\SysNative\msscntrs.dll
[2010.10.19 01:02:11 | 002,209,792 | ---- | C] () -- C:\Windows\SysNative\tquery.dll
[2010.10.19 01:02:11 | 002,176,512 | ---- | C] () -- C:\Windows\SysNative\mssrch.dll
[2010.10.19 01:02:11 | 000,598,016 | ---- | C] () -- C:\Windows\SysNative\SearchIndexer.exe
[2010.10.19 00:50:39 | 000,037,301 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.19 00:50:39 | 000,037,301 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.10.19 00:44:26 | 001,942,856 | ---- | C] () -- C:\Windows\SysNative\dfshim.dll
[2010.10.19 00:44:26 | 000,444,752 | ---- | C] () -- C:\Windows\SysNative\mscoree.dll
[2010.10.19 00:44:26 | 000,320,352 | ---- | C] () -- C:\Windows\SysNative\PresentationHost.exe
[2010.10.19 00:44:26 | 000,109,912 | ---- | C] () -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.10.19 00:44:26 | 000,048,960 | ---- | C] () -- C:\Windows\SysNative\netfxperf.dll
[2010.10.19 00:40:45 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\wsmplpxy.dll
[2010.10.19 00:40:45 | 000,013,312 | ---- | C] () -- C:\Windows\SysNative\winrssrv.dll
[2010.10.19 00:40:45 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\winrsmgr.dll
[2010.10.19 00:40:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysNative\pwrshplugin.dll
[2010.10.19 00:40:39 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\winrs.exe
[2010.10.19 00:40:39 | 000,024,064 | ---- | C] () -- C:\Windows\SysNative\winrshost.exe
[2010.10.19 00:40:39 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\wsmprovhost.exe
[2010.10.19 00:40:36 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\WsmRes.dll
[2010.10.19 00:40:35 | 000,232,960 | ---- | C] () -- C:\Windows\SysNative\wecsvc.dll
[2010.10.19 00:40:35 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wevtfwd.dll
[2010.10.19 00:40:35 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\wecutil.exe
[2010.10.19 00:40:35 | 000,084,992 | ---- | C] () -- C:\Windows\SysNative\wecapi.dll
[2010.10.19 00:40:29 | 000,201,184 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2010.10.19 00:40:29 | 000,201,184 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2010.10.19 00:40:29 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2010.10.19 00:40:29 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2010.10.19 00:40:29 | 000,002,426 | ---- | C] () -- C:\Windows\SysWow64\WsmTxt.xsl
[2010.10.19 00:40:29 | 000,002,426 | ---- | C] () -- C:\Windows\SysNative\WsmTxt.xsl
[2010.10.19 00:40:28 | 002,050,048 | ---- | C] () -- C:\Windows\SysNative\WsmSvc.dll
[2010.10.19 00:40:28 | 000,370,688 | ---- | C] () -- C:\Windows\SysNative\winrscmd.dll
[2010.10.19 00:40:28 | 000,352,768 | ---- | C] () -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2010.10.19 00:40:28 | 000,348,672 | ---- | C] () -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2010.10.19 00:40:28 | 000,310,272 | ---- | C] () -- C:\Windows\SysNative\WsmWmiPl.dll
[2010.10.19 00:40:28 | 000,180,736 | ---- | C] () -- C:\Windows\SysNative\WsmAuto.dll
[2010.10.19 00:20:31 | 002,330,791 | ---- | C] () -- C:\Users\Ownageman\Documents\Unbenannt.wma
[2010.10.19 00:16:27 | 000,419,840 | ---- | C] () -- C:\Windows\SysNative\wrap_oal.dll
[2010.10.19 00:16:27 | 000,133,632 | ---- | C] () -- C:\Windows\SysNative\OpenAL32.dll
[2010.10.19 00:16:25 | 001,908,736 | ---- | C] () -- C:\Windows\SysNative\Sens_oal.dll
[2010.10.19 00:13:35 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2010.10.19 00:13:35 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.10.19 00:13:35 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2010.10.19 00:13:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.10.19 00:13:35 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2010.10.18 23:42:38 | 000,513,536 | ---- | C] () -- C:\Windows\SysNative\SRSTSX64.dll
[2010.10.18 23:42:38 | 000,155,648 | ---- | C] () -- C:\Windows\SysNative\SRSWOW64.dll
[2010.10.18 23:42:37 | 000,973,824 | ---- | C] () -- C:\Windows\SysNative\RtkAPO64.dll
[2010.10.18 23:42:37 | 000,348,672 | ---- | C] () -- C:\Windows\SysNative\RtkApi64.dll
[2010.10.18 23:42:36 | 001,062,304 | ---- | C] () -- C:\Windows\SysNative\drivers\RTKVHD64.sys
[2010.10.18 23:42:36 | 000,583,168 | ---- | C] () -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.10.18 23:42:36 | 000,540,672 | ---- | C] () -- C:\Windows\SysNative\RtPgEx64.dll
[2010.10.18 23:42:35 | 000,018,944 | ---- | C] () -- C:\Windows\SysNative\RCoInst64.dll
[2010.10.18 23:39:15 | 000,049,160 | ---- | C] () -- C:\Windows\SysNative\infocardcpl.cpl
[2010.10.18 23:39:13 | 001,168,928 | ---- | C] () -- C:\Windows\SysNative\PresentationNative_v0300.dll
[2010.10.18 23:39:13 | 000,167,432 | ---- | C] () -- C:\Windows\SysNative\infocardapi.dll
[2010.10.18 23:39:13 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\icardres.dll
[2010.10.18 23:39:12 | 001,383,936 | ---- | C] () -- C:\Windows\SysNative\icardagt.exe
[2010.10.18 23:39:09 | 000,126,520 | ---- | C] () -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2010.10.18 23:35:55 | 000,001,042 | ---- | C] () -- C:\Users\Ownageman\Desktop\Launcher.exe - Verknüpfung.lnk
[2010.10.18 23:32:42 | 000,158,208 | ---- | C] () -- C:\Windows\SysNative\mscorier.dll
[2010.10.18 23:32:40 | 000,076,288 | ---- | C] () -- C:\Windows\SysNative\mscories.dll
[2010.10.18 23:31:36 | 000,294,912 | ---- | C] () -- C:\Windows\SysNative\browserchoice.exe
[2010.10.18 23:30:14 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\nshhttp.dll
[2010.10.18 23:30:12 | 000,610,304 | ---- | C] () -- C:\Windows\SysNative\drivers\http.sys
[2010.10.18 23:30:12 | 000,033,792 | ---- | C] () -- C:\Windows\SysNative\httpapi.dll
[2010.10.18 23:27:12 | 000,101,376 | ---- | C] () -- C:\Windows\SysNative\MSNP.ax
[2010.10.18 23:27:12 | 000,073,216 | ---- | C] () -- C:\Windows\SysNative\MSDvbNP.ax
[2010.10.18 23:27:11 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\mpg2splt.ax
[2010.10.18 23:27:08 | 000,558,592 | ---- | C] () -- C:\Windows\SysNative\EncDec.dll
[2010.10.18 23:27:08 | 000,375,808 | ---- | C] () -- C:\Windows\SysNative\psisdecd.dll
[2010.10.18 23:27:08 | 000,289,792 | ---- | C] () -- C:\Windows\SysNative\psisrndr.ax
[2010.10.18 22:49:43 | 000,000,763 | ---- | C] () -- C:\Users\Ownageman\Desktop\NTREGOPT.lnk
[2010.10.18 22:49:43 | 000,000,744 | ---- | C] () -- C:\Users\Ownageman\Desktop\ERUNT.lnk
[2010.10.18 22:39:17 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.18 22:39:13 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.18 22:32:58 | 000,531,456 | ---- | C] () -- C:\Windows\SysNative\IPSECSVC.DLL
[2010.10.18 22:32:53 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2010.10.18 22:32:27 | 000,361,984 | ---- | C] () -- C:\Windows\SysNative\es.dll
[2010.10.18 22:32:23 | 000,227,328 | ---- | C] () -- C:\Windows\SysNative\scrobj.dll
[2010.10.18 22:32:23 | 000,197,632 | ---- | C] () -- C:\Windows\SysNative\scrrun.dll
[2010.10.18 22:32:23 | 000,166,912 | ---- | C] () -- C:\Windows\SysNative\wscript.exe
[2010.10.18 22:32:23 | 000,147,968 | ---- | C] () -- C:\Windows\SysNative\cscript.exe
[2010.10.18 22:32:23 | 000,144,384 | ---- | C] () -- C:\Windows\SysNative\wshom.ocx
[2010.10.18 22:32:23 | 000,101,888 | ---- | C] () -- C:\Windows\SysNative\wshext.dll
[2010.10.18 22:32:10 | 012,240,896 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0007.dll
[2010.10.18 22:32:08 | 002,644,480 | ---- | C] () -- C:\Windows\SysNative\NlsLexicons0009.dll
[2010.10.18 22:31:57 | 001,361,920 | ---- | C] () -- C:\Windows\SysNative\NaturalLanguage6.dll
[2010.10.18 22:30:58 | 002,452,872 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dat
[2010.10.18 22:30:57 | 005,692,928 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010.10.18 22:30:56 | 007,015,424 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010.10.18 22:30:55 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010.10.18 22:30:55 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010.10.18 22:30:54 | 000,590,848 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010.10.18 22:30:54 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010.10.18 22:30:53 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010.10.18 22:30:53 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010.10.18 22:30:53 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010.10.18 22:30:52 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010.10.18 22:30:52 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010.10.18 22:30:52 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010.10.18 22:30:52 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010.10.18 22:30:52 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010.10.18 22:30:52 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010.10.18 22:30:52 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010.10.18 22:30:51 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010.10.18 22:30:51 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010.10.18 22:30:44 | 001,078,840 | ---- | C] () -- C:\Windows\SysNative\winload.efi
[2010.10.18 22:30:44 | 001,066,040 | ---- | C] () -- C:\Windows\SysNative\winload.exe
[2010.10.18 22:30:44 | 000,993,336 | ---- | C] () -- C:\Windows\SysNative\winresume.efi
[2010.10.18 22:30:44 | 000,982,584 | ---- | C] () -- C:\Windows\SysNative\winresume.exe
[2010.10.18 22:30:44 | 000,382,008 | ---- | C] () -- C:\Windows\SysNative\ci.dll
[2010.10.18 22:30:44 | 000,022,072 | ---- | C] () -- C:\Windows\SysNative\kd1394.dll
[2010.10.18 22:30:43 | 000,474,624 | ---- | C] () -- C:\Windows\SysNative\srcore.dll
[2010.10.18 22:30:43 | 000,339,968 | ---- | C] () -- C:\Windows\SysNative\rstrui.exe
[2010.10.18 22:30:43 | 000,058,368 | ---- | C] () -- C:\Windows\SysNative\setbcdlocale.dll
[2010.10.18 22:30:43 | 000,046,592 | ---- | C] () -- C:\Windows\SysNative\srclient.dll
[2010.10.18 22:30:43 | 000,018,944 | ---- | C] () -- C:\Windows\SysNative\srdelayed.exe
[2010.10.18 22:30:43 | 000,007,680 | ---- | C] () -- C:\Windows\SysNative\kbd106n.dll
[2010.10.18 22:30:27 | 000,141,312 | ---- | C] () -- C:\Windows\SysNative\netiohlp.dll
[2010.10.18 22:30:27 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\NETSTAT.EXE
[2010.10.18 22:30:27 | 000,023,040 | ---- | C] () -- C:\Windows\SysNative\ARP.EXE
[2010.10.18 22:30:27 | 000,021,504 | ---- | C] () -- C:\Windows\SysNative\ROUTE.EXE
[2010.10.18 22:30:27 | 000,012,800 | ---- | C] () -- C:\Windows\SysNative\MRINFO.EXE
[2010.10.18 22:30:27 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\finger.exe
[2010.10.18 22:30:27 | 000,010,752 | ---- | C] () -- C:\Windows\SysNative\TCPSVCS.EXE
[2010.10.18 22:30:27 | 000,010,240 | ---- | C] () -- C:\Windows\SysNative\HOSTNAME.EXE
[2010.10.18 22:30:26 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\netevent.dll
[2010.10.18 22:29:38 | 000,372,736 | ---- | C] () -- C:\Windows\SysNative\unregmp2.exe
[2010.10.18 22:29:10 | 000,140,288 | ---- | C] () -- C:\Windows\SysNative\drivers\rmcast.sys
[2010.10.18 22:29:10 | 000,017,408 | ---- | C] () -- C:\Windows\SysNative\wshrm.dll
[2010.10.18 22:29:08 | 000,557,056 | ---- | C] () -- C:\Windows\SysNative\wmpeffects.dll
[2010.10.18 22:28:40 | 000,594,944 | ---- | C] () -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.10.18 22:28:40 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\RMActivate.exe
[2010.10.18 22:28:37 | 000,413,696 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.10.18 22:28:37 | 000,409,600 | ---- | C] () -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.10.18 22:28:36 | 000,535,040 | ---- | C] () -- C:\Windows\SysNative\secproc.dll
[2010.10.18 22:28:36 | 000,534,016 | ---- | C] () -- C:\Windows\SysNative\secproc_isv.dll
[2010.10.18 22:28:36 | 000,457,216 | ---- | C] () -- C:\Windows\SysNative\msdrm.dll
[2010.10.18 22:28:36 | 000,159,232 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.10.18 22:28:36 | 000,158,720 | ---- | C] () -- C:\Windows\SysNative\secproc_ssp.dll
[2010.10.18 22:27:52 | 001,030,656 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelinesvc.exe
[2010.10.18 22:27:51 | 000,718,336 | ---- | C] () -- C:\Windows\SysNative\rpcss.dll
[2010.10.18 22:27:50 | 000,231,424 | ---- | C] () -- C:\Windows\SysNative\sdohlp.dll
[2010.10.18 22:27:50 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\iasrecst.dll
[2010.10.18 22:27:50 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\iasads.dll
[2010.10.18 22:27:50 | 000,061,440 | ---- | C] () -- C:\Windows\SysNative\iasdatastore.dll
[2010.10.18 22:27:50 | 000,036,352 | ---- | C] () -- C:\Windows\SysNative\printfilterpipelineprxy.dll
[2010.10.18 22:27:50 | 000,024,576 | ---- | C] () -- C:\Windows\SysNative\iashost.exe
[2010.10.18 22:27:44 | 001,245,184 | ---- | C] () -- C:\Windows\SysNative\WMNetMgr.dll
[2010.10.18 22:27:44 | 000,112,640 | ---- | C] () -- C:\Windows\SysNative\logagent.exe
[2010.10.18 22:27:40 | 002,900,480 | ---- | C] () -- C:\Windows\SysNative\WMVCORE.DLL
[2010.10.18 22:27:39 | 003,547,136 | ---- | C] () -- C:\Windows\SysNative\mf.dll
[2010.10.18 22:27:28 | 000,368,128 | ---- | C] () -- C:\Windows\SysNative\wmpdxm.dll
[2010.10.18 22:27:28 | 000,009,216 | ---- | C] () -- C:\Windows\SysNative\spwmp.dll
[2010.10.18 22:27:27 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\msdxm.ocx
[2010.10.18 22:27:27 | 000,005,120 | ---- | C] () -- C:\Windows\SysNative\dxmasf.dll
[2010.10.18 22:27:26 | 000,043,520 | ---- | C] () -- C:\Windows\SysNative\msdxm.tlb
[2010.10.18 22:27:26 | 000,018,432 | ---- | C] () -- C:\Windows\SysNative\amcompat.tlb
[2010.10.18 22:27:01 | 013,425,152 | ---- | C] () -- C:\Windows\SysNative\wmp.dll
[2010.10.18 22:26:57 | 008,147,968 | ---- | C] () -- C:\Windows\SysNative\wmploc.DLL
[2010.10.18 22:26:33 | 000,108,544 | ---- | C] () -- C:\Windows\SysNative\avifil32.dll
[2010.10.18 22:26:33 | 000,093,184 | ---- | C] () -- C:\Windows\SysNative\mciavi32.dll
[2010.10.18 22:26:33 | 000,076,800 | ---- | C] () -- C:\Windows\SysNative\avicap32.dll
[2010.10.18 22:26:33 | 000,054,272 | ---- | C] () -- C:\Windows\SysNative\iyuv_32.dll
[2010.10.18 22:26:33 | 000,038,400 | ---- | C] () -- C:\Windows\SysNative\msvidc32.dll
[2010.10.18 22:26:33 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\msyuv.dll
[2010.10.18 22:26:33 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\msrle32.dll
[2010.10.18 22:26:33 | 000,013,824 | ---- | C] () -- C:\Windows\SysNative\tsbyuv.dll
[2010.10.18 22:26:32 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\msvfw32.dll
[2010.10.18 22:26:29 | 001,280,512 | ---- | C] () -- C:\Windows\SysNative\rpcrt4.dll
[2010.10.18 22:26:27 | 001,420,176 | ---- | C] () -- C:\Windows\SysNative\drivers\tcpip.sys
[2010.10.18 22:26:23 | 001,692,160 | ---- | C] () -- C:\Windows\SysNative\lsasrv.dll
[2010.10.18 22:26:23 | 000,515,656 | ---- | C] () -- C:\Windows\SysNative\drivers\ksecdd.sys
[2010.10.18 22:26:23 | 000,268,800 | ---- | C] () -- C:\Windows\SysNative\msv1_0.dll
[2010.10.18 22:26:23 | 000,205,312 | ---- | C] () -- C:\Windows\SysNative\wdigest.dll
[2010.10.18 22:26:23 | 000,094,720 | ---- | C] () -- C:\Windows\SysNative\secur32.dll
[2010.10.18 22:26:23 | 000,011,264 | ---- | C] () -- C:\Windows\SysNative\lsass.exe
[2010.10.18 22:26:19 | 000,791,552 | ---- | C] () -- C:\Windows\SysNative\localspl.dll
[2010.10.18 22:26:16 | 001,208,832 | ---- | C] () -- C:\Windows\SysNative\kernel32.dll
[2010.10.18 22:26:15 | 000,025,600 | ---- | C] () -- C:\Windows\SysNative\amxread.dll
[2010.10.18 22:26:15 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\apilogen.dll
[2010.10.18 22:26:14 | 000,437,248 | ---- | C] () -- C:\Windows\SysNative\WSDApi.dll
[2010.10.18 22:26:11 | 000,818,688 | ---- | C] () -- C:\Windows\SysNative\WMSPDMOD.DLL
[2010.10.18 22:26:09 | 000,295,936 | ---- | C] () -- C:\Windows\SysNative\raschap.dll
[2010.10.18 22:26:09 | 000,280,576 | ---- | C] () -- C:\Windows\SysNative\rastls.dll
[2010.10.18 22:26:07 | 000,273,920 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb10.sys
[2010.10.18 22:26:07 | 000,135,168 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb.sys
[2010.10.18 22:26:07 | 000,105,472 | ---- | C] () -- C:\Windows\SysNative\drivers\mrxsmb20.sys
[2010.10.18 22:26:05 | 000,388,608 | ---- | C] () -- C:\Windows\SysNative\gdi32.dll
[2010.10.18 22:26:04 | 000,050,688 | ---- | C] () -- C:\Windows\SysNative\rtutils.dll
[2010.10.18 22:26:01 | 000,439,808 | ---- | C] () -- C:\Windows\SysNative\winhttp.dll
[2010.10.18 22:25:59 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010.10.18 22:25:51 | 000,656,384 | ---- | C] () -- C:\Windows\SysNative\kerberos.dll
[2010.10.18 22:25:48 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010.10.18 22:25:44 | 001,926,656 | ---- | C] () -- C:\Windows\SysNative\gameux.dll
[2010.10.18 22:25:44 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\Apphlpdm.dll
[2010.10.18 22:25:41 | 004,240,384 | ---- | C] () -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010.10.18 22:25:37 | 000,218,112 | ---- | C] () -- C:\Windows\SysNative\wintrust.dll
[2010.10.18 22:25:34 | 001,923,584 | ---- | C] () -- C:\Windows\SysNative\ole32.dll
[2010.10.18 22:25:31 | 000,633,856 | ---- | C] () -- C:\Windows\SysNative\comctl32.dll
[2010.10.18 22:25:05 | 012,898,304 | ---- | C] () -- C:\Windows\SysNative\shell32.dll
[2010.10.18 22:24:59 | 000,974,848 | ---- | C] () -- C:\Windows\SysNative\inetcomm.dll
[2010.10.18 22:24:57 | 000,072,192 | ---- | C] () -- C:\Windows\SysNative\l3codeca.acm
[2010.10.18 22:24:54 | 002,423,296 | ---- | C] () -- C:\Windows\SysNative\mstscax.dll
[2010.10.18 22:24:49 | 004,690,832 | ---- | C] () -- C:\Windows\SysNative\ntoskrnl.exe
[2010.10.18 22:24:47 | 000,462,848 | ---- | C] () -- C:\Windows\SysNative\drivers\srv.sys
[2010.10.18 22:24:47 | 000,174,592 | ---- | C] () -- C:\Windows\SysNative\drivers\srv2.sys
[2010.10.18 22:24:45 | 001,875,456 | ---- | C] () -- C:\Windows\SysNative\msxml3.dll
[2010.10.18 22:24:42 | 000,880,640 | ---- | C] () -- C:\Windows\SysNative\timedate.cpl
[2010.10.18 22:24:40 | 000,753,152 | ---- | C] () -- C:\Windows\SysNative\jscript.dll
[2010.10.18 22:24:38 | 000,189,952 | ---- | C] () -- C:\Windows\SysNative\t2embed.dll
[2010.10.18 22:24:34 | 000,082,944 | ---- | C] () -- C:\Windows\SysNative\msasn1.dll
[2010.10.18 22:24:30 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\spoolsv.exe
[2010.10.18 22:24:28 | 000,603,648 | ---- | C] () -- C:\Windows\SysNative\vbscript.dll
[2010.10.18 22:24:24 | 002,608,803 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2010.10.18 22:24:23 | 000,615,936 | ---- | C] () -- C:\Windows\SysNative\wlansvc.dll
[2010.10.18 22:24:23 | 000,376,832 | ---- | C] () -- C:\Windows\SysNative\wlansec.dll
[2010.10.18 22:24:23 | 000,353,280 | ---- | C] () -- C:\Windows\SysNative\wlanmsm.dll
[2010.10.18 22:24:23 | 000,157,184 | ---- | C] () -- C:\Windows\SysNative\L2SecHC.dll
[2010.10.18 22:24:23 | 000,097,792 | ---- | C] () -- C:\Windows\SysNative\wlanhlp.dll
[2010.10.18 22:24:23 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\wlanapi.dll
[2010.10.18 22:24:19 | 000,660,480 | ---- | C] () -- C:\Windows\SysNative\win32spl.dll
[2010.10.18 22:24:16 | 001,729,024 | ---- | C] () -- C:\Windows\SysNative\msxml6.dll
[2010.10.18 22:24:12 | 000,088,576 | ---- | C] () -- C:\Windows\SysNative\atl.dll
[2010.10.18 22:24:08 | 000,730,112 | ---- | C] () -- C:\Windows\SysNative\msdtcprx.dll
[2010.10.18 22:24:08 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\xolehlp.dll
[2010.10.18 22:24:06 | 000,622,080 | ---- | C] () -- C:\Windows\SysNative\usp10.dll
[2010.10.18 22:24:04 | 002,751,488 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010.10.18 22:24:02 | 000,202,752 | ---- | C] () -- C:\Windows\SysNative\wkssvc.dll
[2010.10.18 22:23:59 | 000,295,424 | ---- | C] () -- C:\Windows\SysNative\MP4SDECD.DLL
[2010.10.18 22:23:50 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\drivers\pacer.sys
[2010.10.18 22:23:50 | 000,039,424 | ---- | C] () -- C:\Windows\SysNative\traffic.dll
[2010.10.18 22:23:50 | 000,017,920 | ---- | C] () -- C:\Windows\SysNative\pacerprf.dll
[2010.10.18 22:23:50 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\wshqos.dll
[2010.10.18 22:23:50 | 000,001,928 | ---- | C] () -- C:\Users\Ownageman\Desktop\HijackThis.lnk
[2010.10.18 22:23:44 | 000,324,608 | ---- | C] () -- C:\Windows\SysNative\PortableDeviceApi.dll
[2010.10.18 22:23:41 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010.10.18 22:23:41 | 000,096,256 | ---- | C] () -- C:\Windows\SysNative\fontsub.dll
[2010.10.18 22:23:41 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010.10.18 22:23:37 | 000,104,960 | ---- | C] () -- C:\Windows\SysNative\cabview.dll
[2010.10.18 22:23:34 | 000,470,016 | ---- | C] () -- C:\Windows\SysNative\PhotoMetadataHandler.dll
[2010.10.18 22:23:34 | 000,386,560 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2010.10.18 22:23:33 | 000,841,216 | ---- | C] () -- C:\Windows\SysNative\WindowsCodecs.dll
[2010.10.18 22:23:31 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.18 22:23:29 | 000,343,040 | ---- | C] () -- C:\Windows\SysNative\schannel.dll
[2010.10.18 22:23:28 | 000,176,640 | ---- | C] () -- C:\Windows\SysNative\Faultrep.dll
[2010.10.18 22:23:27 | 000,120,832 | ---- | C] () -- C:\Windows\SysNative\wersvc.dll
[2010.10.18 22:23:25 | 001,691,648 | ---- | C] () -- C:\Windows\SysNative\connect.dll
[2010.10.18 22:23:24 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.10.18 22:23:24 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.18 22:23:23 | 001,090,048 | ---- | C] () -- C:\Windows\SysNative\wmpmde.dll
[2010.10.18 22:23:21 | 000,883,200 | ---- | C] () -- C:\Windows\SysNative\drivers\dxgkrnl.sys
[2010.10.18 22:23:21 | 000,399,872 | ---- | C] () -- C:\Windows\SysNative\emdmgmt.dll
[2010.10.18 22:23:21 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\drivers\nwifi.sys
[2010.10.18 22:23:21 | 000,048,640 | ---- | C] () -- C:\Windows\SysNative\dataclen.dll
[2010.10.18 22:23:21 | 000,047,104 | ---- | C] () -- C:\Windows\SysNative\cdd.dll
[2010.10.18 22:07:53 | 000,517,960 | ---- | C] () -- C:\Windows\SysNative\XAudio2_5.dll
[2010.10.18 22:07:47 | 002,582,888 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.10.18 22:07:47 | 000,176,968 | ---- | C] () -- C:\Windows\SysNative\xactengine3_5.dll
[2010.10.18 22:07:45 | 005,554,512 | ---- | C] () -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.10.18 22:07:44 | 002,475,352 | ---- | C] () -- C:\Windows\SysNative\D3DX9_42.dll
[2010.10.18 22:07:44 | 000,523,088 | ---- | C] () -- C:\Windows\SysNative\d3dx10_42.dll
[2010.10.18 22:07:44 | 000,285,024 | ---- | C] () -- C:\Windows\SysNative\d3dx11_42.dll
[2010.10.18 22:07:43 | 005,425,496 | ---- | C] () -- C:\Windows\SysNative\D3DX9_41.dll
[2010.10.18 22:07:43 | 002,430,312 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.10.18 22:07:43 | 000,520,544 | ---- | C] () -- C:\Windows\SysNative\d3dx10_41.dll
[2010.10.18 22:07:42 | 000,521,560 | ---- | C] () -- C:\Windows\SysNative\XAudio2_4.dll
[2010.10.18 22:07:42 | 000,174,936 | ---- | C] () -- C:\Windows\SysNative\xactengine3_4.dll
[2010.10.18 22:07:42 | 000,073,544 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.10.18 22:07:41 | 000,024,920 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.10.18 22:07:40 | 002,605,920 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.10.18 22:07:40 | 000,519,000 | ---- | C] () -- C:\Windows\SysNative\d3dx10_40.dll
[2010.10.18 22:07:39 | 005,631,312 | ---- | C] () -- C:\Windows\SysNative\D3DX9_40.dll
[2010.10.18 22:07:39 | 000,518,480 | ---- | C] () -- C:\Windows\SysNative\XAudio2_3.dll
[2010.10.18 22:07:39 | 000,074,576 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.10.18 22:07:38 | 000,175,440 | ---- | C] () -- C:\Windows\SysNative\xactengine3_3.dll
[2010.10.18 22:07:37 | 000,513,544 | ---- | C] () -- C:\Windows\SysNative\XAudio2_2.dll
[2010.10.18 22:07:37 | 000,072,200 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.10.18 22:07:37 | 000,025,936 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.10.18 22:07:36 | 001,942,552 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.10.18 22:07:36 | 000,540,688 | ---- | C] () -- C:\Windows\SysNative\d3dx10_39.dll
[2010.10.18 22:07:36 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\xactengine3_2.dll
[2010.10.18 22:07:35 | 004,992,520 | ---- | C] () -- C:\Windows\SysNative\D3DX9_39.dll
[2010.10.18 22:07:35 | 000,511,496 | ---- | C] () -- C:\Windows\SysNative\XAudio2_1.dll
[2010.10.18 22:07:35 | 000,068,104 | ---- | C] () -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.10.18 22:07:34 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\xactengine3_1.dll
[2010.10.18 22:07:34 | 000,028,168 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.10.18 22:07:33 | 004,991,496 | ---- | C] () -- C:\Windows\SysNative\D3DX9_38.dll
[2010.10.18 22:07:33 | 001,941,528 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.10.18 22:07:33 | 000,540,688 | ---- | C] () -- C:\Windows\SysNative\d3dx10_38.dll
[2010.10.18 22:07:32 | 000,489,480 | ---- | C] () -- C:\Windows\SysNative\XAudio2_0.dll
[2010.10.18 22:07:31 | 000,177,672 | ---- | C] () -- C:\Windows\SysNative\xactengine3_0.dll
[2010.10.18 22:07:31 | 000,028,168 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.10.18 22:07:30 | 001,860,120 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.10.18 22:07:30 | 000,529,424 | ---- | C] () -- C:\Windows\SysNative\d3dx10_37.dll
[2010.10.18 22:07:29 | 004,910,088 | ---- | C] () -- C:\Windows\SysNative\D3DX9_37.dll
[2010.10.18 22:07:29 | 000,411,656 | ---- | C] () -- C:\Windows\SysNative\xactengine2_10.dll
[2010.10.18 22:07:28 | 005,081,608 | ---- | C] () -- C:\Windows\SysNative\d3dx9_36.dll
[2010.10.18 22:07:28 | 002,006,552 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.10.18 22:07:28 | 000,508,264 | ---- | C] () -- C:\Windows\SysNative\d3dx10_36.dll
[2010.10.18 22:07:26 | 000,411,496 | ---- | C] () -- C:\Windows\SysNative\xactengine2_9.dll
[2010.10.18 22:07:25 | 005,073,256 | ---- | C] () -- C:\Windows\SysNative\d3dx9_35.dll
[2010.10.18 22:07:25 | 001,985,904 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.10.18 22:07:25 | 000,508,264 | ---- | C] () -- C:\Windows\SysNative\d3dx10_35.dll
[2010.10.18 22:07:24 | 000,409,960 | ---- | C] () -- C:\Windows\SysNative\xactengine2_8.dll
[2010.10.18 22:07:24 | 000,021,000 | ---- | C] () -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.10.18 22:07:23 | 001,401,200 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.10.18 22:07:23 | 000,506,728 | ---- | C] () -- C:\Windows\SysNative\d3dx10_34.dll
[2010.10.18 22:07:22 | 004,496,232 | ---- | C] () -- C:\Windows\SysNative\d3dx9_34.dll
[2010.10.18 22:07:22 | 000,107,368 | ---- | C] () -- C:\Windows\SysNative\xinput1_3.dll
[2010.10.18 22:07:20 | 000,403,304 | ---- | C] () -- C:\Windows\SysNative\xactengine2_7.dll
[2010.10.18 22:07:19 | 001,400,176 | ---- | C] () -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.10.18 22:07:19 | 000,506,728 | ---- | C] () -- C:\Windows\SysNative\d3dx10_33.dll
[2010.10.18 22:07:18 | 004,494,184 | ---- | C] () -- C:\Windows\SysNative\d3dx9_33.dll
[2010.10.18 22:07:17 | 000,393,576 | ---- | C] () -- C:\Windows\SysNative\xactengine2_6.dll
[2010.10.18 22:07:15 | 000,469,264 | ---- | C] () -- C:\Windows\SysNative\d3dx10.dll
[2010.10.18 22:07:15 | 000,390,424 | ---- | C] () -- C:\Windows\SysNative\xactengine2_5.dll
[2010.10.18 22:07:14 | 004,398,360 | ---- | C] () -- C:\Windows\SysNative\d3dx9_32.dll
[2010.10.18 22:07:13 | 000,364,824 | ---- | C] () -- C:\Windows\SysNative\xactengine2_4.dll
[2010.10.18 22:07:13 | 000,017,688 | ---- | C] () -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.10.18 22:07:12 | 003,977,496 | ---- | C] () -- C:\Windows\SysNative\d3dx9_31.dll
[2010.10.18 22:07:12 | 000,363,288 | ---- | C] () -- C:\Windows\SysNative\xactengine2_3.dll
[2010.10.18 22:07:11 | 000,083,736 | ---- | C] () -- C:\Windows\SysNative\xinput1_2.dll
[2010.10.18 22:07:10 | 000,354,072 | ---- | C] () -- C:\Windows\SysNative\xactengine2_2.dll
[2010.10.18 21:55:41 | 000,648,704 | ---- | C] () -- C:\Windows\SysNative\netapi32.dll
[2010.10.18 21:39:20 | 000,421,606 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistMSI1C45.txt
[2010.10.18 21:39:18 | 000,011,410 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistUI1C45.txt
[2010.10.18 21:32:24 | 000,083,664 | ---- | C] () -- C:\Windows\SysNative\xinput1_1.dll
[2010.10.18 21:32:23 | 000,352,464 | ---- | C] () -- C:\Windows\SysNative\xactengine2_1.dll
[2010.10.18 21:31:27 | 003,927,248 | ---- | C] () -- C:\Windows\SysNative\d3dx9_30.dll
[2010.10.18 21:31:22 | 000,355,536 | ---- | C] () -- C:\Windows\SysNative\xactengine2_0.dll
[2010.10.18 21:31:22 | 000,016,592 | ---- | C] () -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.10.18 21:31:15 | 003,830,992 | ---- | C] () -- C:\Windows\SysNative\d3dx9_29.dll
[2010.10.18 21:31:06 | 003,815,120 | ---- | C] () -- C:\Windows\SysNative\d3dx9_28.dll
[2010.10.18 21:30:55 | 003,807,440 | ---- | C] () -- C:\Windows\SysNative\d3dx9_27.dll
[2010.10.18 21:30:46 | 003,767,504 | ---- | C] () -- C:\Windows\SysNative\d3dx9_26.dll
[2010.10.18 21:30:36 | 003,823,312 | ---- | C] () -- C:\Windows\SysNative\d3dx9_25.dll
[2010.10.18 21:30:33 | 003,544,272 | ---- | C] () -- C:\Windows\SysNative\d3dx9_24.dll
[2010.10.18 21:23:05 | 000,001,134 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992758402-1675454078-1596989462-1000UA.job
[2010.10.18 21:22:58 | 000,001,082 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1992758402-1675454078-1596989462-1000Core.job
[2010.10.18 21:00:38 | 000,121,936 | ---- | C] () -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.10.18 21:00:38 | 000,020,048 | ---- | C] () -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.10.18 21:00:37 | 000,028,752 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.10.18 21:00:36 | 000,051,280 | ---- | C] () -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.10.18 21:00:32 | 000,061,008 | ---- | C] () -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.10.18 21:00:28 | 000,336,272 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistMSI7E89.txt
[2010.10.18 21:00:27 | 000,011,370 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistUI7E89.txt
[2010.10.18 20:41:30 | 002,621,440 | ---- | C] () -- C:\Windows\SysNative\wucltux.dll
[2010.10.18 20:41:30 | 002,424,024 | ---- | C] () -- C:\Windows\SysNative\wuaueng.dll
[2010.10.18 20:41:30 | 000,057,560 | ---- | C] () -- C:\Windows\SysNative\wuauclt.exe
[2010.10.18 20:41:30 | 000,043,744 | ---- | C] () -- C:\Windows\SysNative\wups2.dll
[2010.10.18 20:41:17 | 000,098,816 | ---- | C] () -- C:\Windows\SysNative\wudriver.dll
[2010.10.18 20:41:17 | 000,038,112 | ---- | C] () -- C:\Windows\SysNative\wups.dll
[2010.10.18 20:41:16 | 000,700,640 | ---- | C] () -- C:\Windows\SysNative\wuapi.dll
[2010.10.18 20:41:10 | 000,185,416 | ---- | C] () -- C:\Windows\SysNative\wuwebv.dll
[2010.10.18 20:41:10 | 000,036,864 | ---- | C] () -- C:\Windows\SysNative\wuapp.exe
[2010.10.18 20:34:13 | 002,081,824 | ---- | C] () -- C:\Windows\SysNative\nvcplui.exe
[2010.10.18 20:34:13 | 001,071,136 | ---- | C] () -- C:\Windows\SysNative\nvcpluir.dll
[2010.10.18 20:34:13 | 000,410,656 | ---- | C] () -- C:\Windows\SysNative\nvcpl.cpl
[2010.10.18 20:34:13 | 000,388,640 | ---- | C] () -- C:\Windows\SysNative\nvexpbar.dll
[2010.10.18 20:31:55 | 000,660,072 | ---- | C] () -- C:\Windows\SysNative\nvudisp.exe
[2010.10.18 20:31:55 | 000,007,542 | ---- | C] () -- C:\Windows\SysNative\nvdisp.nvu
[2010.10.18 20:31:11 | 000,660,072 | ---- | C] () -- C:\Windows\SysNative\NVUNINST.EXE
[2010.10.18 20:10:00 | 000,058,880 | ---- | C] () -- C:\Windows\SysNative\drivers\atl01v64.sys
[2010.10.18 19:54:08 | 000,012,034 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2010.10.18 19:54:02 | 000,015,680 | ---- | C] () -- C:\Windows\SysNative\drivers\ASACPI.sys
[2010.10.18 19:52:48 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.10.18 19:52:17 | 000,427,050 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistMSI4A56.txt
[2010.10.18 19:52:15 | 000,011,610 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\dd_vcredistUI4A56.txt
[2010.10.18 19:49:37 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2010.10.18 19:45:30 | 000,000,104 | ---- | C] () -- C:\Users\Ownageman\Desktop\Computer - Verknüpfung.lnk
[2010.10.18 19:44:09 | 000,011,853 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010.10.18 19:41:06 | 000,000,732 | ---- | C] () -- C:\Users\Ownageman\AppData\Local\d3d9caps64.dat
[2010.10.18 19:27:08 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK
[2010.10.18 19:27:06 | 000,333,203 | RHS- | C] () -- C:\bootmgr
[2008.11.13 06:07:24 | 000,002,177 | ---- | C] () -- C:\Windows\P17EP.ini
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.21 04:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2006.10.11 05:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS

< End of report >
--- --- ---



Und Otl Extras noch:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 19.10.2010 16:24:25 - Run 1
OTL by OldTimer - Version 3.2.15.2     Folder = C:\Users\Ownageman\Desktop\DLs
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 71,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 403,66 Gb Free Space | 86,67% Space Free | Partition Type: NTFS
Drive D: | 610,95 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 298,09 Gb Total Space | 5,04 Gb Free Space | 1,69% Space Free | Partition Type: NTFS
 
Computer Name: OWNAGEMAN-PC | User Name: Ownageman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01C14D42-7577-461B-8266-7F36F724DFC2}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"{1A5D3B46-11CC-49D7-8DB6-0DC6769759AB}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{416EC47A-C0AC-45CD-940A-652D654B0340}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{42ED5FA9-0B6A-4DF2-8008-398F1473BEFD}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{5CD99C06-DB28-4BFE-B2BF-79B52A6A9003}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{8D60E025-A408-4A41-BBB5-1E81C4F33AEC}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{8EAF5804-AFE6-48CB-B268-CC0C8186EA82}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{9B575F60-D542-41AC-A2C6-D4DB3D7330D4}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{9D0CAF25-DDCB-4F17-A1DB-5020EA321CF7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{A4C37D64-01BF-422B-8785-105EDA9FFCCD}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{A95FC58D-8C7F-4476-B65A-55F441643720}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{ACA38B47-67A6-4A5E-A4E4-57295E8DB415}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{AD2025DD-BD4B-456C-870C-EBCD152AF446}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{AF004298-9927-4410-82CF-0BDD64F29100}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{B9A6540F-99C9-4698-B529-2F1571908A18}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2updater.exe | 
"{DDA44729-BFC2-4DC6-9794-40B5E3EAD47C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E6162029-0D3A-4A56-92AA-408E671114E2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
"{EAC1B494-2822-4B70-95B1-A30E3318F23E}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe | 
"{FD74A77E-C110-41DD-92B3-492E2A046D1D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{FE02AF45-F686-4638-AFDF-FABC8C2272A4}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe | 
"{FE300A64-2FED-44D3-969D-8B54F48BFD92}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F698102-5739-441E-96F0-74F4EA540F06}" = Attansic Ethernet Utility
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Attansic L1 Gigabit Ethernet Driver
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9C538746-C2DC-40FC-B1FB-D4EA7966ABEB}" = Skype™ 5.0
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioCS" = Creative Audio-Systemsteuerung
"avast5" = avast! Free Antivirus
"CCleaner" = CCleaner
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"eMusic Promotion" = 50 FREE MP3s +1 Free Audiobook!
"ERUNT_is1" = ERUNT 1.1j
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"PunkBusterSvc" = PunkBuster Services
"VLC media player" = VLC media player 1.1.4
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Detector Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.10.2010 18:06:00 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 18:26:14 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 18:50:11 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 19:08:30 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 19:12:59 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 21:35:48 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 21:44:50 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 21:48:41 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 18.10.2010 21:55:57 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 19.10.2010 10:08:22 | Computer Name = Ownageman-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 18.10.2010 18:28:24 | Computer Name = Ownageman-PC | Source = volsnap | ID = 393236
Description = Die Schattenkopien von Volume "C:" wurden aufgrund von einem fehlgeschlagenen
 Rechenvorgang bezüglich verfügbarem Speicher abgebrochen.
 
Error - 18.10.2010 18:29:15 | Computer Name = Ownageman-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 18.10.2010 18:49:53 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 19:08:09 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 19:12:46 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 21:35:31 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 21:44:30 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 21:48:23 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 18.10.2010 21:55:42 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 19.10.2010 10:08:01 | Computer Name = Ownageman-PC | Source = HTTP | ID = 15016
Description = 
 
 
< End of report >
--- --- ---


Mich uwnderts ein wenig dsas Malwarebytes gar nix entdeckt hatte. Die ext. Festplatte ist angeschlossen.

Danke schoma!

PurpleWine
__________________
Alt 19.10.2010, 15:38   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Zitat:
Art des Suchlaufs: Quick-Scan
ich wollte einen Vollscan sehen...
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 19.10.2010, 17:25   #5
PurpleWine
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Wer lesen kann ....

Hier nun das MalLog mit vollständigem Scan:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4881

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

19.10.2010 17:54:45
mbam-log-2010-10-19 (17-54-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 269100
Laufzeit: 59 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)


Merkwürdig, dass der auch nix findet..

PurpleWine


Alt 19.10.2010, 18:07   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Merkwürdig muss das nicht sein. Wurde Deine ext. Platte von Malwarebytes auch gecheckt? (offensichtlich ja)

Sofern überhaupt was Böses auf der ext. Platte war, dann im Bereich für die Wiederherstellungspunkte. Kannste deaktivieren, die macht auf externen Platten noch weniger Sinn.
Damit Dein System überhaupt infiziert wird, muss etwas Schädliches ausgeführt werden - das ist offensichtlich nicht passiert. Einfach so machen sich Schädlinge nicht breit, die Infektion ist eben nur dann da, wenn was Virulentes ausgeführt wird. Das OTL-Log ist auch soweit unauffällig.
__________________
--> Avast findet "Win32 Virut" auf Externer Festplatte

Alt 20.10.2010, 17:11   #7
PurpleWine
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Bwoah da bin ich schon ein bisschen erleichter =).
Wie werde ich die Wiederherstellungpunkte wieder los? Ich geh davon aus dass die miterstellt wurden, als ich mit der alten Windowsinstallation Wdh.stellungspunkte erstellt hatte und anders an die drankommen muss.

Aber viel wichtiger is ein fettes Danke für die unverbindliche Hilfe!

DANKE

Dein PurpleWine

Alt 20.10.2010, 19:08   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Avast findet "Win32 Virut" auf Externer Festplatte - Standard

Avast findet "Win32 Virut" auf Externer Festplatte


Systemwiederherstellung deaktivieren
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Avast findet "Win32 Virut" auf Externer Festplatte
adobe, antivirus, avast, avast!, bho, explorer, fehlfunktion, festplatte, firefox, google, hijack, hijackthis, internet, internet explorer, microsoft, mozilla, nvidia, ordner, rundll, safer networking, scan, security, software, system, vista, windows, wmp


« Rechner mit XP stürzt beim booten immer wieder ab | Pc ab und zu sehr langsam »


Ähnliche Themen: Avast findet "Win32 Virut" auf Externer Festplatte


  1. Eset findet "Win32/Bundled.Toolbar.Google.D" und "Win32/OpenCandy.C"
    Plagegeister aller Art und deren Bekämpfung - 22.09.2015 (10)
  2. Von Avast erkannte Bedrohung (Win32:Adware-gen[Adw]), Postfach gehackt & "Hey friend"-Mailversand
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (9)
  3. Avast blockiert wiederholt "Infektion" Win32:Evo-gen [Susp]
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (5)
  4. Avast findet Virus "Bejeweled 2 Deluxe-WT.exe"
    Plagegeister aller Art und deren Bekämpfung - 12.10.2014 (17)
  5. Windows 8.1: Avast meldet Fund "Win32:Dropper-gen[Drp]"
    Log-Analyse und Auswertung - 26.07.2014 (19)
  6. Avast Antivirus findet Bedrohung "Win32:NextLive-A" (nengine:dll)
    Log-Analyse und Auswertung - 05.03.2014 (7)
  7. Win 7, Zonealarm findet Trojan-Spy.Win32.VB.qu und Worm.Win32.VB.fp auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (9)
  8. Win 8 (64bit): Avast meldet "FileRepMalware" & "Win32:evo-gen [Susp]"
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (20)
  9. Pop up's und "302 Document moved" in FF und IE, avast findet php agent(?) (Noch nicht fertig)
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (21)
  10. Avast findet Trojaner "JS:Iframe-ZU"
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (13)
  11. Avast! findet "Rootkit: hiddenfile" in meinem Windows Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  12. Virus "W32/Virut.Gen" auf Externer Festplatte ('F:\AppInst.exe')
    Log-Analyse und Auswertung - 21.11.2011 (27)
  13. Datei "wubildr" auf externer Festplatte
    Alles rund um Mac OSX & Linux - 09.11.2011 (11)
  14. avast findet "giraffic.exe", danach findet malewarebytes 13 infizierte dateien..PUP.Hacktool.Patcher
    Log-Analyse und Auswertung - 26.08.2011 (5)
  15. "fujack" in externer festplatte
    Plagegeister aller Art und deren Bekämpfung - 15.08.2009 (1)
  16. W32/Virut.Gen auf externer Festplatte
    Plagegeister aller Art und deren Bekämpfung - 16.03.2009 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Avast findet "Win32 Virut" auf Externer Festplatte - Hallo Ich habe heute mein System, Vista 64bit, frisch aufgesetzt und nachdem soweit Treiber und Antivirensoftware (Avast) installiert waren direkt einen scan durchführen lassen. Als Ergebnis wurden mir von Avast - Avast findet "Win32 Virut" auf Externer Festplatte...
Archiv
Du betrachtest: Avast findet "Win32 Virut" auf Externer Festplatte auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55