Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC Stürzt ab nach einer gewissen Zeit

PC Stürzt ab nach einer gewissen Zeit


Log-Analyse und Auswertung: PC Stürzt ab nach einer gewissen Zeit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.04.2011, 20:58   #1
wake0071
 
PC Stürzt ab nach einer gewissen Zeit - Standard

PC Stürzt ab nach einer gewissen Zeit


Hallo seit ein paar Tagen stürzt mein Pc dauernd ab


OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{126AFB8B-0D6E-4E51-B5E6-DB2DDE7E91F3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1DFB3C89-F4F0-41BA-99F9-AF0E01086FB8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{30F29941-2CB2-4B05-BAB1-C662BF63DBBA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{32FEA5DB-C27D-41B7-8589-CF4C3F23FB4B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{46717E7C-DC95-46E5-8C3D-054371B4F0D5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5342E541-827F-4A52-A5E6-46E3864AD691}" = rport=139 | protocol=6 | dir=out | app=system | 
"{63A4D43D-CB1A-4C90-8DC3-DE217E7E1559}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7E3DF5A7-DA12-4FB4-A19E-276E2A860C55}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C277255D-A5F5-4FF6-959C-87F9C35A5BEC}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C5C0B8C2-0662-4D7F-840B-B53BE9CCC578}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EBFFFD17-1ED9-450D-9F68-2B868849B4AC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F4479F38-C417-4285-914A-B53780E22835}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3735044E-1CD7-40A2-933C-545FBF4A67C6}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{43B94363-9C98-4EDD-AB83-6D01153E932B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4B71E128-35CF-4359-8A65-52376DDF1FE7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{63CD2225-6A3D-4FB6-920C-827FE455BBFF}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{734637E9-B3DC-420F-AC99-EE3D2EA566A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7B5BFA0B-1126-4C20-984E-B506B25C1E3E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{A767BE8D-D9AF-403E-B58B-88C3889AA7BC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AF7F13EE-8AF8-4727-887B-29645CE7D01D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{C6457A00-22C3-4700-8BD1-6D85DD2998EB}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{F9FA553F-FA51-4183-9E88-9C54905D46EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FF20A27C-A07A-4E28-96DC-F805003F3B08}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"TCP Query User{1A6A8C30-EFBF-4FCD-8D86-2D7016B6224F}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"UDP Query User{A88ACFF6-A421-4D7E-8D34-5781DB48ABD1}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{185C9D5C-DF96-49D2-9059-188F0DAC4921}" = Heyer's Karten-Studio 2
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ERUNT_is1" = ERUNT 1.1j
"flunatic_is1" = flunatic 1.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"orgaMAX_is1" = orgaMAX Business Software
"Rechnung3" = Softwarenetz Rechnung3
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.03.2011 14:44:21 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.03.2011 10:13:06 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 08:25:36 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 10:01:42 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 11:55:25 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 17:14:53 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2011 09:37:32 | Computer Name = Rouven-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 
0x47589ff7, fehlerhaftes Modul SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 0x47589ff7,
 Ausnahmecode 0xc0000409, Fehleroffset 0x0002975c,  Prozess-ID 0x81c, Anwendungsstartzeit
 01cc01fb5416cba7.
 
Error - 26.04.2011 10:30:29 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2011 02:18:39 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2011 14:42:52 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 20.04.2011 05:07:44 | Computer Name = Rouven-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 20.04.2011 11:22:56 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 13:06:37 | Computer Name = Rouven-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.04.2011 um 17:51:28 unerwartet heruntergefahren.
 
Error - 20.04.2011 13:06:39 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 13:12:09 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 20.04.2011 13:45:44 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description = 
 
Error - 20.04.2011 14:47:59 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 15:14:58 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description = 
 
Error - 20.04.2011 20:03:14 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 21.04.2011 03:38:17 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
 
< End of report >
--- --- ---



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (Asushwio) -- C:\Windows\System32\drivers\Asushwio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.27 21:52:49 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Malwarebytes
[2011.04.27 21:52:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.27 21:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.27 21:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.27 21:52:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.27 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.27 21:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.27 21:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011.04.27 21:34:41 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:34:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:34:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 18:23:06 | 000,181,344 | ---- | C] (SoftwareNetz) -- C:\Windows\snui.exe
[2011.04.27 18:23:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareNetz
[2011.04.27 18:23:05 | 000,000,000 | ---D | C] -- C:\Softwarenetz
[2011.04.27 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 18:13:16 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.27 17:53:46 | 004,292,096 | ---- | C] (dimastr.com) -- C:\Windows\System32\redemption.dll
[2011.04.27 17:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\orgaMAX Business Software
[2011.04.27 17:53:43 | 000,297,472 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\midas.dll
[2011.04.27 17:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\deltra Software GmbH
[2011.04.27 17:51:48 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\qtintf70.dll
[2011.04.27 17:51:46 | 000,000,000 | ---D | C] -- C:\orgaMAX
[2011.04.27 17:34:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Desktop\Heimfrost
[2011.04.23 19:17:29 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Brother
[2011.04.23 19:09:45 | 000,000,000 | ---D | C] -- C:\HKS-Daten
[2011.04.23 19:09:42 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\B+P Heyer
[2011.04.23 19:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heyer's Karten-Studio
[2011.04.23 19:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\BPH
[2011.04.21 16:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\flunatic
[2011.04.21 16:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\flunatic
[2011.04.21 09:48:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.21 09:48:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.21 09:48:54 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.21 09:48:54 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.21 09:48:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.21 09:48:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.21 09:48:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.21 09:48:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.21 09:48:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.21 09:48:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.21 09:48:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.21 09:48:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.21 09:48:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.21 09:48:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.21 09:48:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.21 09:48:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.21 09:48:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.21 09:48:52 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.21 09:48:52 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.20 21:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.04.20 19:36:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Adobe
[2011.04.20 19:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.04.20 19:33:58 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.04.20 19:33:58 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2011.04.20 19:33:57 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011.04.20 19:33:56 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2011.04.20 19:33:56 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2011.04.20 19:33:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2011.04.20 19:33:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2011.04.20 19:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2011.04.20 19:29:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011.04.20 17:37:30 | 000,094,208 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011.04.20 17:37:30 | 000,057,856 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\brinsstr.dll
[2011.04.20 17:37:30 | 000,016,384 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011.04.20 17:37:30 | 000,012,288 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011.04.20 17:37:28 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2011.04.20 17:37:22 | 000,163,840 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011.04.20 17:37:22 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\brunin03.dll
[2011.04.20 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\4.0
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\.tfo4
[2011.04.20 10:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.20 10:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.04.20 10:37:56 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:55 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.04.20 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\vlc
[2011.04.20 10:28:24 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011.04.20 10:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.04.20 10:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.04.20 10:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.20 10:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.20 10:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2011.04.20 10:16:39 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.04.20 10:15:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.04.20 10:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.04.20 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\ICQ
[2011.04.20 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.20 09:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011.04.20 09:23:27 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.20 09:23:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\DVDVideoSoft
[2011.04.20 09:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.04.20 08:53:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.04.20 08:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.04.20 08:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Mozilla
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011.04.20 08:50:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 08:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.04.20 08:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.04.20 08:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.04.20 08:26:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.20 08:26:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.20 08:26:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.20 08:26:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011.04.20 08:26:29 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.20 08:26:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.20 08:26:29 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.20 08:26:29 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.20 08:26:28 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.20 08:26:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.20 08:26:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.20 08:26:27 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011.04.20 08:26:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.20 08:26:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.20 08:26:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.20 08:26:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.20 08:26:26 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.20 08:26:24 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.20 08:26:24 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.20 08:26:24 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011.04.20 08:26:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.20 08:26:24 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.20 08:26:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011.04.20 08:25:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.04.20 08:25:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.04.20 08:25:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.04.20 08:24:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011.04.20 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.04.20 08:18:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.04.20 08:18:17 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.04.20 08:18:17 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.04.20 08:12:50 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\Meine empfangenen Dateien
[2011.04.20 08:09:45 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Tracing
[2011.04.20 08:08:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011.04.20 08:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011.04.20 08:07:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.20 08:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011.04.20 08:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.04.20 08:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011.04.20 08:06:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.04.20 07:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011.04.20 07:08:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.04.20 07:04:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.04.20 04:58:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.04.20 03:51:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011.04.20 03:51:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011.04.20 03:51:36 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011.04.20 03:51:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.04.20 03:51:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011.04.20 03:51:36 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011.04.20 03:51:36 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011.04.20 03:51:36 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011.04.20 03:51:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011.04.20 03:51:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011.04.20 03:51:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011.04.20 03:51:36 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.04.20 03:51:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011.04.20 03:51:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011.04.20 03:51:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011.04.20 03:51:35 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011.04.20 03:51:35 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011.04.20 03:51:35 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.04.20 03:51:35 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.04.20 03:51:35 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.04.20 03:51:35 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011.04.20 03:51:35 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.04.20 03:51:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011.04.20 03:44:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.04.20 03:44:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.04.20 03:44:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.04.20 03:44:54 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.04.20 03:30:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011.04.20 03:11:35 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.04.20 03:11:35 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.04.20 03:11:35 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.04.20 03:11:35 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.04.20 03:11:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.04.20 03:11:34 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.04.20 03:06:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.04.20 03:06:31 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.04.20 03:04:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011.04.20 03:04:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.04.20 03:01:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.04.20 03:01:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.04.20 03:01:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.04.20 03:01:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.04.20 03:01:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.04.20 03:01:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.04.20 03:01:53 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.04.20 03:01:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.04.20 03:01:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.04.20 03:01:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.04.20 03:01:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.04.20 03:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.04.20 03:01:47 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.04.20 03:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.04.20 03:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.04.20 03:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.04.20 00:44:20 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011.04.20 00:44:18 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011.04.20 00:44:11 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.04.20 00:26:42 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.04.20 00:26:28 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.04.20 00:26:23 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.20 00:26:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.04.20 00:26:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.20 00:26:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011.04.20 00:26:22 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.04.20 00:26:15 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.04.20 00:26:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011.04.20 00:26:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011.04.20 00:26:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011.04.20 00:26:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011.04.20 00:26:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011.04.20 00:26:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011.04.20 00:25:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011.04.20 00:25:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.04.20 00:25:46 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011.04.20 00:25:39 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.04.20 00:25:38 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.04.20 00:25:30 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.20 00:25:29 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.20 00:25:26 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.04.20 00:25:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011.04.20 00:25:21 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.04.20 00:25:20 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.04.20 00:25:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.20 00:25:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.04.20 00:25:06 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011.04.20 00:25:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011.04.20 00:25:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.04.20 00:24:39 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.20 00:24:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.04.20 00:24:34 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.04.20 00:24:30 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.04.20 00:24:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.20 00:24:25 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.20 00:24:18 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011.04.20 00:24:02 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.04.20 00:24:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.04.20 00:24:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.04.20 00:24:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.04.20 00:23:59 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.20 00:23:55 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.04.20 00:23:48 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.04.20 00:23:48 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.04.20 00:23:48 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.04.20 00:23:48 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011.04.20 00:23:47 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.04.20 00:23:47 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.04.20 00:23:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.04.20 00:23:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011.04.20 00:23:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011.04.20 00:23:38 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.04.20 00:23:33 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.04.20 00:23:33 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011.04.20 00:23:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.04.20 00:23:33 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011.04.20 00:23:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011.04.20 00:23:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.04.20 00:23:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011.04.20 00:23:25 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.04.20 00:23:25 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.04.20 00:23:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.04.20 00:23:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.04.20 00:23:24 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011.04.20 00:23:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.04.20 00:23:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.04.20 00:23:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.04.20 00:23:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.04.20 00:23:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011.04.20 00:23:12 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011.04.20 00:23:10 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011.04.20 00:23:09 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011.04.20 00:23:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.04.20 00:23:05 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.04.20 00:23:04 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.04.20 00:23:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011.04.20 00:23:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.04.20 00:23:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.04.20 00:22:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011.04.20 00:22:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011.04.20 00:22:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.04.20 00:22:37 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.04.20 00:22:37 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.04.20 00:22:37 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.04.20 00:22:37 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.04.20 00:22:37 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.04.20 00:22:37 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.04.20 00:22:36 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.04.20 00:22:15 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.04.20 00:21:58 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.04.20 00:21:58 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.04.20 00:21:55 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011.04.20 00:21:53 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011.04.20 00:21:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.04.20 00:21:45 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.04.20 00:21:43 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.04.20 00:21:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.04.20 00:21:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.04.20 00:21:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.04.20 00:21:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011.04.20 00:21:36 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.04.20 00:21:26 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011.04.20 00:21:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.04.19 23:48:07 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.04.19 23:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.04.19 23:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.04.19 23:27:47 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.04.19 23:26:35 | 000,011,776 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2011.04.19 23:24:37 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2011.04.19 23:24:37 | 000,045,568 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011.04.19 23:24:37 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011.04.19 23:24:36 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2011.04.19 23:24:36 | 000,043,008 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011.04.19 23:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.04.19 23:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011.04.19 23:20:14 | 000,046,592 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\l160x86.sys
[2011.04.19 23:20:13 | 001,019,136 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys
[2011.04.19 23:20:13 | 000,221,184 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\sm56co76.dll
[2011.04.19 23:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1
[2011.04.19 23:09:10 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2011.04.19 23:07:22 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2011.04.19 23:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATKOSD2
[2011.04.19 23:03:46 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2011.04.19 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011.04.19 23:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\ATK Hotkey
[2011.04.19 22:51:55 | 000,000,000 | ---D | C] -- C:\882f93ffbf7c9b68d4
[2011.04.19 22:49:44 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.04.19 22:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.04.19 22:49:37 | 000,000,000 | ---D | C] -- C:\Intel
[2011.04.19 22:36:03 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.04.19 22:36:03 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.04.19 22:35:51 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.04.19 22:35:51 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.04.19 22:35:51 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.04.19 22:35:43 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.04.19 22:35:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Macromedia
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Adobe
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Google
[2011.04.19 22:23:35 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.04.19 22:22:51 | 000,029,752 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\AsDsm.sys
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.04.19 22:22:49 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011.04.19 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\InstallShield
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Searches
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.04.19 22:17:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Identities
[2011.04.19 22:17:05 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Contacts
[2011.04.19 22:17:04 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\VirtualStore
[2011.04.19 22:16:52 | 000,000,000 | --SD | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Videos
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Saved Games
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Pictures
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Music
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Links
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Favorites
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Downloads
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Documents
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Desktop
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Vorlagen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Verlauf
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Temporary Internet Files
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Startmenü
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\SendTo
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Recent
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Netzwerkumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Lokale Einstellungen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Videos
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Musik
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Eigene Dateien
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Bilder
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Druckumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Cookies
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -H-D | C] -- C:\Users\Rouven\AppData
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Temp
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Media Center Programs
[2011.03.30 16:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011.03.30 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2011.03.30 16:23:22 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\VirtualDJ
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.27 21:54:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.27 21:54:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.27 21:54:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.27 21:54:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.27 21:52:36 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.27 21:46:25 | 3218,374,656 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.27 21:44:22 | 000,000,920 | ---- | M] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | M] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | M] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:42:58 | 000,301,568 | ---- | M] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 21:42:55 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:42:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:42:38 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | M] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.23 23:13:40 | 000,232,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.23 19:17:50 | 000,000,466 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.04.21 16:03:16 | 000,000,811 | ---- | M] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:38:13 | 001,213,954 | ---- | M] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:14:49 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.04.20 19:13:02 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 10:37:33 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:28:24 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:14 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:17:56 | 000,001,694 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:31 | 000,001,039 | ---- | M] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | M] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:18:27 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:14:05 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011.04.19 23:49:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 22:54:55 | 000,000,680 | ---- | M] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.04.19 22:30:15 | 000,002,054 | ---- | M] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:35 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.03.30 16:23:33 | 000,000,850 | ---- | M] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2011.03.29 20:43:36 | 000,006,144 | ---- | M] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2011.04.27 21:52:36 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:44:22 | 000,000,920 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | C] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | C] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:34:42 | 000,301,568 | ---- | C] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | C] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.21 16:03:16 | 000,000,811 | ---- | C] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:36:15 | 001,213,954 | ---- | C] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:33:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.04.20 17:40:57 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 17:37:22 | 000,006,224 | ---- | C] () -- C:\Windows\CVRPAGE.bmp
[2011.04.20 10:28:14 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:22:41 | 000,006,144 | ---- | C] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.20 10:17:56 | 000,001,694 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 10:12:58 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:25 | 000,001,039 | ---- | C] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | C] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:29:35 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.20 08:18:27 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:10:14 | 3218,374,656 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.20 03:51:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.20 03:51:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.04.20 03:51:36 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011.04.20 03:01:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.04.20 03:01:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.04.20 03:01:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.04.20 00:25:47 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011.04.19 23:49:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:47:01 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.04.19 23:47:01 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.04.19 23:26:35 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.04.19 23:26:35 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.04.19 23:26:35 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2011.04.19 23:26:35 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2011.04.19 23:26:35 | 000,000,372 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2011.04.19 23:26:35 | 000,000,371 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2011.04.19 23:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 23:23:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.04.19 22:30:15 | 000,002,054 | ---- | C] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.04.19 22:17:15 | 000,000,956 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.19 22:17:14 | 000,000,951 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.04.19 22:17:05 | 000,000,922 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011.04.19 22:16:58 | 000,000,680 | ---- | C] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.03.30 16:23:33 | 000,000,850 | ---- | C] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,232,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.10 13:33:00 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\Asushwio.sys
 
========== LOP Check ==========
 
[2011.04.23 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.27 18:13:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.20 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 09:23:27 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.27 08:17:29 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.27 18:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 21:37:33 | 000,014,912 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---


Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6459

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

27.04.2011 21:56:43
mbam-log-2011-04-27 (21-56-43).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133647
Laufzeit: 2 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Vielen Dank für euer Hilfe

greetz wake0071

 

Themen zu PC Stürzt ab nach einer gewissen Zeit
32-bit, autorun, avgntflt.sys, avira, bho, converter, error, flash player, format, gfnexsrv.exe, google, google chrome, home, install.exe, installation, karte, location, logfile, mp3, nvlddmkm.sys, object, oldtimer, plug-in, realtek, registry, rundll, saver, scan, sched.exe, security, shell32.dll, skype.exe, software, start menu, svchost.exe, tcp, usb, usb 2.0, vista, windows xp, wlan.


« Viren befallen meinen pc | Internet Explorer öffnet Werbung »


Ähnliche Themen: PC Stürzt ab nach einer gewissen Zeit


  1. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping - Wlan
    Plagegeister aller Art und deren Bekämpfung - 19.09.2015 (24)
  2. Firefox stürzt nach ne kurze Zeit ab?
    Netzwerk und Hardware - 02.09.2015 (26)
  3. CPU Auslastung & Kein Signal nach einer Zeit an dem Bildschirm + CMD Fenster beim Start
    Plagegeister aller Art und deren Bekämpfung - 10.06.2015 (4)
  4. Mozilla schließt sich einfach nach einer gewissen Zeit
    Alles rund um Windows - 08.05.2015 (5)
  5. Windows 7 nach Anmelden Schwarzer Bildschirm mit Maus / nach einer Zeit Windows Funktioniert nicht mehr
    Alles rund um Windows - 09.02.2015 (1)
  6. Internetverbindung nach einer Zeit immer langsamer High Ping Erkennt ihr was?
    Log-Analyse und Auswertung - 18.08.2013 (5)
  7. Internetverbindung nach einer Zeit immer langsamer und Hoher Ping
    Netzwerk und Hardware - 16.08.2013 (1)
  8. Das öffnen von Webseiten dauert nach einer Zeit sehr lange
    Log-Analyse und Auswertung - 09.06.2013 (25)
  9. Tastatur wiederholt Buchstaben, nach einer bestimmten Zeit, jedoch ohne Rythmus
    Plagegeister aller Art und deren Bekämpfung - 27.07.2012 (5)
  10. mein bildschirm nach einer zeit dunkel
    Plagegeister aller Art und deren Bekämpfung - 26.04.2012 (1)
  11. PC stürzt kurze Zeit nach jeweils erstem Start ab oder friert ein
    Plagegeister aller Art und deren Bekämpfung - 28.12.2011 (1)
  12. Virus nach ausführen einer Datei, PC stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 29.12.2010 (1)
  13. Bildschirm nach einer Zeit schwarz und hängt dann Virus?
    Plagegeister aller Art und deren Bekämpfung - 19.01.2010 (1)
  14. Browser zeigt nach einer gewissen Zeit keine Seite mehr an/Programme reagieren nicht
    Alles rund um Windows - 09.11.2009 (3)
  15. Pc stürtzt nach einer bestimmten Zeit ab
    Log-Analyse und Auswertung - 19.08.2009 (5)
  16. Programme Stürtzen nach einer Zeit automatisch ab...
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (1)
  17. iexplore.exe beendet sich nach einer bestimmten zeit auf einer seite
    Plagegeister aller Art und deren Bekämpfung - 08.01.2008 (47)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC Stürzt ab nach einer gewissen Zeit - Hallo seit ein paar Tagen stürzt mein Pc dauernd ab OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL Extras logfile created on: 27.04.2011 21:52:10 - Run 1 OTL by OldTimer - PC Stürzt ab nach einer gewissen Zeit...
Archiv
Du betrachtest: PC Stürzt ab nach einer gewissen Zeit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19