PC Stürzt ab nach einer gewissen Zeit

wake0071 · 27.04.2011, 20:58

Hallo seit ein paar Tagen stürzt mein Pc dauernd ab

OTL Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{126AFB8B-0D6E-4E51-B5E6-DB2DDE7E91F3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{1DFB3C89-F4F0-41BA-99F9-AF0E01086FB8}" = lport=139 | protocol=6 | dir=in | app=system | 
"{30F29941-2CB2-4B05-BAB1-C662BF63DBBA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{32FEA5DB-C27D-41B7-8589-CF4C3F23FB4B}" = lport=445 | protocol=6 | dir=in | app=system | 
"{46717E7C-DC95-46E5-8C3D-054371B4F0D5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{5342E541-827F-4A52-A5E6-46E3864AD691}" = rport=139 | protocol=6 | dir=out | app=system | 
"{63A4D43D-CB1A-4C90-8DC3-DE217E7E1559}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7E3DF5A7-DA12-4FB4-A19E-276E2A860C55}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C277255D-A5F5-4FF6-959C-87F9C35A5BEC}" = rport=445 | protocol=6 | dir=out | app=system | 
"{C5C0B8C2-0662-4D7F-840B-B53BE9CCC578}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{EBFFFD17-1ED9-450D-9F68-2B868849B4AC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{F4479F38-C417-4285-914A-B53780E22835}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3735044E-1CD7-40A2-933C-545FBF4A67C6}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{43B94363-9C98-4EDD-AB83-6D01153E932B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4B71E128-35CF-4359-8A65-52376DDF1FE7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{63CD2225-6A3D-4FB6-920C-827FE455BBFF}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{734637E9-B3DC-420F-AC99-EE3D2EA566A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{7B5BFA0B-1126-4C20-984E-B506B25C1E3E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{A767BE8D-D9AF-403E-B58B-88C3889AA7BC}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{AF7F13EE-8AF8-4727-887B-29645CE7D01D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{C6457A00-22C3-4700-8BD1-6D85DD2998EB}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{F9FA553F-FA51-4183-9E88-9C54905D46EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{FF20A27C-A07A-4E28-96DC-F805003F3B08}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"TCP Query User{1A6A8C30-EFBF-4FCD-8D86-2D7016B6224F}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"UDP Query User{A88ACFF6-A421-4D7E-8D34-5781DB48ABD1}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{185C9D5C-DF96-49D2-9059-188F0DAC4921}" = Heyer's Karten-Studio 2
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ERUNT_is1" = ERUNT 1.1j
"flunatic_is1" = flunatic 1.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"orgaMAX_is1" = orgaMAX Business Software
"Rechnung3" = Softwarenetz Rechnung3
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.03.2011 14:44:21 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.03.2011 10:13:06 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 08:25:36 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 10:01:42 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 11:55:25 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 23.04.2011 17:14:53 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.04.2011 09:37:32 | Computer Name = Rouven-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 
0x47589ff7, fehlerhaftes Modul SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 0x47589ff7,
 Ausnahmecode 0xc0000409, Fehleroffset 0x0002975c,  Prozess-ID 0x81c, Anwendungsstartzeit
 01cc01fb5416cba7.
 
Error - 26.04.2011 10:30:29 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2011 02:18:39 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 27.04.2011 14:42:52 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 20.04.2011 05:07:44 | Computer Name = Rouven-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = 
 
Error - 20.04.2011 11:22:56 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 13:06:37 | Computer Name = Rouven-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.04.2011 um 17:51:28 unerwartet heruntergefahren.
 
Error - 20.04.2011 13:06:39 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 13:12:09 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7022
Description = 
 
Error - 20.04.2011 13:45:44 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description = 
 
Error - 20.04.2011 14:47:59 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 20.04.2011 15:14:58 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description = 
 
Error - 20.04.2011 20:03:14 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
Error - 21.04.2011 03:38:17 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description = 
 
 
< End of report >

--- --- ---

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (Asushwio) -- C:\Windows\System32\drivers\Asushwio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.27 21:52:49 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Malwarebytes
[2011.04.27 21:52:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.27 21:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.27 21:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.27 21:52:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.27 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.27 21:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.27 21:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011.04.27 21:34:41 | 000,791,393 | ---- | C] (Lars Hederer                                                ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:34:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:34:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 18:23:06 | 000,181,344 | ---- | C] (SoftwareNetz) -- C:\Windows\snui.exe
[2011.04.27 18:23:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareNetz
[2011.04.27 18:23:05 | 000,000,000 | ---D | C] -- C:\Softwarenetz
[2011.04.27 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 18:13:16 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.27 17:53:46 | 004,292,096 | ---- | C] (dimastr.com) -- C:\Windows\System32\redemption.dll
[2011.04.27 17:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\orgaMAX Business Software
[2011.04.27 17:53:43 | 000,297,472 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\midas.dll
[2011.04.27 17:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\deltra Software GmbH
[2011.04.27 17:51:48 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\qtintf70.dll
[2011.04.27 17:51:46 | 000,000,000 | ---D | C] -- C:\orgaMAX
[2011.04.27 17:34:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Desktop\Heimfrost
[2011.04.23 19:17:29 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Brother
[2011.04.23 19:09:45 | 000,000,000 | ---D | C] -- C:\HKS-Daten
[2011.04.23 19:09:42 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\B+P Heyer
[2011.04.23 19:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heyer's Karten-Studio
[2011.04.23 19:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\BPH
[2011.04.21 16:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\flunatic
[2011.04.21 16:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\flunatic
[2011.04.21 09:48:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.21 09:48:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.21 09:48:54 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.21 09:48:54 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.21 09:48:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.21 09:48:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.21 09:48:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.21 09:48:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.21 09:48:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.21 09:48:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.21 09:48:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.21 09:48:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.21 09:48:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.21 09:48:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.21 09:48:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.21 09:48:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.21 09:48:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.21 09:48:52 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.21 09:48:52 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.20 21:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.04.20 19:36:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Adobe
[2011.04.20 19:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.04.20 19:33:58 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.04.20 19:33:58 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2011.04.20 19:33:57 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011.04.20 19:33:56 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2011.04.20 19:33:56 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2011.04.20 19:33:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2011.04.20 19:33:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2011.04.20 19:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2011.04.20 19:29:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011.04.20 17:37:30 | 000,094,208 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011.04.20 17:37:30 | 000,057,856 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\brinsstr.dll
[2011.04.20 17:37:30 | 000,016,384 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011.04.20 17:37:30 | 000,012,288 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011.04.20 17:37:28 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2011.04.20 17:37:22 | 000,163,840 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011.04.20 17:37:22 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\brunin03.dll
[2011.04.20 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\4.0
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\.tfo4
[2011.04.20 10:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.20 10:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.04.20 10:37:56 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:55 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.04.20 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\vlc
[2011.04.20 10:28:24 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011.04.20 10:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.04.20 10:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.04.20 10:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.20 10:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.20 10:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2011.04.20 10:16:39 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.04.20 10:15:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.04.20 10:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.04.20 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\ICQ
[2011.04.20 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.20 09:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011.04.20 09:23:27 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.20 09:23:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\DVDVideoSoft
[2011.04.20 09:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.04.20 08:53:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.04.20 08:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.04.20 08:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Mozilla
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011.04.20 08:50:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 08:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.04.20 08:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.04.20 08:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.04.20 08:26:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.20 08:26:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.20 08:26:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.20 08:26:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011.04.20 08:26:29 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.20 08:26:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.20 08:26:29 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.20 08:26:29 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.20 08:26:28 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.20 08:26:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.20 08:26:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.20 08:26:27 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011.04.20 08:26:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.20 08:26:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.20 08:26:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.20 08:26:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.20 08:26:26 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.20 08:26:24 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.20 08:26:24 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.20 08:26:24 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011.04.20 08:26:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.20 08:26:24 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.20 08:26:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011.04.20 08:25:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.04.20 08:25:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.04.20 08:25:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.04.20 08:24:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011.04.20 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.04.20 08:18:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.04.20 08:18:17 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.04.20 08:18:17 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.04.20 08:12:50 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\Meine empfangenen Dateien
[2011.04.20 08:09:45 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Tracing
[2011.04.20 08:08:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011.04.20 08:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011.04.20 08:07:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.20 08:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011.04.20 08:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.04.20 08:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011.04.20 08:06:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.04.20 07:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011.04.20 07:08:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.04.20 07:04:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.04.20 04:58:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.04.20 03:51:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011.04.20 03:51:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011.04.20 03:51:36 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011.04.20 03:51:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.04.20 03:51:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011.04.20 03:51:36 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011.04.20 03:51:36 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011.04.20 03:51:36 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011.04.20 03:51:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011.04.20 03:51:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011.04.20 03:51:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011.04.20 03:51:36 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.04.20 03:51:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011.04.20 03:51:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011.04.20 03:51:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011.04.20 03:51:35 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011.04.20 03:51:35 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011.04.20 03:51:35 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.04.20 03:51:35 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.04.20 03:51:35 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.04.20 03:51:35 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011.04.20 03:51:35 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.04.20 03:51:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011.04.20 03:44:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.04.20 03:44:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.04.20 03:44:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.04.20 03:44:54 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.04.20 03:30:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011.04.20 03:11:35 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.04.20 03:11:35 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.04.20 03:11:35 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.04.20 03:11:35 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.04.20 03:11:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.04.20 03:11:34 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.04.20 03:06:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.04.20 03:06:31 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.04.20 03:04:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011.04.20 03:04:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.04.20 03:01:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.04.20 03:01:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.04.20 03:01:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.04.20 03:01:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.04.20 03:01:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.04.20 03:01:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.04.20 03:01:53 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.04.20 03:01:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.04.20 03:01:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.04.20 03:01:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.04.20 03:01:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.04.20 03:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.04.20 03:01:47 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.04.20 03:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.04.20 03:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.04.20 03:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.04.20 00:44:20 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011.04.20 00:44:18 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011.04.20 00:44:11 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.04.20 00:26:42 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.04.20 00:26:28 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.04.20 00:26:23 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.20 00:26:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.04.20 00:26:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.20 00:26:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011.04.20 00:26:22 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.04.20 00:26:15 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.04.20 00:26:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011.04.20 00:26:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011.04.20 00:26:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011.04.20 00:26:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011.04.20 00:26:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011.04.20 00:26:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011.04.20 00:25:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011.04.20 00:25:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.04.20 00:25:46 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011.04.20 00:25:39 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.04.20 00:25:38 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.04.20 00:25:30 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.20 00:25:29 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.20 00:25:26 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.04.20 00:25:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011.04.20 00:25:21 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.04.20 00:25:20 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.04.20 00:25:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.20 00:25:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.04.20 00:25:06 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011.04.20 00:25:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011.04.20 00:25:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.04.20 00:24:39 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.20 00:24:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.04.20 00:24:34 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.04.20 00:24:30 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.04.20 00:24:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.20 00:24:25 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.20 00:24:18 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011.04.20 00:24:02 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.04.20 00:24:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.04.20 00:24:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.04.20 00:24:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.04.20 00:23:59 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.20 00:23:55 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.04.20 00:23:48 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.04.20 00:23:48 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.04.20 00:23:48 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.04.20 00:23:48 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011.04.20 00:23:47 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.04.20 00:23:47 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.04.20 00:23:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.04.20 00:23:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011.04.20 00:23:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011.04.20 00:23:38 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.04.20 00:23:33 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.04.20 00:23:33 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011.04.20 00:23:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.04.20 00:23:33 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011.04.20 00:23:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011.04.20 00:23:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.04.20 00:23:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011.04.20 00:23:25 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.04.20 00:23:25 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.04.20 00:23:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.04.20 00:23:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.04.20 00:23:24 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011.04.20 00:23:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.04.20 00:23:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.04.20 00:23:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.04.20 00:23:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.04.20 00:23:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011.04.20 00:23:12 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011.04.20 00:23:10 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011.04.20 00:23:09 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011.04.20 00:23:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.04.20 00:23:05 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.04.20 00:23:04 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.04.20 00:23:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011.04.20 00:23:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.04.20 00:23:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.04.20 00:22:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011.04.20 00:22:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011.04.20 00:22:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.04.20 00:22:37 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.04.20 00:22:37 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.04.20 00:22:37 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.04.20 00:22:37 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.04.20 00:22:37 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.04.20 00:22:37 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.04.20 00:22:36 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.04.20 00:22:15 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.04.20 00:21:58 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.04.20 00:21:58 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.04.20 00:21:55 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011.04.20 00:21:53 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011.04.20 00:21:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.04.20 00:21:45 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.04.20 00:21:43 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.04.20 00:21:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.04.20 00:21:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.04.20 00:21:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.04.20 00:21:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011.04.20 00:21:36 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.04.20 00:21:26 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011.04.20 00:21:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.04.19 23:48:07 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.04.19 23:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.04.19 23:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.04.19 23:27:47 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.04.19 23:26:35 | 000,011,776 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2011.04.19 23:24:37 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2011.04.19 23:24:37 | 000,045,568 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011.04.19 23:24:37 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011.04.19 23:24:36 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2011.04.19 23:24:36 | 000,043,008 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011.04.19 23:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.04.19 23:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011.04.19 23:20:14 | 000,046,592 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\l160x86.sys
[2011.04.19 23:20:13 | 001,019,136 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys
[2011.04.19 23:20:13 | 000,221,184 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\sm56co76.dll
[2011.04.19 23:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1
[2011.04.19 23:09:10 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2011.04.19 23:07:22 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2011.04.19 23:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATKOSD2
[2011.04.19 23:03:46 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2011.04.19 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011.04.19 23:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\ATK Hotkey
[2011.04.19 22:51:55 | 000,000,000 | ---D | C] -- C:\882f93ffbf7c9b68d4
[2011.04.19 22:49:44 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.04.19 22:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.04.19 22:49:37 | 000,000,000 | ---D | C] -- C:\Intel
[2011.04.19 22:36:03 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.04.19 22:36:03 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.04.19 22:35:51 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.04.19 22:35:51 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.04.19 22:35:51 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.04.19 22:35:43 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.04.19 22:35:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Macromedia
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Adobe
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Google
[2011.04.19 22:23:35 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.04.19 22:22:51 | 000,029,752 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\AsDsm.sys
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.04.19 22:22:49 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011.04.19 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\InstallShield
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Searches
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.04.19 22:17:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Identities
[2011.04.19 22:17:05 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Contacts
[2011.04.19 22:17:04 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\VirtualStore
[2011.04.19 22:16:52 | 000,000,000 | --SD | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Videos
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Saved Games
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Pictures
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Music
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Links
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Favorites
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Downloads
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Documents
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Desktop
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Vorlagen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Verlauf
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Temporary Internet Files
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Startmenü
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\SendTo
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Recent
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Netzwerkumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Lokale Einstellungen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Videos
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Musik
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Eigene Dateien
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Bilder
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Druckumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Cookies
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -H-D | C] -- C:\Users\Rouven\AppData
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Temp
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Media Center Programs
[2011.03.30 16:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011.03.30 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2011.03.30 16:23:22 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\VirtualDJ
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.27 21:54:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.27 21:54:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.27 21:54:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.27 21:54:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.27 21:52:36 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.27 21:46:25 | 3218,374,656 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.27 21:44:22 | 000,000,920 | ---- | M] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | M] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | M] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:42:58 | 000,301,568 | ---- | M] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 21:42:55 | 000,791,393 | ---- | M] (Lars Hederer                                                ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:42:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:42:38 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | M] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.23 23:13:40 | 000,232,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.23 19:17:50 | 000,000,466 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.04.21 16:03:16 | 000,000,811 | ---- | M] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:38:13 | 001,213,954 | ---- | M] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:14:49 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.04.20 19:13:02 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 10:37:33 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:28:24 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:14 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:17:56 | 000,001,694 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:31 | 000,001,039 | ---- | M] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | M] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:18:27 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:14:05 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011.04.19 23:49:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 22:54:55 | 000,000,680 | ---- | M] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.04.19 22:30:15 | 000,002,054 | ---- | M] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:35 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.03.30 16:23:33 | 000,000,850 | ---- | M] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2011.03.29 20:43:36 | 000,006,144 | ---- | M] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2011.04.27 21:52:36 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:44:22 | 000,000,920 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | C] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | C] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:34:42 | 000,301,568 | ---- | C] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | C] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.21 16:03:16 | 000,000,811 | ---- | C] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:36:15 | 001,213,954 | ---- | C] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:33:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.04.20 17:40:57 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 17:37:22 | 000,006,224 | ---- | C] () -- C:\Windows\CVRPAGE.bmp
[2011.04.20 10:28:14 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:22:41 | 000,006,144 | ---- | C] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.20 10:17:56 | 000,001,694 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 10:12:58 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:25 | 000,001,039 | ---- | C] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | C] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:29:35 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.20 08:18:27 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:10:14 | 3218,374,656 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.20 03:51:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.20 03:51:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.04.20 03:51:36 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011.04.20 03:01:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.04.20 03:01:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.04.20 03:01:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.04.20 00:25:47 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011.04.19 23:49:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:47:01 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.04.19 23:47:01 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.04.19 23:26:35 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.04.19 23:26:35 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.04.19 23:26:35 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2011.04.19 23:26:35 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2011.04.19 23:26:35 | 000,000,372 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2011.04.19 23:26:35 | 000,000,371 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2011.04.19 23:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 23:23:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.04.19 22:30:15 | 000,002,054 | ---- | C] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.04.19 22:17:15 | 000,000,956 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.19 22:17:14 | 000,000,951 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.04.19 22:17:05 | 000,000,922 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011.04.19 22:16:58 | 000,000,680 | ---- | C] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.03.30 16:23:33 | 000,000,850 | ---- | C] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,232,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.10 13:33:00 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\Asushwio.sys
 
========== LOP Check ==========
 
[2011.04.23 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.27 18:13:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.20 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 09:23:27 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.27 08:17:29 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.27 18:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 21:37:33 | 000,014,912 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

Zitat:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6459

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

27.04.2011 21:56:43
mbam-log-2011-04-27 (21-56-43).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133647
Laufzeit: 2 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Vielen Dank für euer Hilfe

greetz wake0071

markusg · 28.04.2011, 10:52

bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix

wake0071 · 29.04.2011, 20:41

Hallo hier ist das Combofix log.

danke für eure Hilfe

greetzt wake0071

Combofix Logfile:

Code:

ATTFilter

ComboFix 11-04-29.01 - Rouven 29.04.2011  21:05:47.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.3070.1827 [GMT 2:00]
ausgeführt von:: c:\users\Rouven\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\midas.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-03-28 bis 2011-04-29  ))))))))))))))))))))))))))))))
.
.
2011-04-29 19:28 . 2011-04-29 19:28	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-04-29 07:13 . 2011-04-18 07:15	7071056	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{01E9FEF4-7BC2-4E35-A2D7-035613ED81C4}\mpengine.dll
2011-04-28 05:33 . 2011-03-03 14:56	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2011-04-28 05:33 . 2011-03-03 13:01	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2011-04-27 19:52 . 2010-12-20 16:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-27 19:52 . 2011-04-27 19:52	--------	d-----w-	c:\programdata\Malwarebytes
2011-04-27 19:52 . 2011-04-27 19:52	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-04-27 19:52 . 2010-12-20 16:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-04-27 19:44 . 2011-04-27 19:44	--------	d-----w-	c:\program files\ERUNT
2011-04-27 16:23 . 2011-03-15 12:09	181344	----a-w-	c:\windows\snui.exe
2011-04-27 16:23 . 2011-04-27 16:23	--------	d-----w-	C:\Softwarenetz
2011-04-27 15:53 . 2010-09-06 14:17	4292096	----a-w-	c:\windows\system32\redemption.dll
2011-04-27 15:51 . 2011-04-27 15:51	--------	d-----w-	c:\program files\Common Files\deltra Software GmbH
2011-04-27 15:51 . 2002-08-23 08:00	4082688	----a-w-	c:\windows\system32\qtintf70.dll
2011-04-27 15:51 . 2011-04-27 15:57	--------	d-----w-	C:\orgaMAX
2011-04-23 17:09 . 2011-04-23 17:10	--------	d-----w-	C:\HKS-Daten
2011-04-23 17:09 . 2011-04-23 17:09	--------	d-----w-	c:\programdata\B+P Heyer
2011-04-23 17:09 . 2011-04-23 17:09	--------	d-----w-	c:\program files\BPH
2011-04-21 14:03 . 2011-03-29 15:02	--------	d-----w-	c:\program files\flunatic
2011-04-20 17:33 . 2005-04-15 17:58	1071088	----a-w-	c:\windows\system32\MSCOMCTL.OCX
2011-04-20 17:33 . 1998-06-23 22:00	137000	----a-w-	c:\windows\system32\MSMAPI32.OCX
2011-04-20 17:33 . 2004-03-08 22:00	662288	----a-w-	c:\windows\system32\MSCOMCT2.OCX
2011-04-20 17:33 . 2001-10-28 14:42	116224	----a-w-	c:\windows\system32\pdfcmnnt.dll
2011-04-20 17:33 . 2011-04-20 17:34	--------	d-----w-	c:\program files\PDFCreator
2011-04-20 17:33 . 1998-07-06 15:56	125712	----a-w-	c:\windows\system32\VB6DE.DLL
2011-04-20 17:33 . 1998-07-06 15:55	158208	----a-w-	c:\windows\system32\MSCMCDE.DLL
2011-04-20 17:33 . 1998-07-06 15:55	64512	----a-w-	c:\windows\system32\MSCC2DE.DLL
2011-04-20 17:33 . 1998-07-05 22:00	23552	----a-w-	c:\windows\system32\MSMPIDE.DLL
2011-04-20 17:29 . 2011-04-20 17:29	--------	d-----w-	c:\windows\system32\Macromed
2011-04-20 15:37 . 2007-02-07 07:39	57856	----a-w-	c:\windows\system32\brinsstr.dll
2011-04-20 15:37 . 2007-01-25 15:16	94208	------r-	c:\windows\system32\BrDctF2.dll
2011-04-20 15:37 . 2007-01-15 19:54	12288	------r-	c:\windows\system32\BrDctF2S.dll
2011-04-20 15:37 . 2007-01-15 14:08	16384	------r-	c:\windows\system32\BrDctF2L.dll
2011-04-20 15:37 . 2006-12-28 11:39	176128	------w-	c:\windows\system32\BroSNMP.dll
2011-04-20 15:37 . 2011-04-20 15:39	--------	d-----w-	c:\program files\Brother
2011-04-20 15:37 . 2007-02-15 11:54	131072	------w-	c:\windows\brunin03.dll
2011-04-20 15:37 . 2007-01-18 11:51	163840	------w-	c:\windows\system32\NSSearch.dll
2011-04-20 08:41 . 2011-04-20 08:41	--------	d-----w-	c:\program files\Common Files\Java
2011-04-20 08:37 . 2011-04-20 08:37	472808	----a-w-	c:\windows\system32\deployJava1.dll
2011-04-20 08:37 . 2011-04-20 08:37	--------	d-----w-	c:\program files\Java
2011-04-20 08:28 . 2011-04-20 08:28	218688	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-20 08:28 . 2011-04-20 08:28	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2011-04-20 08:28 . 2011-04-20 08:29	--------	d-----w-	c:\program files\DAEMON Tools Lite
2011-04-20 08:28 . 2011-04-20 08:28	--------	d-----w-	c:\programdata\DAEMON Tools Lite
2011-04-20 08:24 . 2011-04-20 08:24	--------	d-----w-	c:\program files\CCleaner
2011-04-20 08:17 . 2011-04-20 08:17	--------	d-----w-	c:\program files\IrfanView
2011-04-20 08:15 . 2011-04-20 08:15	--------	d-----w-	c:\program files\Common Files\Skype
2011-04-20 08:15 . 2011-04-20 08:16	--------	d-----r-	c:\program files\Skype
2011-04-20 08:15 . 2011-04-20 08:15	--------	d-----w-	c:\programdata\Skype
2011-04-20 08:12 . 2011-04-20 08:12	--------	d-----w-	c:\program files\Common Files\Adobe
2011-04-20 07:24 . 2011-04-20 07:24	--------	d-----w-	c:\program files\VideoLAN
2011-04-20 07:23 . 2011-04-20 07:23	--------	d-----w-	c:\program files\Common Files\DVDVideoSoft
2011-04-20 07:23 . 2011-04-20 07:23	--------	d-----w-	c:\program files\DVDVideoSoft
2011-04-20 06:53 . 2011-04-20 06:53	--------	d-----w-	c:\windows\system32\EventProviders
2011-04-20 06:51 . 2011-04-20 06:51	--------	d-----w-	c:\program files\ICQ6Toolbar
2011-04-20 06:51 . 2011-04-20 06:51	--------	d-----w-	c:\programdata\ICQ
2011-04-20 06:50 . 2011-04-20 06:51	--------	d-----w-	c:\program files\ICQ7.5
2011-04-20 06:44 . 2011-04-20 08:27	--------	d-----w-	c:\programdata\DivX
2011-04-20 06:29 . 2010-10-19 04:27	7680	----a-w-	c:\program files\Internet Explorer\iecompat.dll
2011-04-20 06:25 . 2009-11-08 08:55	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2011-04-20 06:25 . 2009-11-08 08:55	49472	----a-w-	c:\windows\system32\netfxperf.dll
2011-04-20 06:25 . 2009-11-08 08:55	297808	----a-w-	c:\windows\system32\mscoree.dll
2011-04-20 06:25 . 2009-11-08 08:55	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2011-04-20 06:25 . 2009-11-08 08:55	1130824	----a-w-	c:\windows\system32\dfshim.dll
2011-04-20 06:24 . 2010-09-20 09:25	231936	----a-w-	c:\windows\system32\msshsq.dll
2011-04-20 06:18 . 2011-04-20 06:18	--------	d-----w-	c:\programdata\Avira
2011-04-20 06:18 . 2011-04-20 06:18	--------	d-----w-	c:\program files\Avira
2011-04-20 06:18 . 2011-03-04 14:11	137656	----a-w-	c:\windows\system32\drivers\avipbb.sys
2011-04-20 06:18 . 2011-03-04 12:36	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2011-04-20 06:08 . 2010-09-06 16:24	125952	----a-w-	c:\windows\system32\srvsvc.dll
2011-04-20 06:08 . 2010-09-06 16:23	17920	----a-w-	c:\windows\system32\netevent.dll
2011-04-20 06:08 . 2009-08-24 12:16	378368	----a-w-	c:\windows\system32\winhttp.dll
2011-04-20 06:07 . 2011-04-20 06:07	--------	d-----w-	c:\program files\Microsoft
2011-04-20 06:07 . 2011-04-20 06:07	--------	d-----w-	c:\program files\Windows Live SkyDrive
2011-04-20 06:07 . 2011-04-20 06:07	--------	d-----w-	c:\program files\Windows Live
2011-04-20 06:06 . 2011-04-20 06:06	--------	d-----w-	c:\windows\PCHEALTH
2011-04-20 05:58 . 2011-04-20 05:58	--------	d-----w-	c:\program files\Common Files\Windows Live
2011-04-20 01:44 . 2010-04-14 17:46	80896	----a-w-	c:\windows\system32\MSNP.ax
2011-04-20 01:44 . 2008-04-23 04:41	57856	----a-w-	c:\windows\system32\MSDvbNP.ax
2011-04-20 01:44 . 2010-04-14 17:47	293376	----a-w-	c:\windows\system32\psisdecd.dll
2011-04-20 01:44 . 2010-04-14 17:47	217088	----a-w-	c:\windows\system32\psisrndr.ax
2011-04-20 01:34 . 2008-04-30 05:36	454656	----a-w-	c:\program files\Common Files\System\msadc\msadce.dll
2011-04-20 01:30 . 2010-02-12 10:48	293376	----a-w-	c:\windows\system32\browserchoice.exe
2011-04-20 01:11 . 2008-06-20 01:14	105016	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2011-04-20 01:11 . 2008-06-20 01:14	97800	----a-w-	c:\windows\system32\infocardapi.dll
2011-04-20 01:11 . 2008-06-20 01:14	37384	----a-w-	c:\windows\system32\infocardcpl.cpl
2011-04-20 01:11 . 2008-06-20 01:14	11264	----a-w-	c:\windows\system32\icardres.dll
2011-04-20 01:11 . 2008-06-20 01:14	622080	----a-w-	c:\windows\system32\icardagt.exe
2011-04-20 01:11 . 2008-06-20 01:14	781344	----a-w-	c:\windows\system32\PresentationNative_v0300.dll
2011-04-20 01:06 . 2008-07-27 18:03	158720	----a-w-	c:\windows\system32\mscorier.dll
2011-04-20 01:06 . 2008-07-27 18:03	83968	----a-w-	c:\windows\system32\mscories.dll
2011-04-20 01:04 . 2010-02-20 23:39	24064	----a-w-	c:\windows\system32\nshhttp.dll
2011-04-20 01:04 . 2010-02-20 23:37	31232	----a-w-	c:\windows\system32\httpapi.dll
2011-04-20 01:04 . 2010-02-20 21:18	411136	----a-w-	c:\windows\system32\drivers\http.sys
2011-04-19 22:44 . 2008-06-26 01:45	12240896	----a-w-	c:\windows\system32\NlsLexicons0007.dll
2011-04-19 22:44 . 2008-06-26 01:45	2644480	----a-w-	c:\windows\system32\NlsLexicons0009.dll
2011-04-19 22:44 . 2008-06-26 03:29	801280	----a-w-	c:\windows\system32\NaturalLanguage6.dll
2011-04-19 22:25 . 2011-02-22 12:52	213504	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-04-19 22:23 . 2008-10-29 06:29	2927104	----a-w-	c:\windows\explorer.exe
2011-04-19 22:22 . 2009-07-14 13:00	313344	----a-w-	c:\windows\system32\wmpdxm.dll
2011-04-19 22:21 . 2008-06-23 01:59	996352	----a-w-	c:\windows\system32\WMNetMgr.dll
2011-04-19 21:48 . 2011-02-02 16:11	222080	------w-	c:\windows\system32\MpSigStub.exe
2011-04-19 21:47 . 2011-04-20 15:36	--------	d-----w-	c:\programdata\Brother
2011-04-19 21:39 . 2011-04-19 21:39	--------	d-----w-	c:\programdata\NVIDIA
2011-04-19 21:27 . 2011-04-23 17:09	--------	d-sh--w-	c:\windows\Installer
2011-04-19 21:26 . 2007-10-01 06:59	1769984	----a-w-	c:\windows\system32\drivers\snp2uvc.sys
2011-04-19 21:26 . 2007-09-15 01:22	371	----a-w-	c:\windows\Uninstvga.bat
2011-04-19 21:26 . 2007-09-15 01:22	372	----a-w-	c:\windows\Uninstsxga.bat
2011-04-19 21:26 . 2007-09-15 01:01	386	----a-w-	c:\windows\Uninstsxga.reg
2011-04-19 21:26 . 2007-09-15 01:01	384	----a-w-	c:\windows\Uninstvga.reg
2011-04-19 21:26 . 2007-05-09 07:16	28160	----a-w-	c:\windows\system32\drivers\sncduvc.sys
2011-04-19 21:26 . 2006-11-23 14:20	11776	----a-w-	c:\windows\DrvInst.exe
2011-04-19 21:24 . 2007-08-08 18:42	45568	----a-w-	c:\windows\system32\drivers\rimmptsk.sys
2011-04-19 21:24 . 2007-07-30 09:54	38400	----a-w-	c:\windows\system32\drivers\rixdptsk.sys
2011-04-19 21:24 . 2007-07-25 10:48	172032	----a-w-	c:\windows\system32\rixdicon.dll
2011-04-19 21:24 . 2007-07-30 08:42	43008	----a-w-	c:\windows\system32\drivers\rimsptsk.sys
2011-04-19 21:24 . 2004-09-04 01:00	90112	----a-w-	c:\windows\system32\snymsico.dll
2011-04-19 21:24 . 2011-04-19 21:24	--------	d-----w-	c:\program files\Synaptics
2011-04-19 21:23 . 2007-12-06 10:12	196400	----a-w-	c:\windows\system32\drivers\SynTP.sys
2011-04-19 21:23 . 2007-12-06 10:12	110592	----a-w-	c:\windows\system32\SynTPCo4.dll
2011-04-19 21:23 . 2007-12-06 09:20	147456	----a-w-	c:\windows\system32\SynTPAPI.dll
2011-04-19 21:23 . 2007-12-06 09:09	196608	----a-w-	c:\windows\system32\SynCtrl.dll
2011-04-19 21:23 . 2007-12-06 09:08	163840	----a-w-	c:\windows\system32\SynCOM.dll
2011-04-19 21:23 . 2006-03-09 01:58	1060424	----a-w-	c:\windows\system32\WdfCoInstaller01000.dll
2011-04-19 21:21 . 2011-04-19 21:21	--------	d-----w-	c:\program files\Motorola
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-03 14:56 . 2011-04-28 05:33	173056	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2011-03-03 14:56 . 2011-04-28 05:33	459776	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2011-03-03 14:56 . 2011-04-28 05:33	541696	----a-w-	c:\windows\apppatch\AcLayers.dll
2011-03-03 14:56 . 2011-04-28 05:33	2153984	----a-w-	c:\windows\apppatch\AcGenral.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08	143360	----a-w-	c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" [2011-04-20 124216]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-04-01 15145352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-08-28 655360]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-01 13789728]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-03-04 281768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Asushwio;Asushwio;c:\windows\system32\drivers\Asushwio.sys [2006-10-10 10288]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-20 218688]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2007-10-31 46592]
.
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Free YouTube to MP3 Converter - c:\users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-04-29 21:28
Windows 6.0.6001 Service Pack 1 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
.
C:\ADSM_PData_0150
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Zeit der Fertigstellung: 2011-04-29  21:30:11
ComboFix-quarantined-files.txt  2011-04-29 19:30
.
Vor Suchlauf: 10 Verzeichnis(se), 155.638.284.288 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 155.709.784.064 Bytes frei
.
- - End Of File - - 34A904A31198D3A8010FACEE4B1B7A0B

--- --- ---

markusg · 30.04.2011, 09:15

poste einen GMER report
http://www.trojaner-board.de/74908-a...t-scanner.html

wake0071 · 30.04.2011, 17:31

Hallo hier ist der GMER report

greetz Rouven und nochmal danke für eure Hilfe

GMER Logfile:

Code:

ATTFilter

GMER 1.0.15.15572 - hxxp://www.gmer.net
Rootkit scan 2011-04-30 18:30:08
Windows 6.0.6001 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 WDC_WD3200BEVT-22ZCT0 rev.11.01A11
Running: 82ogbfc6.exe; Driver: C:\Users\Rouven\AppData\Local\Temp\kgliqpob.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice  \FileSystem\Ntfs \Ntfs                                                 AsDsm.sys (Data Security Manager Driver/Windows (R) Codename Longhorn DDK provider)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- Files - GMER 1.0.15 ----

File            C:\ADSM_PData_0150                                                     0 bytes
File            C:\ADSM_PData_0150\DB                                                  0 bytes
File            C:\ADSM_PData_0150\DB\SI.db                                            624 bytes
File            C:\ADSM_PData_0150\DB\UL.db                                            16 bytes
File            C:\ADSM_PData_0150\DB\VL.db                                            16 bytes
File            C:\ADSM_PData_0150\DB\_avt                                             512 bytes
File            C:\ADSM_PData_0150\DragWait.exe                                        253952 bytes executable
File            C:\ADSM_PData_0150\_avt                                                512 bytes
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86            0 bytes
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys  29752 bytes executable
File            C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt       512 bytes

---- EOF - GMER 1.0.15 ----

--- --- ---

markusg · 30.04.2011, 17:34

kannst du mal ein Malwarebytes update und dann nen vollständigen scan machen bitte?
log posten

wake0071 · 30.04.2011, 19:01

Hallo hier ist der Log

Zitat:

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: 6459

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048

30.04.2011 20:00:04
mbam-log-2011-04-30 (20-00-04).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 248049
Laufzeit: 1 Stunde(n), 3 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

markusg · 30.04.2011, 19:03

sehe bisher noch nichts, stürtzt er noch ab?

wake0071 · 30.04.2011, 19:19

Nein stürzt er nicht mehr, danke für eure Hilfe

greetz wake0071

markusg · 30.04.2011, 19:36

wir sind nicht fertig.

lade den CCleaner slim:
Piriform - Builds
falls der CCleaner bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

28.04.2011, 10:52	#2
markusg /// Malware-holic	PC Stürzt ab nach einer gewissen Zeit bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix __________________ __________________

30.04.2011, 17:34	#6
markusg /// Malware-holic	PC Stürzt ab nach einer gewissen Zeit kannst du mal ein Malwarebytes update und dann nen vollständigen scan machen bitte? log posten __________________ --> PC Stürzt ab nach einer gewissen Zeit

30.04.2011, 19:03	#8
markusg /// Malware-holic	PC Stürzt ab nach einer gewissen Zeit sehe bisher noch nichts, stürtzt er noch ab? __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

PC Stürzt ab nach einer gewissen Zeit

Log-Analyse und Auswertung: PC Stürzt ab nach einer gewissen Zeit