Hallo, ich habe seit 3 wochen ein Netbook der Firma Asus Aspire mit Windows 7 Home Prem.. Seit kurzem öffnen sich immer mal wieder Werbefenster von Casinos (bzw erst goingearth.com dann die Werbung) etc. wenn ich nach einer Google-Suche auf ein Suchergebnis klicke.

Weiss net wieso so klein. deffogger

Code: Alles auswählenAufklappen

ATTFilter

defogger_enable by jpshortstuff (23.02.10.1)
Log created at 15:47 on 03/06/2011 (Familie)

Parsing file...
HKCU:DAEMON Tools Lite -> Value set successfully


-=E.O.F=-
         

OTL

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 03.06.2011 15:37:43 - Run 1
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Familie\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,98 Gb Total Physical Memory | 4,04 Gb Available Physical Memory | 67,60% Memory free
11,96 Gb Paging File | 9,57 Gb Available in Paging File | 79,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 287,82 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: FAMILIE-PC | User Name: Familie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.20 13:51:02 | 000,587,072 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe
PRC - [2011.05.07 20:15:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.12.23 15:46:44 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2010.12.23 15:46:40 | 000,181,632 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2010.12.09 23:25:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2010.12.09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.12.09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.12.09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.11.12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.10.06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010.09.18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.09.18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.04.27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 03:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.05.20 13:43:26 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.10.28 04:38:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.08 03:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.20 13:48:30 | 002,026,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.05.20 13:43:18 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.05.18 13:11:53 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011.05.14 08:02:02 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.07 20:15:01 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.05 07:15:58 | 004,060,984 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.22 15:25:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.29 20:22:12 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.10.06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.06.02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.05.21 08:17:33 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.01 17:07:25 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.04.01 17:07:25 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.10 21:22:10 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010.12.10 21:22:10 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010.12.10 21:22:10 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010.10.28 05:11:46 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.28 04:03:40 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.08 03:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.27 09:24:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.07.20 11:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.05.11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.05 23:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010.10.07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.03.22 15:22:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.03.22 15:22:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.03.22 15:22:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.02 07:21:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.05.07 15:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie\AppData\Roaming\mozilla\Extensions
[2011.05.30 16:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions
[2011.05.28 13:54:54 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.30 16:47:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.11 17:22:24 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\battlefieldplay4free@ea.com
[2011.06.02 07:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.05.12 14:13:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\FAMILIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RPTUVRZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.27 23:44:34 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.05.25 19:59:33 | 000,002,548 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 avg.com
O1 - Hosts: 127.0.0.1 avp.com
O1 - Hosts: 127.0.0.1 rads.mcafee.com
O1 - Hosts: 127.0.0.1 scanner.novirusthanks.org
O1 - Hosts: 127.0.0.1 secure.nai.com
O1 - Hosts: 127.0.0.1 securityresponse.symantec.com
O1 - Hosts: 127.0.0.1 sophos.com
O1 - Hosts: 127.0.0.1 symantec.com
O1 - Hosts: 127.0.0.1 threatexpert.com
O1 - Hosts: 127.0.0.1 trendmicro.com
O1 - Hosts: 127.0.0.1 ca.com
O1 - Hosts: 127.0.0.1 customer.symantec.com
O1 - Hosts: 127.0.0.1 dispatch.mcafee.com
O1 - Hosts: 127.0.0.1 download.mcafee.com
O1 - Hosts: 127.0.0.1 f-secure.com
O1 - Hosts: 127.0.0.1 kaspersky-labs.com
O1 - Hosts: 127.0.0.1 kaspersky.com
O1 - Hosts: 127.0.0.1 liveupdate.symantec.com
O1 - Hosts: 127.0.0.1 liveupdate.symantecliveupdate.com
O1 - Hosts: 127.0.0.1 mast.mcafee.com
O1 - Hosts: 127.0.0.1 mcafee.com
O1 - Hosts: 127.0.0.1 my-etrust.com
O1 - Hosts: 127.0.0.1 nai.com
O1 - Hosts: 127.0.0.1 networkassociates.com
O1 - Hosts: 127.0.0.1 update.symantec.com
O1 - Hosts: 37 more lines...
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium\TrayServer.exe (MAGIX AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {386CEBD9-A207-4573-2DE8-6F6A6FBA3DBF} - Microsoft Windows Media Player 12.0
ActiveX: {391878A6-2877-A370-3BE4-C7D58CF7F0DC} - Java (Sun)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {62A37440-B6B9-5CD9-E604-F2E3690ED5D5} - Microsoft Windows Media Player 12.0
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
 
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.03 15:34:52 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
[2011.06.03 12:25:52 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{0D57CAC8-C423-4EE6-ABD2-960268B175E7}
[2011.06.02 07:20:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.06.02 07:20:02 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Google
[2011.06.02 07:09:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{C666DAC9-B419-49F1-959B-6491B854D4ED}
[2011.06.02 07:09:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{3E663B95-62AB-4781-9F28-8F65D40BF9C3}
[2011.06.01 18:45:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\LogoMaker
[2011.06.01 18:45:48 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\LogoMaker
[2011.06.01 18:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5
[2011.06.01 18:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Studio V5
[2011.06.01 13:08:16 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{92C7C130-E314-4289-8C30-B9F715AC5DCF}
[2011.06.01 06:59:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{E7557B5C-A042-4F21-B793-505DC2CE36E3}
[2011.05.31 22:00:48 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\TechSmith
[2011.05.31 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Camtasia Studio
[2011.05.31 22:00:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2011.05.31 22:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011.05.31 22:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2011.05.31 22:00:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.05.31 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2011.05.31 22:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2011.05.31 21:36:00 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiaa
[2011.05.31 21:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiaa
[2011.05.31 19:21:13 | 000,000,000 | ---D | C] -- C:\fiaa
[2011.05.31 17:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011.05.31 17:26:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TS3Client
[2011.05.31 17:25:24 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.05.31 17:16:17 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.31 17:16:17 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.05.31 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.05.31 17:09:18 | 000,000,000 | ---D | C] -- C:\Gamigo
[2011.05.31 17:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gamigo
[2011.05.31 13:56:16 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2011.05.31 13:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.05.31 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011.05.31 06:36:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{45A336D6-A809-48D2-819A-7E9D30485C1A}
[2011.05.30 20:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.05.30 20:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.05.30 20:38:58 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2011.05.30 20:38:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2011.05.30 20:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.05.30 20:34:02 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Analysis Services
[2011.05.30 20:30:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{46B39FD9-6AA7-4747-86E1-6224CFEE6678}
[2011.05.30 20:26:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.05.30 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\dwhelper
[2011.05.30 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011.05.30 07:28:54 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{2C054160-0546-4CE0-AF5B-59C78C7358E9}
[2011.05.30 07:13:37 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{ED47AFB0-7FC9-4B47-9769-538A44B8EE7C}
[2011.05.30 07:13:29 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\SoftGrid Client
[2011.05.30 07:13:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\SoftGrid Client
[2011.05.29 20:41:31 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\DVDFab
[2011.05.29 20:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 8 Qt
[2011.05.29 18:05:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Freemake
[2011.05.29 18:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2011.05.29 18:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2011.05.29 16:03:12 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Emicsoft Studio
[2011.05.29 16:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Emicsoft Studio
[2011.05.29 08:01:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Real
[2011.05.29 08:00:47 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2011.05.29 08:00:47 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2011.05.29 08:00:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.05.29 08:00:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011.05.29 08:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.05.29 07:58:08 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2011.05.29 07:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011.05.29 07:42:08 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{019EAE57-1515-45ED-8830-AD308A0842EF}
[2011.05.28 21:48:25 | 000,872,448 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2011.05.28 21:48:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2011.05.28 21:44:07 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Screenshare
[2011.05.28 21:43:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\3D_Maker_embeded
[2011.05.28 21:43:27 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2011.05.28 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Speed2_burnR_mxcdr
[2011.05.28 21:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xara
[2011.05.28 21:34:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Video_deluxe_16_Premium
[2011.05.28 16:48:07 | 000,000,000 | ---D | C] -- C:\Users\Familie\JDownloader
[2011.05.28 13:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive
[2011.05.28 13:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.05.28 13:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.05.28 06:43:19 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{B22FD6A0-FCF4-4A39-848C-5EB39C41FC57}
[2011.05.27 23:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.05.27 16:59:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Meine empfangenen Dateien
[2011.05.27 14:57:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Plasmoo
[2011.05.27 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.27 13:39:44 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\DVDVideoSoft
[2011.05.27 13:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2011.05.27 12:27:27 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{DBD210D9-79C4-4E1F-A949-7763B37EDC50}
[2011.05.26 17:02:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{4848335C-04FB-4F9E-9399-547F516DACED}
[2011.05.26 17:02:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\Tracing
[2011.05.26 16:55:37 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.05.26 16:54:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.05.26 16:24:30 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\My Games
[2011.05.26 16:20:23 | 000,000,000 | RH-D | C] -- C:\Users\Familie\AppData\Roaming\SecuROM
[2011.05.26 16:20:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.05.26 16:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.05.26 16:04:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011.05.26 16:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011.05.26 16:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.05.25 20:45:16 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Avira
[2011.05.25 20:29:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_MusicEditor
[2011.05.25 20:29:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Xara
[2011.05.25 20:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2011.05.25 20:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011.05.25 20:26:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011.05.25 19:52:27 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.05.25 19:52:25 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.05.25 19:52:25 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.05.25 19:52:25 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.05.25 19:52:25 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.05.25 19:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.05.25 19:52:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TuneUp Software
[2011.05.25 19:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.05.25 19:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.05.25 19:52:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.05.25 19:47:12 | 000,000,000 | ---D | C] -- C:\fernsehen
[2011.05.24 18:47:30 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX Downloads
[2011.05.24 18:47:29 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX
[2011.05.24 18:46:12 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\MAGIX
[2011.05.24 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011.05.24 18:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011.05.24 18:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NtiDvdCopy
[2011.05.24 18:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NTIRegEt
[2011.05.23 20:47:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TeamViewer
[2011.05.23 18:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.05.23 18:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.05.23 18:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.05.23 17:27:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.05.22 21:31:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\.avpntool
[2011.05.22 21:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anonymitynetwork Tool
[2011.05.22 21:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AN VPN Tool
[2011.05.22 18:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTP2 Addons
[2011.05.22 15:58:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011.05.22 15:32:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\SKIDROW
[2011.05.22 13:07:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\RenPy
[2011.05.22 12:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo Act 1
[2011.05.22 11:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auran
[2011.05.22 11:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auran
[2011.05.21 22:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brass Restoration English
[2011.05.21 22:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brass Restoration English
[2011.05.21 08:36:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\CAPCOM
[2011.05.21 08:36:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\CAPCOM
[2011.05.21 08:33:29 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.05.21 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\Familie\Desktop\Programme und Co,
[2011.05.21 08:22:04 | 000,000,000 | ---D | C] -- C:\Fraps
[2011.05.21 08:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2011.05.21 08:17:15 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.05.21 08:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.05.21 08:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.05.21 08:16:43 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\DAEMON Tools Lite
[2011.05.21 08:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.05.21 07:46:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\Desktop\DMC
[2011.05.20 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Cross Fire
[2011.05.20 21:26:48 | 000,000,000 | ---D | C] -- C:\CFLog
[2011.05.20 21:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2011.05.18 14:17:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\vlc
[2011.05.18 14:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.05.18 14:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.05.18 14:03:56 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Pavtube
[2011.05.18 14:03:56 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Pavtube
[2011.05.15 07:36:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
[2011.05.15 07:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFusion
[2011.05.15 07:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eFusion
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.05.14 14:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.05.14 08:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.05.13 16:04:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Pinnacle VideoSpin
[2011.05.13 16:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle VideoSpin
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2011.05.13 15:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2011.05.13 15:59:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Downloaded Installations
[2011.05.12 16:51:45 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\LogMeIn Hamachi
[2011.05.12 14:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2011.05.12 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Win7codecs
[2011.05.12 14:36:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2011.05.12 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2011.05.12 14:29:15 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{D10D7969-EAC1-4519-859B-173AC1F8414B}
[2011.05.12 14:16:54 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.05.12 14:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.12 14:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.05.12 14:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.05.12 13:42:01 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2011.05.12 13:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.12 13:40:36 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.12 13:40:35 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.12 13:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.12 13:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.05.12 13:34:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Changer Software DIAMOND
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\ATI
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\ATI
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.05.11 22:24:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TP
[2011.05.11 21:04:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\CyberLink
[2011.05.11 18:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.05.11 18:47:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011.05.11 17:31:15 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Battlefield Play4Free
[2011.05.11 17:23:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2011.05.11 17:02:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.05.11 16:51:07 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2011.05.11 16:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011.05.11 16:43:50 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2011.05.11 16:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.05.11 14:42:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.05.11 14:38:47 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.05.11 14:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.05.11 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Microsoft Help
[2011.05.11 14:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.10 20:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.10 20:45:48 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.05.10 20:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.10 17:09:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Adobe
[2011.05.10 17:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.09 20:30:18 | 000,000,000 | ---D | C] -- C:\Programme\CodeGazer
[2011.05.09 20:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeGazer
[2011.05.09 14:28:19 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Diagnostics
[2011.05.09 14:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Combat Elite
[2011.05.09 14:27:16 | 000,000,000 | ---D | C] -- C:\Programme\Wolfenstein - Enemy Territory
[2011.05.08 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Cyberlink
[2011.05.08 20:46:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\CyberLink
[2011.05.08 20:46:24 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\PowerCinema
[2011.05.08 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\oni
[2011.05.08 17:07:16 | 000,000,000 | ---D | C] -- C:\CyberStep
[2011.05.08 15:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
[2011.05.08 15:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
[2011.05.08 14:30:41 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\reakktor
[2011.05.08 14:30:25 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Reakktor Media
[2011.05.08 14:14:44 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\TrackMania
[2011.05.08 14:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.05.08 12:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2011.05.08 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2011.05.07 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Windows Live
[2011.05.07 22:00:41 | 004,060,984 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011.05.07 22:00:31 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011.05.07 22:00:28 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\INCA Shared
[2011.05.07 21:58:42 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2011.05.07 21:01:34 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.05.07 20:51:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\GTA San Andreas User Files
[2011.05.07 20:51:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.05.07 20:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.05.07 20:46:05 | 000,000,000 | ---D | C] -- C:\GTA SA
[2011.05.07 20:23:23 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PunkBuster
[2011.05.07 19:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.05.07 19:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.05.07 19:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.05.07 19:36:52 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\.minecraft
[2011.05.07 18:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\clear.fi
[2011.05.07 16:39:04 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\LolClient
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\WinRAR
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.07 16:33:05 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.05.07 16:07:14 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.05.07 15:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2011.05.07 15:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.05.07 15:26:40 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PMB Files
[2011.05.07 15:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.05.07 15:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.05.07 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Skype
[2011.05.07 15:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.05.07 15:21:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Mozilla
[2011.05.07 15:21:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Mozilla
[2011.05.07 15:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.07 15:19:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Adobe
[2011.05.07 15:18:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Intel Corporation
[2011.05.07 15:18:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Macromedia
[2011.05.07 15:18:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\EgisTec IPS
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\Searches
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.05.07 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Identities
[2011.05.07 15:17:54 | 000,000,000 | R--D | C] -- C:\Users\Familie\Contacts
[2011.05.07 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\a
[2011.05.07 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Acer
[2011.05.07 15:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2011.05.07 15:16:46 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PowerCinema
[2011.05.07 15:16:42 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2011.05.07 15:16:33 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\VirtualStore
[2011.05.07 15:16:11 | 000,000,000 | --SD | C] -- C:\Users\Familie\AppData\Roaming\Microsoft
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Videos
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Saved Games
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Pictures
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Music
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Links
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Favorites
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Downloads
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Documents
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Desktop
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Vorlagen
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Verlauf
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Temporary Internet Files
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Startmenü
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\SendTo
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Recent
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Netzwerkumgebung
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Lokale Einstellungen
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Videos
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Musik
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Eigene Dateien
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Bilder
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Druckumgebung
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Cookies
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Anwendungsdaten
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Anwendungsdaten
[2011.05.07 15:16:11 | 000,000,000 | -H-D | C] -- C:\Users\Familie\AppData
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Temp
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Microsoft
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Media Center Programs
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.04.10 20:36:04 | 000,120,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[1 C:\Users\Familie\AppData\Roaming\*.tmp files -> C:\Users\Familie\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.03 15:38:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.03 15:38:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
[2011.06.03 15:34:26 | 000,000,168 | ---- | M] () -- C:\Users\Familie\defogger_reenable
[2011.06.03 15:31:43 | 000,050,477 | ---- | M] () -- C:\Users\Familie\Desktop\Defogger.exe
[2011.06.03 15:30:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.06.03 15:26:02 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.06.03 15:25:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001UA.job
[2011.06.03 15:20:02 | 000,000,250 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.06.03 15:01:02 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.06.03 12:24:51 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\LIEKS.job
[2011.06.03 12:24:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.03 12:24:33 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.02 22:48:09 | 000,046,085 | ---- | M] () -- C:\Users\Familie\Desktop\22.jpg
[2011.06.02 22:33:40 | 000,216,502 | ---- | M] () -- C:\Users\Familie\Desktop\DIE.jpg
[2011.06.02 21:49:01 | 000,046,888 | ---- | M] () -- C:\Cytriik.cyt
[2011.06.02 21:49:01 | 000,046,888 | ---- | M] () -- C:\Aegis.cyt
[2011.06.02 21:49:01 | 000,009,216 | ---- | M] () -- C:\Cyt64.cyt
[2011.06.02 07:25:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001Core.job
[2011.06.01 20:32:58 | 001,632,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.01 20:32:58 | 000,696,424 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.01 20:32:58 | 000,651,702 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.01 20:32:58 | 000,147,688 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.01 20:32:58 | 000,120,634 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.01 18:45:41 | 000,001,165 | ---- | M] () -- C:\Users\Familie\Desktop\LogoMaker.lnk
[2011.06.01 18:36:02 | 000,001,151 | ---- | M] () -- C:\Users\Familie\Desktop\BlackShot.lnk
[2011.06.01 18:02:29 | 000,006,656 | ---- | M] () -- C:\Users\Familie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.31 22:00:22 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.05.31 19:21:10 | 000,065,536 | ---- | M] () -- C:\Windows\IFinst27.exe
[2011.05.31 17:16:17 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.31 17:16:17 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.05.31 06:35:45 | 000,513,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.30 07:25:26 | 000,007,605 | ---- | M] () -- C:\Users\Familie\Documents\Poesie.odt
[2011.05.29 18:05:46 | 000,001,328 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2011.05.28 21:59:25 | 000,001,752 | ---- | M] () -- C:\Users\Familie\Desktop\Videodeluxe - Verknüpfung.lnk
[2011.05.28 13:54:47 | 000,001,406 | ---- | M] () -- C:\Users\Familie\Desktop\Free YouTube to MP3 Converter.lnk
[2011.05.28 07:08:52 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9Acer.dll
[2011.05.28 07:08:24 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdateV9.dll
[2011.05.25 20:51:53 | 000,015,582 | ---- | M] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat
[2011.05.24 18:27:10 | 000,102,912 | RHS- | M] () -- C:\Windows\SysWow64\usp10R.dll
[2011.05.24 18:22:49 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9REGET.dll
[2011.05.23 15:55:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.22 21:34:03 | 000,131,072 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.05.22 17:59:19 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.22 17:58:21 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.21 08:33:29 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.05.21 08:17:33 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.05.20 13:49:22 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.05.20 13:43:32 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.05.20 13:43:30 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.05.20 13:43:26 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.05.20 13:43:18 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.05.14 22:36:56 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2011.05.13 18:46:58 | 000,001,739 | ---- | M] () -- C:\Users\Familie\Desktop\MinecraftSP - Verknüpfung.lnk
[2011.05.13 17:15:49 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.05.12 14:47:08 | 001,625,520 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.12 14:16:42 | 012,353,066 | ---- | M] () -- C:\Users\Familie\AppData\Roaming\Misa201.zip
[2011.05.12 13:43:23 | 000,090,520 | ---- | M] () -- C:\Users\Familie\Documents\rec_Vcs6Core_13-43-11.mp3
[2011.05.11 18:56:21 | 000,001,660 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.11 18:53:51 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2011.05.11 17:49:29 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.05.11 17:19:01 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.11 17:18:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.11 17:01:56 | 288,875,426 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.05.10 21:06:04 | 000,002,535 | ---- | M] () -- C:\Users\Familie\Desktop\Skype.lnk
[2011.05.07 22:13:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.05.07 22:13:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.05.07 20:15:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.07 19:49:34 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.07 19:46:01 | 000,000,221 | ---- | M] () -- C:\Users\Familie\Desktop\America's Army 3.url
[2011.05.07 15:21:06 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[1 C:\Users\Familie\AppData\Roaming\*.tmp files -> C:\Users\Familie\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.03 15:34:26 | 000,000,168 | ---- | C] () -- C:\Users\Familie\defogger_reenable
[2011.06.03 15:31:43 | 000,050,477 | ---- | C] () -- C:\Users\Familie\Desktop\Defogger.exe
[2011.06.02 22:43:50 | 000,046,085 | ---- | C] () -- C:\Users\Familie\Desktop\22.jpg
[2011.06.02 22:33:40 | 000,216,502 | ---- | C] () -- C:\Users\Familie\Desktop\DIE.jpg
[2011.06.02 21:49:01 | 000,046,888 | ---- | C] () -- C:\Cytriik.cyt
[2011.06.02 21:49:01 | 000,046,888 | ---- | C] () -- C:\Aegis.cyt
[2011.06.02 21:49:01 | 000,009,216 | ---- | C] () -- C:\Cyt64.cyt
[2011.06.02 07:21:59 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.02 07:20:02 | 000,001,126 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001UA.job
[2011.06.02 07:20:02 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001Core.job
[2011.06.01 18:45:41 | 000,001,165 | ---- | C] () -- C:\Users\Familie\Desktop\LogoMaker.lnk
[2011.06.01 18:36:02 | 000,001,151 | ---- | C] () -- C:\Users\Familie\Desktop\BlackShot.lnk
[2011.05.31 22:01:30 | 000,006,656 | ---- | C] () -- C:\Users\Familie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.31 22:00:22 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.05.31 19:21:10 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011.05.30 07:21:26 | 000,007,605 | ---- | C] () -- C:\Users\Familie\Documents\Poesie.odt
[2011.05.29 18:05:46 | 000,001,328 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2011.05.29 08:00:46 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.05.28 21:59:25 | 000,001,752 | ---- | C] () -- C:\Users\Familie\Desktop\Videodeluxe - Verknüpfung.lnk
[2011.05.28 21:48:25 | 000,007,256 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.05.28 13:54:47 | 000,001,406 | ---- | C] () -- C:\Users\Familie\Desktop\Free YouTube to MP3 Converter.lnk
[2011.05.27 23:43:27 | 000,001,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.05.27 23:43:27 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.05.27 23:43:26 | 000,001,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.05.25 20:01:31 | 000,015,582 | ---- | C] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat
[2011.05.25 19:52:24 | 000,002,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.05.24 18:27:16 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.05.24 18:27:14 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.05.24 18:27:12 | 000,000,250 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.05.24 18:27:10 | 000,102,912 | RHS- | C] () -- C:\Windows\SysWow64\usp10R.dll
[2011.05.24 18:27:10 | 000,000,312 | -HS- | C] () -- C:\Windows\tasks\LIEKS.job
[2011.05.23 15:55:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.22 21:33:50 | 000,131,072 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2011.05.14 22:08:07 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2011.05.13 18:46:58 | 000,001,739 | ---- | C] () -- C:\Users\Familie\Desktop\MinecraftSP - Verknüpfung.lnk
[2011.05.13 15:59:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.05.12 14:16:35 | 012,353,066 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Misa201.zip
[2011.05.12 13:43:16 | 000,090,520 | ---- | C] () -- C:\Users\Familie\Documents\rec_Vcs6Core_13-43-11.mp3
[2011.05.11 18:56:21 | 000,001,660 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.11 18:53:51 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2011.05.11 17:19:01 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.11 17:18:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.11 17:01:56 | 288,875,426 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.05.10 21:06:04 | 000,002,535 | ---- | C] () -- C:\Users\Familie\Desktop\Skype.lnk
[2011.05.10 17:04:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.08 14:17:55 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.05.08 14:04:04 | 001,625,520 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.07 22:00:31 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011.05.07 20:23:24 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.07 20:14:46 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.07 20:14:41 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.07 20:14:40 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.07 19:46:01 | 000,000,221 | ---- | C] () -- C:\Users\Familie\Desktop\America's Army 3.url
[2011.05.07 15:21:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.05.07 15:18:10 | 000,001,413 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.05.07 15:18:05 | 000,001,447 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.27 11:21:38 | 003,268,096 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.04.11 19:09:18 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.03.22 15:10:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.22 15:06:11 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.03.19 11:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.03.19 11:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.10 21:09:56 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.12.10 21:06:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.10 20:29:43 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.03.15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007.01.26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
 
========== LOP Check ==========
 
[2011.05.21 18:31:54 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\.minecraft
[2011.05.07 15:16:59 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\a
[2011.05.21 08:18:51 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\DAEMON Tools Lite
[2011.05.27 14:57:56 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\LogoMaker
[2011.05.07 16:39:04 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\LolClient
[2011.05.28 21:44:55 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\MAGIX
[2011.05.18 14:03:56 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\Pavtube
[2011.05.08 20:46:33 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\PowerCinema
[2011.05.22 13:07:57 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\RenPy
[2011.05.30 20:22:40 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\SoftGrid Client
[2011.05.23 20:57:13 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TeamViewer
[2011.05.11 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TP
[2011.06.01 17:40:40 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TS3Client
[2011.05.25 19:52:22 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TuneUp Software
[2011.05.12 14:36:37 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\Win7codecs
[2011.06.03 15:30:00 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2011.06.03 12:24:51 | 000,000,312 | -HS- | M] () -- C:\Windows\Tasks\LIEKS.job
[2009.07.14 07:08:49 | 000,020,306 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.06.03 15:26:02 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.06.03 15:20:02 | 000,000,250 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.06.03 15:01:02 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.05.07 15:17:53 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.05.31 18:55:29 | 000,000,000 | ---D | M] -- C:\AeriaGames
[2011.03.22 15:12:13 | 000,000,000 | ---D | M] -- C:\book
[2011.05.20 21:26:48 | 000,000,000 | ---D | M] -- C:\CFLog
[2011.06.03 12:24:31 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2011.05.08 17:07:16 | 000,000,000 | ---D | M] -- C:\CyberStep
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.25 19:49:31 | 000,000,000 | ---D | M] -- C:\fernsehen
[2011.05.31 21:36:00 | 000,000,000 | ---D | M] -- C:\fiaa
[2011.05.22 18:28:22 | 000,000,000 | ---D | M] -- C:\Fraps
[2011.05.31 18:55:59 | 000,000,000 | ---D | M] -- C:\Gamigo
[2011.05.08 19:27:21 | 000,000,000 | ---D | M] -- C:\GTA SA
[2010.12.10 21:00:43 | 000,000,000 | ---D | M] -- C:\Intel
[2011.05.30 20:26:39 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.05.07 15:17:43 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.05.31 17:25:24 | 000,000,000 | R--D | M] -- C:\Programme
[2011.06.01 18:44:41 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.05.31 22:00:16 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.05.07 16:07:15 | 000,000,000 | ---D | M] -- C:\Riot Games
[2011.05.29 09:12:51 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.05.07 15:16:05 | 000,000,000 | R--D | M] -- C:\Users
[2011.05.12 13:42:01 | 000,000,000 | ---D | M] -- C:\vcs5BGEffects
[2011.06.01 20:32:06 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.07.17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.07.17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.07.17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.07.17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D

< End of report >
         

hoffe auf hilfe nerft nämlich .
mfg

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Zitat:

Zitat von cosinus

Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Also hier der aufgeforderte Malwarebytes Log.

Code: Alles auswählenAufklappen

ATTFilter

mbam-log-2011-06-04 (16-05-12).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 349827
Laufzeit: 37 Minute(n), 12 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\1U0WFOHZPQ (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> No action taken.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\Familie\AppData\Local\Temp\Dtg.exe (Trojan.Downloader.VCP) -> No action taken.
c:\Windows\Temp\f42de7.exe (Trojan.FakeMS) -> No action taken.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> No action taken.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> No action taken.
         

Das Log ist unvollständig, im Header fehlen Daten über Programmversion usw.

Zitat:

-> No action taken.

Die Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!

also alle funde löschen?!

Ja, hab ich doch geschrieben! Und beachte das andere auch bitte - poste die Logs nur noch vollständig!

Also hier der Malware...

Code: Alles auswählenAufklappen

ATTFilter

Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\1U0WFOHZPQ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\GTA SA\trainer.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Familie\AppData\Local\Temp\Dtg.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\Windows\Temp\f42de7.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
         

musste dann neustart hat aber nichts gebraucht.

P.S. das war alles was auf den Editor war

Was hab ich geschrieben! Du sollst die Logs vollständig posten!

So waren sie in den Editor geschrieben bzw so waren sie drauf -.-'

Nein das stimmt nicht. Du musst alles markieren mittels STRG+A, erst dann kopieren und hier einfügen.

Also nochmal :

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6774

Windows 6.1.7600
Internet Explorer 9.0.8112.16421

05.06.2011 14:57:16
mbam-log-2011-06-05 (14-57-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 348900
Laufzeit: 41 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\1U0WFOHZPQ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\4ECYTQ9SIC (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\GTA SA\trainer.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Familie\AppData\Local\Temp\Dtg.exe (Trojan.Downloader.VCP) -> Quarantined and deleted successfully.
c:\Windows\Temp\f42de7.exe (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
         

das oder wenn nicht dann scan ich nomma bis ich das ding los bin-.-'

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code: Alles auswählenAufklappen

ATTFilter

:OTL
O32 - HKLM CDRom: AutoRun - 1
[2011.05.25 20:51:53 | 000,015,582 | ---- | M] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
:Files
C:\Users\Familie\AppData\Local\{*
C:\Windows\tasks\*.job
:Commands
[purity]
[resethosts]
         

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Kay Kay
Hier ist der OTL text.

Code: Alles auswählenAufklappen

ATTFilter

========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\Program Files (x86)\Z4[j5-1]vk-w.dat moved successfully.
ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.
========== FILES ==========
C:\Users\Familie\AppData\Local\{019EAE57-1515-45ED-8830-AD308A0842EF} folder moved successfully.
C:\Users\Familie\AppData\Local\{07EC963F-030A-4398-B0E3-2D320CF60AFA} folder moved successfully.
C:\Users\Familie\AppData\Local\{0D57CAC8-C423-4EE6-ABD2-960268B175E7} folder moved successfully.
C:\Users\Familie\AppData\Local\{2C054160-0546-4CE0-AF5B-59C78C7358E9} folder moved successfully.
C:\Users\Familie\AppData\Local\{3E663B95-62AB-4781-9F28-8F65D40BF9C3} folder moved successfully.
C:\Users\Familie\AppData\Local\{45A336D6-A809-48D2-819A-7E9D30485C1A} folder moved successfully.
C:\Users\Familie\AppData\Local\{46B39FD9-6AA7-4747-86E1-6224CFEE6678} folder moved successfully.
C:\Users\Familie\AppData\Local\{4848335C-04FB-4F9E-9399-547F516DACED} folder moved successfully.
C:\Users\Familie\AppData\Local\{92C7C130-E314-4289-8C30-B9F715AC5DCF} folder moved successfully.
C:\Users\Familie\AppData\Local\{B22FD6A0-FCF4-4A39-848C-5EB39C41FC57} folder moved successfully.
C:\Users\Familie\AppData\Local\{C666DAC9-B419-49F1-959B-6491B854D4ED} folder moved successfully.
C:\Users\Familie\AppData\Local\{D10D7969-EAC1-4519-859B-173AC1F8414B} folder moved successfully.
C:\Users\Familie\AppData\Local\{D7CFBABE-F694-41CE-8F48-106DDC03389C} folder moved successfully.
C:\Users\Familie\AppData\Local\{DBD210D9-79C4-4E1F-A949-7763B37EDC50} folder moved successfully.
C:\Users\Familie\AppData\Local\{E7557B5C-A042-4F21-B793-505DC2CE36E3} folder moved successfully.
C:\Users\Familie\AppData\Local\{ED47AFB0-7FC9-4B47-9769-538A44B8EE7C} folder moved successfully.
C:\Windows\tasks\Acer Registration - Reminder Recall task.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001Core.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001UA.job moved successfully.
C:\Windows\tasks\LIEKS.job moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.23.0 log created on 06052011_194235
         

Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Vista und 7 User müssen das Tool per Rechtsklick als Administrator ausführen!

Hier der TDSSkiller

Code: Alles auswählenAufklappen

ATTFilter

2011/06/05 20:45:02.0101 6564	TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/06/05 20:45:02.0225 6564	================================================================================
2011/06/05 20:45:02.0225 6564	SystemInfo:
2011/06/05 20:45:02.0225 6564	
2011/06/05 20:45:02.0225 6564	OS Version: 6.1.7600 ServicePack: 0.0
2011/06/05 20:45:02.0225 6564	Product type: Workstation
2011/06/05 20:45:02.0225 6564	ComputerName: FAMILIE-PC
2011/06/05 20:45:02.0225 6564	UserName: Familie
2011/06/05 20:45:02.0225 6564	Windows directory: C:\Windows
2011/06/05 20:45:02.0225 6564	System windows directory: C:\Windows
2011/06/05 20:45:02.0225 6564	Running under WOW64
2011/06/05 20:45:02.0225 6564	Processor architecture: Intel x64
2011/06/05 20:45:02.0225 6564	Number of processors: 4
2011/06/05 20:45:02.0225 6564	Page size: 0x1000
2011/06/05 20:45:02.0225 6564	Boot type: Normal boot
2011/06/05 20:45:02.0225 6564	================================================================================
2011/06/05 20:45:02.0568 6564	Initialize success
2011/06/05 20:45:10.0277 3992	================================================================================
2011/06/05 20:45:10.0277 3992	Scan started
2011/06/05 20:45:10.0277 3992	Mode: Manual; 
2011/06/05 20:45:10.0277 3992	================================================================================
2011/06/05 20:45:11.0610 3992	1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/06/05 20:45:11.0725 3992	ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/06/05 20:45:11.0830 3992	AcpiPmi         (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/06/05 20:45:11.0957 3992	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/05 20:45:12.0065 3992	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/05 20:45:12.0347 3992	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/05 20:45:12.0441 3992	AFD             (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2011/06/05 20:45:12.0476 3992	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2011/06/05 20:45:12.0499 3992	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/06/05 20:45:12.0523 3992	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/06/05 20:45:12.0564 3992	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/05 20:45:12.0752 3992	amdkmdag        (b8660fb5431f136635fb6446ac67faae) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/06/05 20:45:12.0937 3992	amdkmdap        (5fc9d833f726383d9d60205f5a3cf16b) C:\Windows\system32\DRIVERS\atikmpag.sys
2011/06/05 20:45:12.0955 3992	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/05 20:45:12.0993 3992	amdsata         (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/06/05 20:45:13.0018 3992	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/05 20:45:13.0048 3992	amdxata         (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/06/05 20:45:13.0131 3992	AppID           (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/06/05 20:45:13.0169 3992	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/05 20:45:13.0183 3992	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/05 20:45:13.0230 3992	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/05 20:45:13.0259 3992	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/06/05 20:45:13.0339 3992	athr            (e642491f64e58cd5bc8fb8b347dcf65f) C:\Windows\system32\DRIVERS\athrx.sys
2011/06/05 20:45:13.0450 3992	AtiHdmiService  (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
2011/06/05 20:45:13.0502 3992	avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/05 20:45:13.0555 3992	avipbb          (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/06/05 20:45:13.0628 3992	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/05 20:45:13.0663 3992	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/05 20:45:13.0702 3992	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/05 20:45:13.0751 3992	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/05 20:45:13.0780 3992	bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/05 20:45:13.0810 3992	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/05 20:45:13.0825 3992	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/05 20:45:13.0846 3992	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/05 20:45:13.0868 3992	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/05 20:45:13.0881 3992	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/05 20:45:13.0901 3992	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/05 20:45:13.0915 3992	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/05 20:45:13.0963 3992	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/05 20:45:13.0999 3992	cdrom           (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/05 20:45:14.0016 3992	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/05 20:45:14.0080 3992	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/05 20:45:14.0143 3992	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/05 20:45:14.0171 3992	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/06/05 20:45:14.0242 3992	CNG             (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/06/05 20:45:14.0283 3992	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/05 20:45:14.0301 3992	CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/06/05 20:45:14.0342 3992	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/05 20:45:14.0386 3992	DfsC            (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2011/06/05 20:45:14.0419 3992	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/05 20:45:14.0463 3992	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/05 20:45:14.0494 3992	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/05 20:45:14.0601 3992	dtsoftbus01     (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/06/05 20:45:14.0759 3992	DXGKrnl         (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/05 20:45:14.0861 3992	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/05 20:45:15.0005 3992	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/05 20:45:15.0029 3992	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/06/05 20:45:15.0055 3992	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/05 20:45:15.0115 3992	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/05 20:45:15.0133 3992	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/05 20:45:15.0166 3992	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/05 20:45:15.0186 3992	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/05 20:45:15.0223 3992	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/05 20:45:15.0245 3992	FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/06/05 20:45:15.0267 3992	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/05 20:45:15.0378 3992	fssfltr         (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2011/06/05 20:45:15.0414 3992	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/05 20:45:15.0449 3992	fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/05 20:45:15.0471 3992	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/05 20:45:15.0533 3992	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/05 20:45:15.0566 3992	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/05 20:45:15.0591 3992	HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/06/05 20:45:15.0648 3992	HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/06/05 20:45:15.0661 3992	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/05 20:45:15.0693 3992	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/05 20:45:15.0706 3992	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/05 20:45:15.0765 3992	HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/06/05 20:45:15.0789 3992	HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/06/05 20:45:15.0835 3992	HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/06/05 20:45:15.0855 3992	hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/05 20:45:15.0902 3992	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/06/05 20:45:15.0935 3992	iaStor          (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\DRIVERS\iaStor.sys
2011/06/05 20:45:16.0010 3992	iaStorV         (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/06/05 20:45:16.0049 3992	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/05 20:45:16.0144 3992	IntcAzAudAddService (f4c031439501f6c1d336a36d7cb58f4f) C:\Windows\system32\drivers\RTKVHD64.sys
2011/06/05 20:45:16.0213 3992	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/06/05 20:45:16.0256 3992	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/05 20:45:16.0272 3992	IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/05 20:45:16.0293 3992	IPMIDRV         (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/06/05 20:45:16.0306 3992	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/05 20:45:16.0338 3992	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/05 20:45:16.0351 3992	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/06/05 20:45:16.0382 3992	iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/06/05 20:45:16.0397 3992	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/06/05 20:45:16.0411 3992	kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/06/05 20:45:16.0444 3992	KSecDD          (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/05 20:45:16.0459 3992	KSecPkg         (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/05 20:45:16.0489 3992	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/05 20:45:16.0556 3992	L1C             (0e154da6ca9105354a07d0c576804037) C:\Windows\system32\DRIVERS\L1C62x64.sys
2011/06/05 20:45:16.0611 3992	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/05 20:45:16.0690 3992	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/05 20:45:16.0707 3992	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/05 20:45:16.0723 3992	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/05 20:45:16.0738 3992	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/05 20:45:16.0767 3992	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/05 20:45:16.0829 3992	MBAMProtector   (ed49fd1373de93617a1f6d128d98fe4d) C:\Windows\system32\drivers\mbam.sys
2011/06/05 20:45:16.0849 3992	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/05 20:45:16.0890 3992	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/05 20:45:16.0927 3992	MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
2011/06/05 20:45:16.0958 3992	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/05 20:45:16.0976 3992	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/05 20:45:17.0010 3992	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/06/05 20:45:17.0078 3992	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/05 20:45:17.0091 3992	mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/06/05 20:45:17.0132 3992	mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/06/05 20:45:17.0147 3992	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/05 20:45:17.0172 3992	MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/06/05 20:45:17.0206 3992	mrxsmb          (b7f3d2c40bdf8ffb73ebfb19c77734e2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/05 20:45:17.0230 3992	mrxsmb10        (86c6f88b5168ce21cf8d69d0b3ff5d19) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/05 20:45:17.0246 3992	mrxsmb20        (b081069251c8e9f42cb8769d07148f9c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/05 20:45:17.0259 3992	msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/06/05 20:45:17.0275 3992	msdsm           (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/06/05 20:45:17.0296 3992	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/05 20:45:17.0324 3992	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/05 20:45:17.0338 3992	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/06/05 20:45:17.0382 3992	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/05 20:45:17.0394 3992	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/05 20:45:17.0408 3992	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/05 20:45:17.0439 3992	MsRPC           (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/06/05 20:45:17.0485 3992	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/06/05 20:45:17.0499 3992	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/05 20:45:17.0515 3992	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/05 20:45:17.0543 3992	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/05 20:45:17.0565 3992	mwlPSDFilter    (9b1eac6faf6f37305e822f5588dc8056) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
2011/06/05 20:45:17.0577 3992	mwlPSDNServ     (ad55c1524b296280ed9c6e0d730d35da) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
2011/06/05 20:45:17.0603 3992	mwlPSDVDisk     (2b599e6ec8843637bdd62e7f8f3ba201) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
2011/06/05 20:45:17.0646 3992	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/05 20:45:17.0691 3992	NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/06/05 20:45:17.0722 3992	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/05 20:45:17.0749 3992	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/05 20:45:17.0768 3992	Ndisuio         (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/05 20:45:17.0782 3992	NdisWan         (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/05 20:45:17.0804 3992	NDProxy         (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/06/05 20:45:17.0816 3992	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/05 20:45:17.0844 3992	NetBT           (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/05 20:45:17.0916 3992	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/05 20:45:17.0935 3992	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/05 20:45:17.0966 3992	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/05 20:45:18.0016 3992	Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/06/05 20:45:18.0055 3992	NTIDrvr         (ee3ba1024594d5d09e314f206b94069e) C:\Windows\system32\drivers\NTIDrvr.sys
2011/06/05 20:45:18.0080 3992	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/05 20:45:18.0132 3992	nusb3hub        (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys
2011/06/05 20:45:18.0178 3992	nusb3xhc        (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys
2011/06/05 20:45:18.0215 3992	nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/06/05 20:45:18.0344 3992	nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/06/05 20:45:18.0399 3992	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/06/05 20:45:18.0414 3992	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/06/05 20:45:18.0567 3992	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/05 20:45:18.0582 3992	partmgr         (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/06/05 20:45:18.0603 3992	pci             (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/06/05 20:45:18.0616 3992	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/06/05 20:45:18.0727 3992	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/05 20:45:18.0749 3992	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/05 20:45:18.0784 3992	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/05 20:45:18.0909 3992	PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/05 20:45:18.0932 3992	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/05 20:45:18.0986 3992	Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/05 20:45:19.0036 3992	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/05 20:45:19.0081 3992	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/05 20:45:19.0109 3992	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/05 20:45:19.0122 3992	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/05 20:45:19.0158 3992	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/05 20:45:19.0178 3992	Rasl2tp         (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/05 20:45:19.0198 3992	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/05 20:45:19.0214 3992	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/05 20:45:19.0241 3992	rdbss           (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/05 20:45:19.0265 3992	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/05 20:45:19.0293 3992	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/05 20:45:19.0311 3992	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/05 20:45:19.0328 3992	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/05 20:45:19.0344 3992	RDPWD           (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/06/05 20:45:19.0361 3992	rdyboost        (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
2011/06/05 20:45:19.0400 3992	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/05 20:45:19.0451 3992	RSUSBSTOR       (9beb5f18a418ff70659ce2e356829568) C:\Windows\system32\Drivers\RtsUStor.sys
2011/06/05 20:45:19.0480 3992	sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/06/05 20:45:19.0499 3992	scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/05 20:45:19.0546 3992	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/05 20:45:19.0579 3992	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/05 20:45:19.0595 3992	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/05 20:45:19.0610 3992	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/05 20:45:19.0636 3992	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/06/05 20:45:19.0649 3992	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/06/05 20:45:19.0664 3992	sffp_sd         (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/06/05 20:45:19.0678 3992	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/05 20:45:19.0715 3992	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/05 20:45:19.0730 3992	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/05 20:45:19.0744 3992	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/05 20:45:19.0778 3992	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/05 20:45:19.0813 3992	srv             (148d50904d2a0df29a19778715eb35bb) C:\Windows\system32\DRIVERS\srv.sys
2011/06/05 20:45:19.0845 3992	srv2            (ce2189fe31d36678ac9eb7ddee08ec96) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/05 20:45:19.0866 3992	srvnet          (cb69edeb069a49577592835659cd0e46) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/05 20:45:19.0904 3992	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/05 20:45:19.0933 3992	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/06/05 20:45:20.0014 3992	SynTP           (ef51b22706db03f0857fade127c804ec) C:\Windows\system32\DRIVERS\SynTP.sys
2011/06/05 20:45:20.0110 3992	Tcpip           (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2011/06/05 20:45:20.0159 3992	TCPIP6          (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/05 20:45:20.0190 3992	tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/05 20:45:20.0216 3992	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/05 20:45:20.0230 3992	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/05 20:45:20.0273 3992	tdx             (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/05 20:45:20.0291 3992	TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/06/05 20:45:20.0321 3992	tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/05 20:45:20.0399 3992	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
2011/06/05 20:45:20.0427 3992	tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/05 20:45:20.0482 3992	TurboB          (48743b69ea47c020a792d8649f753f44) C:\Windows\system32\DRIVERS\TurboB.sys
2011/06/05 20:45:20.0503 3992	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/05 20:45:20.0532 3992	UBHelper        (a17d5e1a6df4eab0a480f2c490de4c9d) C:\Windows\system32\drivers\UBHelper.sys
2011/06/05 20:45:20.0560 3992	udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/05 20:45:20.0586 3992	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/06/05 20:45:20.0627 3992	umbus           (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/06/05 20:45:20.0651 3992	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/05 20:45:20.0725 3992	usbccgp         (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/05 20:45:20.0741 3992	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/06/05 20:45:20.0816 3992	usbehci         (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
2011/06/05 20:45:20.0846 3992	usbhub          (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/05 20:45:20.0877 3992	usbohci         (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
2011/06/05 20:45:20.0914 3992	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/05 20:45:20.0939 3992	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/06/05 20:45:20.0979 3992	USBSTOR         (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/06/05 20:45:21.0021 3992	usbuhci         (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
2011/06/05 20:45:21.0078 3992	usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
2011/06/05 20:45:21.0151 3992	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/06/05 20:45:21.0183 3992	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/05 20:45:21.0213 3992	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/05 20:45:21.0229 3992	vhdmp           (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/06/05 20:45:21.0245 3992	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/06/05 20:45:21.0263 3992	volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/06/05 20:45:21.0280 3992	volmgrx         (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/06/05 20:45:21.0299 3992	volsnap         (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/06/05 20:45:21.0340 3992	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/05 20:45:21.0374 3992	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/06/05 20:45:21.0397 3992	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/06/05 20:45:21.0416 3992	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/05 20:45:21.0444 3992	WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/05 20:45:21.0457 3992	Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/05 20:45:21.0483 3992	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/05 20:45:21.0517 3992	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/05 20:45:21.0572 3992	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/05 20:45:21.0600 3992	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/05 20:45:21.0666 3992	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/06/05 20:45:21.0703 3992	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/05 20:45:21.0729 3992	WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/06/05 20:45:21.0757 3992	WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/05 20:45:21.0868 3992	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/06/05 20:45:21.0886 3992	================================================================================
2011/06/05 20:45:21.0886 3992	Scan finished
2011/06/05 20:45:21.0886 3992	================================================================================
2011/06/05 20:45:21.0894 4988	Detected object count: 0
2011/06/05 20:45:21.0894 4988	Actual detected object count: 0