Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl (https://www.trojaner-board.de/102546-goingonearth-virus-immer-werbeseiten-umgeleitet-sicherheitscenter-win-defender-fael.html)

Eag 14.08.2011 21:43
Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl
 
Hallo zusammen !
Seit einigen Stunden werde ich immer wenn ich etwas Google und einen Link anklicke über eine Seite auf eine Werbeseite umgeleitet ... wenn ich zurück gehe und den Link noch einmal öffne funktioniert alles einwandfrei !
Ausserdem sind das Sicherheitscenter und der Windows Defender deaktiviert und lassen sich auch nicht mehr aktivieren (resp sie lassen sich schon, sobald ich sie jedoch wieder aufrufe sind sie wieder deaktiviert o.0 )

Was ich auch bemerkt habe ist dass als ich zum Beispiel Skype aktualisiert habe kam die Meldung dass die Webseite mehrer Dateien downloaden möchte und ob ich das zulassen wolle, was ich natürrlich verneint habe ! Allerdings beunruhigt mich das, da Skype doch eigentlich vertrauenswürdig sein sollte !! ?

Die Werbungssache ist eigentlich nur nervig .. was mich schon eher beunruhigt ist die Deaktivierung von Sicherheitscenter und windows Defender (welcher ausserdem weder in der Systemsteuerung noch in "programme und Funktionen" zu finden ist ... ) da ich somit nichts mehr (einigermassen) sicher downloaden kann ...

Ausserdem hat mein Antivirprogramm in diesen 3 h schon 4 Malwares gefunden (obwohl ich nicht gedownloadet habe) und blockiert ...

Bitte um Hilfe !! Bin verzweifelt ... habe alles schon gescannt und weiss jetzt nicht was machen :'((

Ich hänge die Text Dateien an

Danke für die Hilfe :)

PS: Sry dass so viele Dateien angehängt sind ... habe es nicht besser hinbekommen ( höchsten 97,7 MB) :(

cosinus 16.08.2011 13:38
Hallo und :hallo:

Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Eag 16.08.2011 19:02
Danke für die schnelle antwort :)
Habe Antimalware laufen gelassen hat nichts gefunden ... habe dann allerdings bemerkt dass sie nicht auf dem aktuellsten Stand war ... :headbang:

Nun ja ... habe sie aktualisiert und bin im Mom am scannen ... habe jedoch scho mit OTL gescannt und auch das Defogger laufen lassen ... hänge die beiden Dateien mal an :)

Eag 16.08.2011 19:06
Der erste Teil von der OTL

Code:
OTL logfile created on: 16.08.2011 20:39:30 - Run 2
OTL by OldTimer - Version 3.2.26.2    Folder = C:\Users\Daniel Chvojan\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,67 Gb Available Physical Memory | 61,30% Memory free
11,98 Gb Paging File | 9,43 Gb Available in Paging File | 78,72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,21 Gb Total Space | 199,69 Gb Free Space | 71,52% Space Free | Partition Type: NTFS
Drive D: | 298,09 Gb Total Space | 149,98 Gb Free Space | 50,31% Space Free | Partition Type: NTFS
Drive E: | 18,59 Gb Total Space | 3,00 Gb Free Space | 16,16% Space Free | Partition Type: NTFS
Drive F: | 99,34 Mb Total Space | 92,75 Mb Free Space | 93,37% Space Free | Partition Type: FAT32
 
Computer Name: DANIELCHVOJAN | User Name: Daniel Chvojan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
PRC - [2011.07.06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.29 09:42:30 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.04.30 19:15:09 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.05 18:37:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.12.01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2009.12.01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009.10.06 23:57:00 | 000,296,360 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
PRC - [2009.10.06 23:57:00 | 000,169,376 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe
PRC - [2009.10.06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009.10.06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009.08.25 19:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
PRC - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2006.10.05 12:37:04 | 000,061,440 | ---- | M] (Sigmatel) -- C:\Windows\system\w98eject.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.08.15 18:55:45 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e9a08576157b4aeb91a3aaa452fcb00\System.Management.ni.dll
MOD - [2011.08.15 18:20:53 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7f94f6b13f92f1e093716d3e15bf86d1\PresentationFramework.Aero.ni.dll
MOD - [2011.08.15 18:20:35 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011.08.15 18:20:32 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\b7d1c271ec6b4df64c95563fc81ffc2f\System.Data.ni.dll
MOD - [2011.08.15 18:20:21 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c60906a715473ceccf93f0559527e84d\PresentationFramework.ni.dll
MOD - [2011.08.15 18:20:04 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011.08.15 18:19:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011.08.15 18:19:53 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8b3b6ed74cb3d94695b0eaf94a362d42\UIAutomationTypes.ni.dll
MOD - [2011.08.15 18:19:52 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\5566b57732d9edea236f54d06149835a\PresentationCore.ni.dll
MOD - [2011.08.15 18:19:40 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011.08.15 18:19:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011.08.15 18:19:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011.08.15 18:19:29 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011.08.15 18:19:24 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
MOD - [2011.08.06 04:21:25 | 000,400,440 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\ppGoogleNaClPluginChrome.dll
MOD - [2011.08.06 04:21:24 | 004,118,072 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\pdf.dll
MOD - [2011.08.06 04:20:06 | 009,075,768 | ---- | M] (The ICU Project) -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\icudt.dll
MOD - [2011.08.06 04:20:00 | 026,362,424 | ---- | M] (Google Inc.) -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\chrome.dll
MOD - [2011.08.06 04:19:58 | 000,104,520 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avutil-50.dll
MOD - [2011.08.06 04:19:56 | 000,203,848 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avformat-52.dll
MOD - [2011.08.06 04:19:55 | 001,846,344 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\Google\Chrome\Application\13.0.782.112\avcodec-52.dll
MOD - [2011.07.06 19:52:40 | 002,224,176 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
MOD - [2011.07.06 19:52:40 | 000,521,264 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
MOD - [2011.07.06 19:52:40 | 000,174,128 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
MOD - [2011.07.06 19:52:38 | 001,047,656 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
MOD - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
MOD - [2011.06.29 09:42:30 | 002,589,544 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
MOD - [2011.06.29 09:42:30 | 000,873,832 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
MOD - [2011.06.29 09:42:30 | 000,446,312 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
MOD - [2011.06.29 09:42:30 | 000,304,488 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
MOD - [2011.06.29 09:42:30 | 000,290,664 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
MOD - [2011.06.29 09:42:30 | 000,174,440 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
MOD - [2011.06.29 09:42:30 | 000,121,704 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
MOD - [2011.06.15 20:30:25 | 000,063,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90DEU.DLL
MOD - [2011.06.15 20:30:15 | 003,781,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MOD - [2011.06.15 20:30:06 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2011.06.15 20:30:06 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2011.06.15 20:26:51 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2011.06.15 20:26:51 | 000,554,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
MOD - [2011.06.01 10:16:54 | 000,496,976 | ---- | M] (vbAccelerator) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
MOD - [2011.05.24 12:40:05 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devrtl.dll
MOD - [2011.05.03 21:26:49 | 001,740,800 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
MOD - [2011.05.03 21:26:49 | 000,597,504 | ---- | M] (STLport Consulting, Inc.) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
MOD - [2011.05.03 21:26:49 | 000,452,608 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
MOD - [2011.05.03 21:26:49 | 000,432,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
MOD - [2011.05.03 21:26:49 | 000,142,848 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
MOD - [2011.05.03 21:26:49 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
MOD - [2011.05.03 21:26:49 | 000,092,672 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
MOD - [2011.05.03 21:26:49 | 000,092,160 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
MOD - [2011.05.03 21:26:49 | 000,086,016 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
MOD - [2011.05.03 21:26:49 | 000,053,248 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
MOD - [2011.05.03 21:26:49 | 000,051,712 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
MOD - [2011.05.03 21:26:49 | 000,013,312 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
MOD - [2011.05.03 21:26:48 | 003,266,560 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
MOD - [2011.05.03 21:26:48 | 000,958,464 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
MOD - [2011.05.03 21:26:48 | 000,531,456 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
MOD - [2011.05.03 21:26:48 | 000,358,912 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
MOD - [2011.05.03 21:26:48 | 000,257,024 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
MOD - [2011.05.03 21:26:48 | 000,212,992 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
MOD - [2011.05.03 21:26:48 | 000,094,208 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
MOD - [2011.05.03 21:26:47 | 002,863,616 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
MOD - [2011.05.03 21:26:47 | 002,186,752 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
MOD - [2011.05.03 21:26:47 | 000,777,216 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
MOD - [2011.05.03 21:26:47 | 000,529,408 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
MOD - [2011.05.03 21:26:47 | 000,379,904 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
MOD - [2011.05.03 21:26:47 | 000,256,000 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
MOD - [2011.05.03 21:26:46 | 003,234,816 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
MOD - [2011.05.03 21:26:46 | 001,577,984 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
MOD - [2011.05.03 21:26:45 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.05.03 21:26:45 | 000,832,000 | ---- | M] (Oracle) -- C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
MOD - [2011.05.03 21:26:45 | 000,287,232 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
MOD - [2011.05.03 21:26:45 | 000,083,968 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
MOD - [2011.05.03 21:26:45 | 000,024,064 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
MOD - [2011.05.03 21:26:44 | 013,914,112 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
MOD - [2011.05.03 21:26:44 | 001,317,376 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
MOD - [2011.05.03 21:26:44 | 001,071,616 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
MOD - [2011.05.03 21:26:44 | 000,951,296 | ---- | M] (IBM Corporation and others) -- C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
MOD - [2011.05.03 21:26:44 | 000,066,560 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
MOD - [2011.05.03 21:26:44 | 000,029,184 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
MOD - [2011.05.03 21:26:44 | 000,026,112 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
MOD - [2011.05.03 21:26:43 | 001,649,152 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
MOD - [2011.05.03 21:26:43 | 000,869,888 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
MOD - [2011.05.03 21:26:43 | 000,311,296 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
MOD - [2011.05.03 21:26:42 | 001,033,728 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
MOD - [2011.05.03 21:26:42 | 000,700,928 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
MOD - [2011.05.03 21:26:42 | 000,396,800 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
MOD - [2011.05.03 21:26:42 | 000,148,480 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
MOD - [2011.05.03 21:26:42 | 000,135,680 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
MOD - [2011.04.30 19:15:09 | 000,039,784 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
MOD - [2011.03.30 00:33:49 | 005,924,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2011.03.30 00:33:48 | 000,363,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2011.03.21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.03.11 07:33:59 | 001,164,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42u.dll
MOD - [2011.03.11 07:33:59 | 001,137,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mfc42.dll
MOD - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
MOD - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
MOD - [2010.11.20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wtsapi32.dll
MOD - [2010.11.20 14:21:38 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2010.11.20 14:21:36 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
MOD - [2010.11.20 14:21:36 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winsta.dll
MOD - [2010.11.20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wkscli.dll
MOD - [2010.11.20 14:21:35 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wer.dll
MOD - [2010.11.20 14:21:35 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webio.dll
MOD - [2010.11.20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\riched20.dll
MOD - [2010.11.20 14:21:03 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rtutils.dll
MOD - [2010.11.20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PortableDeviceApi.dll
MOD - [2010.11.20 14:20:48 | 000,573,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbc32.dll
MOD - [2010.11.20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntlanman.dll
MOD - [2010.11.20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msdmo.dll
MOD - [2010.11.20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mscms.dll
MOD - [2010.11.20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MMDevAPI.dll
MOD - [2010.11.20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IPHLPAPI.DLL
MOD - [2010.11.20 14:19:21 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
MOD - [2010.11.20 14:19:03 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\FWPUCLNT.DLL
MOD - [2010.11.20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ExplorerFrame.dll
MOD - [2010.11.20 14:18:38 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorAPI.dll
MOD - [2010.11.20 14:18:26 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davclnt.dll
MOD - [2010.11.20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d9.dll
MOD - [2010.11.20 14:18:23 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
MOD - [2010.11.20 14:18:09 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cabinet.dll
MOD - [2010.11.20 14:18:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\AudioSes.dll
MOD - [2010.11.20 14:18:01 | 000,562,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2010.11.20 13:55:08 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
MOD - [2010.11.19 12:42:42 | 000,083,456 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 18:37:31 | 000,288,616 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
MOD - [2010.11.05 18:37:30 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
MOD - [2010.11.05 03:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010.11.05 03:57:40 | 000,572,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MOD - [2010.11.05 03:53:31 | 001,736,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
MOD - [2010.03.03 12:22:52 | 000,025,448 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
MOD - [2010.02.25 11:07:11 | 000,054,120 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
MOD - [2010.02.24 03:07:06 | 000,101,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010.02.22 11:56:14 | 000,092,520 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
MOD - [2010.02.19 13:30:01 | 000,062,312 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
MOD - [2010.01.26 14:12:06 | 000,025,448 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
MOD - [2010.01.14 11:59:43 | 000,008,552 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
MOD - [2010.01.14 11:59:43 | 000,005,480 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
MOD - [2010.01.14 11:59:42 | 000,005,480 | ---- | M] (Avira GmbH) -- c:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
MOD - [2010.01.09 08:10:58 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.12.14 16:24:56 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll
MOD - [2009.12.01 13:37:48 | 000,674,880 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOCache.dll
MOD - [2009.12.01 13:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009.12.01 13:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpOSet.dll
MOD - [2009.12.01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
MOD - [2009.12.01 13:37:46 | 000,334,912 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DPFPApi.dll
MOD - [2009.12.01 13:37:46 | 000,240,704 | ---- | M] (DigitalPersona, Inc.) -- C:\Windows\SysWOW64\DpClback.dll
MOD - [2009.11.29 19:20:40 | 007,716,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWOW64\nvd3dum.dll
MOD - [2009.10.16 21:47:40 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MFC71.dll
MOD - [2009.10.06 23:57:08 | 004,838,776 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\PCMRRec4.dll
MOD - [2009.10.06 23:57:02 | 000,279,976 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009.10.06 23:57:02 | 000,259,488 | ---- | M] (Cyberlink) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll
MOD - [2009.10.06 23:57:02 | 000,120,232 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009.10.06 23:57:02 | 000,038,184 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapSvcps.dll
MOD - [2009.10.06 23:57:00 | 000,464,168 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009.10.06 23:56:58 | 000,062,832 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll
MOD - [2009.10.06 23:56:44 | 000,415,016 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
MOD - [2009.10.06 23:56:44 | 000,066,856 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll
MOD - [2009.10.06 23:56:40 | 000,075,048 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\Common\CLRCEngine3.dll
MOD - [2009.10.06 00:08:42 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
MOD - [2009.10.06 00:08:38 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009.09.29 16:25:56 | 002,359,296 | ---- | M] (HP) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll
MOD - [2009.09.29 16:25:52 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CeeWriter.dll
MOD - [2009.09.29 16:25:50 | 000,253,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll
MOD - [2009.09.29 16:25:46 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009.09.29 16:25:44 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009.09.29 16:25:42 | 000,143,360 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll
MOD - [2009.09.29 16:25:38 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009.09.29 16:25:38 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009.09.29 16:25:38 | 000,032,768 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll
MOD - [2009.09.29 16:25:38 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009.09.29 16:25:36 | 000,032,768 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll
MOD - [2009.09.29 16:25:36 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009.09.29 16:25:28 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009.09.29 16:25:22 | 000,147,456 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll
MOD - [2009.09.29 16:25:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009.09.29 16:25:06 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll
MOD - [2009.09.17 15:54:48 | 000,161,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll
MOD - [2009.09.17 15:54:48 | 000,079,272 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
MOD - [2009.09.17 15:54:46 | 000,064,352 | ---- | M] (Microsoft) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.ObjectBuilder.dll
MOD - [2009.08.25 19:34:30 | 000,015,544 | R--- | M] () -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MOD - [2009.08.20 13:35:48 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009.08.20 13:35:46 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009.08.20 13:35:46 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009.07.21 13:22:24 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll
MOD - [2009.07.15 12:18:18 | 000,359,992 | R--- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
MOD - [2009.07.14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcryptprimitives.dll
MOD - [2009.07.14 03:16:20 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wsock32.dll
MOD - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wship6.dll
MOD - [2009.07.14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WSHTCPIP.DLL
MOD - [2009.07.14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winnsi.dll
MOD - [2009.07.14 03:16:18 | 000,192,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
MOD - [2009.07.14 03:16:14 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shfolder.dll
MOD - [2009.07.14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SensApi.dll
MOD - [2009.07.14 03:16:12 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasapi32.dll
MOD - [2009.07.14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\powrprof.dll
MOD - [2009.07.14 03:16:12 | 000,103,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\oledlg.dll
MOD - [2009.07.14 03:16:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasman.dll
MOD - [2009.07.14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rasadhlp.dll
MOD - [2009.07.14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\npmproxy.dll
MOD - [2009.07.14 03:16:02 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
MOD - [2009.07.14 03:15:50 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvbvm60.dll
MOD - [2009.07.14 03:15:50 | 000,406,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp60.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009.07.14 03:15:45 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
MOD - [2009.07.14 03:15:43 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msctfui.dll
MOD - [2009.07.14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msacm32.dll
MOD - [2009.07.14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mlang.dll
MOD - [2009.07.14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ksuser.dll
MOD - [2009.07.14 03:15:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icm32.dll
MOD - [2009.07.14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IconCodecService.dll
MOD - [2009.07.14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\hid.dll
MOD - [2009.07.14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gpapi.dll
MOD - [2009.07.14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dui70.dll
MOD - [2009.07.14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dsound.dll
MOD - [2009.07.14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\duser.dll
MOD - [2009.07.14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\drprov.dll
MOD - [2009.07.14 03:15:11 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
MOD - [2009.07.14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ddraw.dll
MOD - [2009.07.14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\devenum.dll
MOD - [2009.07.14 03:15:09 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dciman32.dll
MOD - [2009.07.14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\davhlpr.dll
MOD - [2009.07.14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d8thk.dll
MOD - [2009.07.14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\avrt.dll
MOD - [2009.07.14 03:14:53 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\advpack.dll
MOD - [2009.07.14 03:11:20 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\bcrypt.dll
MOD - [2009.07.14 03:09:14 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\odbcint.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009.06.10 23:23:08 | 000,074,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2009.06.10 23:14:57 | 000,778,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\PresentationNative_v0300.dll
MOD - [2006.10.05 12:37:04 | 000,061,440 | ---- | M] (Sigmatel) -- C:\Windows\system\w98eject.exe
MOD - [2006.10.04 09:22:02 | 000,040,960 | ---- | M] (vbAccelerator) -- C:\Windows\SysWOW64\SSubTmr6.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.10.21 09:35:26 | 000,240,640 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009.07.08 14:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe -- (AESTFilters)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.29 09:42:30 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.30 19:15:09 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.12.01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009.10.06 23:57:00 | 000,296,360 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2009.10.06 23:57:00 | 000,169,376 | ---- | M] () [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2009.09.04 14:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.22 13:00:00 | 000,129,584 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)
SRV - [2007.07.24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========

Eag 16.08.2011 19:51
Und Teil 2

Code:
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.29 09:42:30 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.29 09:42:30 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.13 15:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011.03.20 13:19:55 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.03.20 13:19:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:32:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.01.13 16:37:18 | 007,675,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009.10.21 09:35:26 | 000,501,760 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.10.03 05:58:12 | 000,258,560 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.09.17 22:56:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.09.17 22:56:16 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.09.17 22:56:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.09.17 22:56:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.09.03 16:30:20 | 000,128,512 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV:64bit: - [2009.08.22 11:54:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.08.15 08:54:54 | 000,286,768 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.08.08 06:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.21 05:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.08 14:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009.07.08 14:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009.06.29 20:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 08:32:52 | 000,311,424 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVerAF15.sys -- (AVerAF15)
DRV:64bit: - [2009.04.29 09:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2009.10.16 21:47:06 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/24 01:43:16] [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://hp.ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A CA 50 4D 1F DF CA 01  [binary data]
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daniel Chvojan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daniel Chvojan\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.04.25 19:11:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\firefoxext [2010.04.25 19:11:11 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Programme\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [C:\Free Video Zilla\FVZilla.exe]  File not found
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [Realtime Audio Engine]  File not found
O4 - Startup: C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Daniel Chvojan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.253
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll) -  File not found
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.08.16 18:26:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{DF2D4E15-C6D0-4391-A196-ED63CD07F733}
[2011.08.16 18:26:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{20A3358D-527B-40C4-86EC-90E3BBCEAF41}
[2011.08.15 18:17:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{AF67E1D8-04AA-4D70-A97E-48D55D892A06}
[2011.08.15 18:16:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{1165376B-8330-4544-A856-884B62B0B0E5}
[2011.08.15 18:16:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{023FC94C-71C3-48D5-AE03-B0A5048CB350}
[2011.08.14 23:08:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011.08.14 23:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011.08.14 22:04:10 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.08.14 22:04:10 | 000,190,752 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.08.14 22:04:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.08.14 22:04:10 | 000,171,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.08.14 21:55:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.14 21:55:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.08.14 21:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.08.14 21:35:32 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
[2011.08.14 21:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.08.14 21:09:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.08.14 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Omnifone_Ltd
[2011.08.14 18:42:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.08.14 18:41:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\newfolder3
[2011.08.14 18:41:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MusicStation
[2011.08.14 18:41:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MusicStation
[2011.08.14 18:41:35 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Downloaded Installations
[2011.08.14 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011.08.14 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011.08.14 18:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2011.08.14 12:50:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D492034D-212F-42D0-B9C1-DF14FC8D2E9D}
[2011.08.14 12:50:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{EB73D160-3DAA-4619-9534-940AFC568B06}
[2011.08.13 18:37:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{752D3C07-5549-47D0-AE56-47A7DAD26C80}
[2011.08.13 11:16:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6578D1DC-9D86-41EF-8FBF-48CFFA87031F}
[2011.08.12 22:45:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{1CACA662-C22C-47FC-9B50-10081CC50EDE}
[2011.08.12 22:45:01 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{261888C5-6C5F-47D4-97B9-13B14BF465A5}
[2011.08.12 12:31:25 | 000,000,000 | ---D | C] -- C:\output
[2011.08.12 12:21:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FixFoto
[2011.08.12 12:21:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\FixFoto
[2011.08.12 12:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FixFoto
[2011.08.12 10:44:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{10F95A60-8CE3-43C8-8DAB-D574B744876E}
[2011.08.12 10:44:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A1F417E2-EAC9-4F9E-B893-99E744FD55C9}
[2011.08.11 10:21:03 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.08.11 10:21:03 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.08.11 10:21:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.08.11 10:21:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.08.11 10:21:03 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.08.11 10:21:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.08.11 10:21:03 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.08.11 10:21:03 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.08.11 10:21:03 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.08.11 10:20:53 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.08.11 10:20:53 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.08.11 10:20:53 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.08.11 10:20:53 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.08.11 10:20:53 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.08.11 10:20:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.08.11 10:20:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.08.11 10:20:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.08.11 10:20:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.08.11 10:20:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.08.11 10:20:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.08.11 10:20:52 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.08.11 10:20:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.08.11 10:20:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.08.11 10:20:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.11 10:20:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.11 10:20:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.08.11 10:20:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.08.11 10:20:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.08.11 10:20:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.08.11 10:20:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.08.11 10:20:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.08.11 10:20:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.08.11 10:20:49 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.08.11 10:20:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.08.11 10:20:34 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.08.11 10:20:34 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.08.11 10:20:33 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.08.11 10:20:32 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.08.11 10:20:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.08.11 10:20:32 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.08.11 10:20:32 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.08.11 10:20:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.08.11 10:20:25 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.08.11 10:20:25 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.08.11 10:20:24 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.08.11 10:17:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{52253305-ECBF-4D23-8A6D-AF60B0D0A83A}
[2011.08.11 10:17:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0B5EFCF8-B6C6-435F-833F-02ED5C23A123}
[2011.08.10 17:14:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{34BD6B10-2948-4182-BD4F-1C9C92CD0721}
[2011.08.10 17:13:57 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{41FBE14E-F58A-4D2D-8747-779BF8E1A211}
[2011.08.10 10:17:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.08.10 10:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2011.08.10 10:08:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SamLogic CD-Menu Creator 2010
[2011.08.10 10:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamLogic
[2011.08.10 10:07:55 | 000,037,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\VIREG32.EXE
[2011.08.10 10:01:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{2898E3F5-D3E1-42AB-BA30-DDF71D8028E0}
[2011.08.09 22:53:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Jens Lorek
[2011.08.09 22:52:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\TubeBox!
[2011.08.09 22:52:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\TubeBox
[2011.08.09 22:51:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TubeBox!
[2011.08.09 22:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jens Lorek
[2011.08.09 21:53:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Eigene Dateien
[2011.08.09 17:10:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Autoplay
[2011.08.09 17:10:39 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Tabctl32.ocx
[2011.08.09 17:10:39 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSINET.OCX
[2011.08.09 17:10:39 | 000,057,344 | ---- | C] (GalloSoft) -- C:\Windows\SysWow64\GraphicalMenu.ocx
[2011.08.09 17:10:38 | 000,339,968 | ---- | C] (Arafasoft  hxxp://www.arafasoft.com/) -- C:\Windows\SysWow64\Asimcr.ocx
[2011.08.09 17:10:38 | 000,046,080 | ---- | C] (Microsoft Corp) -- C:\Windows\SysWow64\MCIWNDX.OCX
[2011.08.09 13:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011.08.09 11:39:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{03A5DB27-77BA-458E-A124-C6B6770F4F12}
[2011.08.09 11:39:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{CEF150B4-8A32-4283-A41B-F18E97D826F7}
[2011.08.09 11:39:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B0930E95-1B80-42A0-A483-A6877CC8C5D4}
[2011.08.08 10:13:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6C1711EA-6840-437F-9A2D-DD0085131E6E}
[2011.08.08 10:13:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{DE162A56-704F-4BF0-8CD4-6DFA0A9709AB}
[2011.08.07 17:38:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2011.08.07 17:36:00 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D7525202-756B-4D97-88FB-4D869D0D5F03}
[2011.08.07 16:11:18 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{BA730CFF-3851-4ED6-A7D8-F2D950F60CA5}
[2011.08.07 16:09:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B46866C7-7168-49CA-9C63-AF3C4C8A7D17}
[2011.08.07 16:05:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{03985C4D-05C3-4F6F-8B2E-A54E6C03C7C5}
[2011.08.07 12:23:22 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{BDB3B849-7100-4DEF-B1F6-4DC05996E8CF}
[2011.08.07 12:23:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{6D9151A7-40B3-4A6C-B793-355F00077809}
[2011.08.06 17:19:31 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Downloads
[2011.08.06 12:50:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D14360B9-2F24-48A3-9F73-5BA28B7E9516}
[2011.08.05 13:34:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{C4C904CC-44B4-434A-A807-7F599047A929}
[2011.08.05 13:34:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B500821D-86F9-4BDF-824F-9643ABFF112D}
[2011.08.05 12:25:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Musik
[2011.08.05 12:22:27 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{AC854A95-2EC2-425A-B550-2F6FEAE2CF6E}
[2011.08.04 14:49:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{FF98D455-6088-4B9A-83B7-306641995273}
[2011.08.04 14:49:38 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{854CB2C6-840D-4516-8407-F8657F3DDEA2}
[2011.08.04 14:49:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{C3F764DD-0A3E-41EC-8DAC-0FADA5ABC855}
[2011.08.03 09:50:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0626EC51-541C-4B9E-9D4A-65D27C107FA1}
[2011.08.03 09:50:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{80EB4210-E61A-43B9-A49E-D6E1A1B1227D}
[2011.08.02 13:32:56 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{E6713FC3-79B8-4070-B58C-A85844AA51CB}
[2011.08.02 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{B4D23319-1F09-4F0F-AECB-F9F3FE31189D}
[2011.08.01 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{D95CFBC1-48DF-45FD-B23B-E3CF22F1760A}
[2011.08.01 19:32:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{67B1AAFE-1999-422D-BA90-841C3C859C7B}
[2011.07.31 18:08:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\GetRightToGo
[2011.07.31 17:28:24 | 000,856,064 | ---- | C] (Essien Research & Development) -- C:\Windows\SysWow64\mpgfiltr.ax
[2011.07.31 17:28:24 | 000,245,760 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\VideoEdit.ocx
[2011.07.31 17:28:24 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2011.07.31 17:28:24 | 000,147,456 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\viscomqtenc.dll
[2011.07.31 17:28:24 | 000,110,592 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomaudioencoder.dll
[2011.07.31 17:28:24 | 000,098,304 | ---- | C] (Viscom Software www.viscomsoft.com) -- C:\Windows\SysWow64\viscomtran.dll
[2011.07.31 17:28:24 | 000,090,112 | ---- | C] (L544⑩ Technology) -- C:\Windows\SysWow64\viscomframe.dll
[2011.07.31 17:28:24 | 000,081,920 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomwave.dll
[2011.07.31 17:28:23 | 001,703,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2011.07.31 17:28:23 | 000,221,184 | ---- | C] (Veign  Chris Hanscom    Http://www.veign.com) -- C:\Windows\SysWow64\JwldButn2b.ocx
[2011.07.31 17:28:23 | 000,200,704 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalExpBar6.ocx
[2011.07.31 17:28:23 | 000,094,208 | ---- | C] (Viscom Software) -- C:\Windows\SysWow64\viscomaudiodata.dll
[2011.07.31 17:28:23 | 000,094,208 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\vbalIml6.ocx
[2011.07.31 17:28:23 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\SysWow64\SSubTmr6.dll
[2011.07.31 16:49:25 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\avidemux
[2011.07.31 10:00:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Windows Live Writer
[2011.07.31 10:00:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Windows Live Writer
[2011.07.31 09:59:57 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{F34C2996-F9A5-4641-A754-A1FC5013C6B2}
[2011.07.31 09:59:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{4552A368-7AFD-443E-B505-CE7F932E452E}
[2011.07.31 09:59:45 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{0AC5F78C-3731-4C3D-AA31-1F7608181D57}
[2011.07.31 00:07:26 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Ulead Systems
[2011.07.30 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Media Player Classic
[2011.07.30 16:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.07.30 16:29:48 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.07.30 16:29:48 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\mp3fhg.acm
[2011.07.30 16:29:48 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011.07.30 16:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.07.30 15:28:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\Filme
[2011.07.30 14:29:10 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.07.30 13:57:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vRevealR 2.0 Crack installer
[2011.07.30 13:19:04 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Malwarebytes
[2011.07.30 13:18:59 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.30 13:18:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.30 13:18:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.30 13:18:55 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.30 13:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.30 12:54:52 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\MotionDSP
[2011.07.30 12:54:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\MotionDSP
[2011.07.30 12:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\vReveal 3
[2011.07.30 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\MOVAVI
[2011.07.30 12:28:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{27E9C0AD-46DA-48B3-AC3B-52A68FCB0F4B}
[2011.07.30 12:28:21 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{40BFB819-55FE-4125-9025-AC1B3D110D20}
[2011.07.29 12:00:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My PSP Files
[2011.07.29 12:00:33 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Corel
[2011.07.29 11:43:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{9CC1540C-69A6-4EA2-B7DB-9E99A01A77B5}
[2011.07.29 11:43:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{5651D530-BC01-4D95-B6DA-4199029B8C82}
[2011.07.29 11:07:41 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{2853F94F-2BAC-4180-A1E3-6BF44FA5937A}
[2011.07.28 21:28:24 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\FVZilla
[2011.07.28 21:28:24 | 000,000,000 | ---D | C] -- C:\downloads
[2011.07.28 16:58:58 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Electronic Arts
[2011.07.28 16:08:06 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{14754AE2-8E78-403B-907D-AFB8290B32F3}
[2011.07.28 10:15:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{ECD82560-0107-465C-A4F5-67A73BF89E57}
[2011.07.26 10:58:49 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{9DCF6C72-2AAA-4D82-8046-52B942AFD6A2}
[2011.07.25 17:30:55 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\SKIDROW
[2011.07.25 10:58:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A5534B8A-AF0E-4B53-B1D0-D3CAB2918A66}
[2011.07.24 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Documents\My Games
[2011.07.24 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\My Games
[2011.07.24 20:35:16 | 000,233,472 | ---- | C] (Immersion Corporation) -- C:\Windows\SysNative\IFC23.dll
[2011.07.24 16:02:39 | 000,000,000 | ---D | C] -- C:\VCRedist
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\miles
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\Locale
[2011.07.24 16:01:40 | 000,000,000 | ---D | C] -- C:\EULA
[2011.07.24 16:01:34 | 000,000,000 | ---D | C] -- C:\DirectX
[2011.07.24 16:01:34 | 000,000,000 | ---D | C] -- C:\Debug
[2011.07.24 15:23:56 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.07.24 15:23:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.07.24 15:23:56 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.07.24 15:23:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.07.24 15:23:54 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011.07.24 15:23:54 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.07.24 15:05:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sid Meier's Civilization V
[2011.07.24 14:51:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.07.24 14:43:59 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\{A75EDC35-376E-4D35-A49F-65EF5E924F42}
[2011.07.24 13:30:54 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.07.24 13:25:37 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011.07.24 13:17:03 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\Windows Live
[2011.07.24 11:51:09 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\uTorrent
[2011.07.24 11:14:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.07.24 11:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.07.24 10:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softendo.com
[2011.07.22 14:25:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\softendo.com
[2011.07.21 13:13:47 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\Desktop\WICHTIG
[2011.07.21 12:55:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Awem
[2011.07.21 11:36:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Local\ElevatedDiagnostics
[2011.07.21 11:32:39 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.07.21 10:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011.07.21 10:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2011.07.21 10:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2011.07.21 09:31:10 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.07.20 17:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
[2011.07.20 16:19:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle Of Rome
[2011.07.20 15:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2011.07.20 12:26:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.07.19 15:48:46 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Awem
[2011.07.19 15:45:11 | 000,000,000 | ---D | C] -- C:\Users\Daniel Chvojan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle Of Rome 2
[2011.07.19 11:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cradle of Rome
[4 C:\Users\Daniel Chvojan\AppData\Local\*.tmp files -> C:\Users\Daniel Chvojan\AppData\Local\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.08.16 20:17:00 | 000,001,156 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264936456-2933647673-22141408-1000UA.job
[2011.08.16 20:15:01 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.16 19:54:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.08.16 19:17:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4264936456-2933647673-22141408-1000Core.job
[2011.08.16 18:32:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.08.16 18:32:05 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.08.16 18:25:40 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.16 18:24:19 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.08.16 18:24:13 | 000,000,334 | -HS- | M] () -- C:\Windows\tasks\jgza.job
[2011.08.16 18:24:00 | 529,690,623 | -HS- | M] () -- C:\hiberfil.sys
[2011.08.15 21:45:23 | 000,302,592 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\qrn90wmy.exe
[2011.08.15 21:39:12 | 000,000,000 | ---- | M] () -- C:\Users\Daniel Chvojan\defogger_reenable
[2011.08.15 18:37:33 | 000,050,477 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Defogger.exe
[2011.08.14 23:08:48 | 001,662,944 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.08.14 22:57:29 | 000,410,944 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.08.14 22:06:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.08.14 22:04:07 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2011.08.14 22:04:07 | 000,190,752 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2011.08.14 22:04:07 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2011.08.14 22:04:07 | 000,171,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2011.08.14 21:35:31 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel Chvojan\Desktop\OTL.exe
[2011.08.14 21:27:03 | 000,231,828 | ---- | M] () -- C:\Users\Daniel Chvojan\Documents\cc_20110814_212642.reg
[2011.08.14 21:09:45 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.14 20:51:08 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.08.14 20:51:08 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.08.14 20:51:08 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.08.14 20:51:08 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.08.14 20:51:08 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.08.14 18:53:15 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2011.08.14 18:53:15 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2011.08.14 18:41:42 | 000,000,243 | ---- | M] () -- C:\ProgramData\MusicStation.xml
[2011.08.14 18:41:40 | 000,000,228 | ---- | M] () -- C:\Windows\SysWow64\MsiExec.config
[2011.08.12 12:22:00 | 000,000,912 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\FixFoto.lnk
[2011.08.10 10:17:57 | 000,002,662 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Google Chrome.lnk
[2011.08.10 10:17:20 | 000,001,245 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\Ashampoo MyAutoplay Menu.lnk
[2011.08.09 21:39:02 | 000,012,165 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1_navi.JPG
[2011.08.09 21:38:58 | 000,046,349 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.0
[2011.08.09 21:38:58 | 000,025,069 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.JPG
[2011.08.03 15:01:32 | 000,016,603 | ---- | M] () -- C:\Users\Daniel Chvojan\Desktop\WIEHNACHTE.odt
[2011.07.31 17:32:49 | 000,008,704 | ---- | M] () -- C:\Users\Daniel Chvojan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.30 13:18:59 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.30 13:02:07 | 000,063,488 | RHS- | M] () -- C:\Windows\SysWow64\cmmon32O.dll
[2011.07.30 12:42:54 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011.07.30 12:42:54 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011.07.30 12:42:50 | 000,005,117 | ---- | M] () -- C:\ProgramData\hvcatrnw.tht
[2011.07.24 17:41:12 | 000,000,000 | ---- | M] () -- C:\Windows\PowerReg.dat
[2011.07.22 15:20:08 | 000,000,052 | ---- | M] () -- C:\Windows\mafosav.INI
[2011.07.22 10:00:00 | 000,074,752 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.22 10:00:00 | 000,000,038 | ---- | M] () -- C:\Windows\avisplitter.ini
[2011.07.21 10:01:17 | 000,126,464 | ---- | M] (AlcaTech) -- C:\Windows\SysWow64\Setup.dll
[4 C:\Users\Daniel Chvojan\AppData\Local\*.tmp files -> C:\Users\Daniel Chvojan\AppData\Local\*.tmp -> ]
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.08.15 21:45:26 | 000,302,592 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\qrn90wmy.exe
[2011.08.15 21:37:04 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\defogger_reenable
[2011.08.15 18:37:36 | 000,050,477 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\Defogger.exe
[2011.08.14 23:08:41 | 001,662,944 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011.08.14 21:54:37 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.08.14 21:26:44 | 000,231,828 | ---- | C] () -- C:\Users\Daniel Chvojan\Documents\cc_20110814_212642.reg
[2011.08.14 21:09:45 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.08.14 18:41:42 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2011.08.14 18:41:40 | 000,000,228 | ---- | C] () -- C:\Windows\SysWow64\MsiExec.config
[2011.08.12 12:22:00 | 000,000,912 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\FixFoto.lnk
[2011.08.10 10:17:20 | 000,001,245 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\Ashampoo MyAutoplay Menu.lnk
[2011.08.09 21:39:02 | 000,012,165 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1_navi.JPG
[2011.08.09 21:38:58 | 000,046,349 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.0
[2011.08.09 21:38:58 | 000,025,069 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpNCIS 1.JPG
[2011.08.06 15:59:14 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2011.08.03 10:54:45 | 000,016,603 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\WIEHNACHTE.odt
[2011.07.31 17:28:24 | 000,598,016 | ---- | C] () -- C:\Windows\SysWow64\viscomqtde.dll
[2011.07.31 17:00:55 | 002,669,056 | ---- | C] () -- C:\Users\Daniel Chvojan\Desktop\VirtualDub.exe
[2011.07.30 16:29:50 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.07.30 16:29:49 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.07.30 16:29:47 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.07.30 16:29:47 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.07.30 16:29:47 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.07.30 13:18:59 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.30 13:02:08 | 000,000,334 | -HS- | C] () -- C:\Windows\tasks\jgza.job
[2011.07.30 13:02:07 | 000,063,488 | RHS- | C] () -- C:\Windows\SysWow64\cmmon32O.dll
[2011.07.30 12:42:54 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2011.07.30 12:42:54 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011.07.30 12:42:50 | 000,005,117 | ---- | C] () -- C:\ProgramData\hvcatrnw.tht
[2011.07.24 17:41:12 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2011.07.24 13:28:39 | 000,001,270 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.07.24 13:28:17 | 000,001,339 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.07.24 13:27:45 | 000,001,423 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011.07.24 13:27:15 | 000,002,451 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2011.07.22 14:28:41 | 000,000,052 | ---- | C] () -- C:\Windows\mafosav.INI
[2011.07.16 18:49:26 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2011.07.16 18:49:26 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2011.07.16 18:49:25 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2011.07.14 22:12:52 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{AF367AAD-0A72-41BD-923E-4207CF4DF079}
[2011.07.06 22:51:01 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{DD969EB8-D537-4D37-A1AF-A69ED710ACF5}
[2011.06.29 22:48:08 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{5E7A5561-9A16-4949-B819-4A61845B083C}
[2011.06.29 22:46:32 | 000,000,000 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\{D132C775-0C7A-44F6-A529-596C9C214141}
[2011.03.31 13:52:59 | 000,051,421 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpSNAPSHOT_20110331_8.JPG
[2011.03.03 21:13:25 | 000,096,151 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO (1).JPG
[2011.02.23 11:22:04 | 000,028,748 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\UserTile.png
[2011.02.04 22:31:43 | 000,688,188 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0089.JPG
[2011.01.01 20:58:30 | 000,454,460 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0013.0
[2011.01.01 20:58:30 | 000,158,946 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0013.JPG
[2011.01.01 20:58:13 | 000,246,402 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0043.JPG
[2011.01.01 20:58:12 | 000,603,861 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO0043.0
[2010.11.10 10:06:53 | 000,925,028 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpP1000730.JPG
[2010.10.31 21:29:10 | 000,034,805 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpSNAPSHOT_20101031.JPG
[2010.10.10 13:39:38 | 007,655,189 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBIROCHÈRE-PANORAMA.JPG
[2010.09.23 21:19:45 | 000,006,862 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\.freeciv-client-rc-2.2
[2010.09.21 13:41:51 | 000,153,712 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS.JPG
[2010.09.21 13:41:14 | 000,014,994 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS_CROP.JPG
[2010.09.21 13:41:14 | 000,014,799 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpKLASS_CROP.0
[2010.09.10 15:27:05 | 000,117,081 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpELI ZUM BEARBEITE ;P.JPG
[2010.09.04 14:47:44 | 000,298,869 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO01_002_CROP_CROP.JPG
[2010.09.04 14:43:33 | 000,393,738 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO.JPG
[2010.09.04 14:41:17 | 001,163,138 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpCHOREO01_002.JPG
[2010.08.08 16:47:52 | 000,000,846 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Roaming\wklnhst.dat
[2010.08.02 21:01:32 | 000,368,276 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO 0079.JPG
[2010.08.02 21:01:07 | 000,494,767 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpFOTO 0079.0
[2010.08.02 14:23:11 | 000,208,885 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpPLAYMATE_MONTAG_GROSS_1.JPG
[2010.08.02 14:17:58 | 000,122,242 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBILD0625[1].JPG
[2010.08.02 14:11:21 | 000,117,081 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpBILD0606.JPG
[2010.07.01 21:28:53 | 000,448,718 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpIMG_8226.JPG
[2010.06.30 18:38:10 | 000,518,252 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\tmpIMG_8216.JPG
[2010.04.25 19:05:56 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.04.21 19:18:29 | 000,008,704 | ---- | C] () -- C:\Users\Daniel Chvojan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.02.28 17:17:48 | 003,284,480 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2010.02.24 03:00:42 | 000,209,040 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2010.02.24 03:00:42 | 000,204,944 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2010.02.24 03:00:42 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2010.02.24 03:00:42 | 000,196,752 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2010.02.24 03:00:42 | 000,192,656 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2010.02.24 03:00:42 | 000,024,720 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2010.02.24 02:25:51 | 000,000,283 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010.02.24 02:25:51 | 000,000,224 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010.01.09 01:27:54 | 000,009,868 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2009.09.29 16:25:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:2E65951B
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:BB24555F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:890CC2F3
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:A5B56640
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >

Eag 16.08.2011 20:10
Hier die Ergebnisse von Malwarebytes ' Anti- Maleware ... nun ja Ergebnisse sind es ja nicht unbedingt

Code:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7480

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

16.08.2011 20:54:49
mbam-log-2011-08-16 (20-54-49).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 402014
Laufzeit: 56 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Eag 16.08.2011 20:13
ach ja ... der letzte Malwarebytes der was gefunden hat ... als es angefangen hat ... als ich es entfernt habe haben die Symptome im Internet aufgehört ... allerdings lässt sich das Sicherheitscenter immer noch nicht aktivieren ... :S

Code:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7441

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.08.2011 13:46:50
mbam-log-2011-08-14 (13-46-50).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 174487
Laufzeit: 2 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\ZU6RKI1ONY (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Eag 16.08.2011 20:17
Dann gibt es noch das ergebniss vom defogger ... allerdings ist es viel zu kurz und ein richtiger scan wurde auch nicht ausgeführt obwohl es in den Tipps für Hilfesuchenden (oder so ähnlich) heisst das könne einige Minuten in anspruch nehmen ...


Hier mal die Datei:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:45 on 16/08/2011 (Daniel Chvojan)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

cosinus 17.08.2011 10:12
Führe auch bitte ESET aus, danach sehen wir weiter.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

n.

Eag 17.08.2011 20:01
Zitat:
Zitat von cosinus (Beitrag 694067)
Führe auch bitte ESET aus, danach sehen wir weiter.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
Würde ich ja gerne ... nur ... wenn ich das Avira Anti-Vir Guard ausschalten will kommt die ganze Zeit die Meldung: "Zugriff verweigert"

Kommt dazu ... es heisst der Defender würde weiterhin laufen ... nur in den Diensten wird er als Deaktiviert angezeigt !!! o.0 seehr speziell ( allerdings scheint er ja dann noch zu laufen was eigentlich kein schlechtes Zeichen wäre oder ?)

Eag 17.08.2011 20:04
Oder heisst das nur das mein PC vollkommen kaputt ist ? :S
Wäre es gescheiter meinen PC neu aufzusetzen ? Naja ich werde zuerst alles mögliche versuchen .. :)

cosinus 17.08.2011 21:54
Zitat:
wenn ich das Avira Anti-Vir Guard ausschalten will kommt die ganze Zeit die Meldung: "Zugriff verweigert"
Regenschirm schließen, notfalls AntiVir deinstallieren

Eag 18.08.2011 20:45
Ah ja danke hat funktioniert .... konnte leider erst jetzt and den Pc ... werde den Scan mal durchführen und die Resultate sollten morgen drinnen sein ... was ich allerdings immer noch nicht ganz verstehe ist das mit dem Defender ( wieso wird angezeigt dass er läuft ? In den Diensten steht ja das Gegenteil o.0)


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:07 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27