| Dave-RockZ | 03.06.2010 22:12 |
Erstmal OTL:
OTL Logfile: Code:
OTL logfile created on: 03.06.2010 23:05:57 - Run 1
OTL by OldTimer - Version 3.2.5.3 Folder = C:\Users\Dave-RockZ\Downloads
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 61,00% Memory free
12,00 Gb Paging File | 9,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 876,65 Gb Free Space | 94,11% Space Free | Partition Type: NTFS
Drive D: | 437,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 465,76 Gb Total Space | 96,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 596,17 Gb Total Space | 200,53 Gb Free Space | 33,64% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive N: | 465,76 Gb Total Space | 69,72 Gb Free Space | 14,97% Space Free | Partition Type: NTFS
Computer Name: DAVE-ROCKZ-PC
Current User Name: Dave-RockZ
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Dave-RockZ\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Users\Dave-RockZ\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Users\Dave-RockZ\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Common\FSLAUNCH.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
========== Modules (SafeList) ==========
MOD - C:\Users\Dave-RockZ\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (FSORSPClient) -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FSMA) -- C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys ()
DRV - (CSC) -- C:\Windows\CSC [2010.06.02 22:59:04 | 000,000,000 | ---D | M]
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys ()
DRV - (fsvista) -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys ()
DRV - (ElbyCDIO) -- C:\Windows\SysWOW64\ElbyCDIO.dll (Elaborate Bytes AG)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 A6 33 B5 16 03 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2010.06.03 00:35:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.06.03 15:10:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.03 15:10:03 | 000,000,000 | ---D | M]
[2010.06.02 23:45:02 | 000,000,000 | ---D | M] -- C:\Users\Dave-RockZ\AppData\Roaming\mozilla\Extensions
[2010.06.02 23:45:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave-RockZ\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
O1 HOSTS File: ([2010.06.03 15:09:51 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [WinUpdate] C:\Windows\SysWow64\lexplorer.exe File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: lexplorer = C:\Windows\system32\lexplorer.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: lexplorer = C:\Windows\system32\lexplorer.exe File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.03 23:12:23 | 000,000,038 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010.02.03 17:17:08 | 000,000,032 | ---- | M] () - N:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{46dc1c61-6e8a-11df-ad44-0025118adbd2}\Shell - "" = AutoRun
O33 - MountPoints2\{46dc1c61-6e8a-11df-ad44-0025118adbd2}\Shell\AutoRun\command - "" = O:\Set-up.exe -- File not found
O33 - MountPoints2\{99fa2a6c-6e89-11df-bd2e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99fa2a6c-6e89-11df-bd2e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\smoney_m_23_0_j_.exe -- [2009.03.03 22:45:32 | 139,864,448 | R--- | M] (Acresso Software Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.06.03 22:57:19 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Malwarebytes
[2010.06.03 22:57:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.06.03 22:57:10 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.06.03 22:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.03 22:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.06.03 22:46:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Native Instruments
[2010.06.03 22:45:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2010.06.03 22:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2010.06.03 22:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2010.06.03 22:44:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}
[2010.06.03 22:44:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2010.06.03 22:44:31 | 000,000,000 | ---D | C] -- C:\Programme\Native Instruments
[2010.06.03 22:44:31 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Native Instruments
[2010.06.03 22:37:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\QuickPar
[2010.06.03 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\CommunicaEtor
[2010.06.03 22:03:07 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Tracing
[2010.06.03 22:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.06.03 22:02:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.06.03 22:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.06.03 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.06.03 22:01:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.06.03 21:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.06.03 21:56:51 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\skypePM
[2010.06.03 21:56:25 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Skype
[2010.06.03 21:56:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.06.03 21:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.06.03 21:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.06.03 20:32:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\ICQ
[2010.06.03 20:32:41 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\AOL
[2010.06.03 20:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.06.03 16:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.06.03 16:36:21 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Trillian
[2010.06.03 16:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2010.06.03 16:21:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.06.03 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.06.03 15:27:45 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2010.06.03 15:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free
[2010.06.03 15:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2010.06.03 15:19:50 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.06.03 15:18:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.06.03 15:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.06.03 15:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.06.03 15:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.06.03 15:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.06.03 15:11:24 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Apple Computer
[2010.06.03 15:11:23 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Apple Computer
[2010.06.03 15:11:16 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010.06.03 15:11:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.06.03 15:11:16 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.06.03 15:11:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.06.03 15:10:49 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Google
[2010.06.03 15:10:36 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.06.03 15:09:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Adobe
[2010.06.03 15:09:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.06.03 15:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.06.03 15:09:34 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Apple
[2010.06.03 15:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.06.03 15:09:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.06.03 15:09:12 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.03 15:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.06.03 15:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.06.03 15:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.06.03 14:54:32 | 000,372,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2010.06.03 14:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.06.03 14:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.06.03 14:48:22 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.06.03 14:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.06.03 00:36:53 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft LifeCam
[2010.06.03 00:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2010.06.03 00:35:59 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.06.03 00:35:57 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.06.03 00:33:08 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\system32
[2010.06.03 00:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.06.03 00:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\StarMoney 7.0
[2010.06.03 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition
[2010.06.03 00:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010.06.03 00:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.06.03 00:09:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.06.03 00:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.06.03 00:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.03 00:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.03 00:07:55 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.06.03 00:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2010.06.03 00:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nvu
[2010.06.03 00:04:22 | 000,047,560 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fses.sys
[2010.06.03 00:04:18 | 000,574,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2010.06.03 00:04:18 | 000,094,024 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fsdfw.sys
[2010.06.03 00:04:06 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\vlc
[2010.06.03 00:03:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Foxit
[2010.06.03 00:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010.06.03 00:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure
[2010.06.03 00:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAMN NFO Viewer
[2010.06.03 00:01:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010.06.02 23:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.06.02 23:57:37 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.06.02 23:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2010.06.02 23:57:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\TeamViewer
[2010.06.02 23:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.06.02 23:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tinypic
[2010.06.02 23:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ConeXware
[2010.06.02 23:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2010.06.02 23:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerArchiver
[2010.06.02 23:55:14 | 000,000,000 | ---D | C] -- C:\Programme\CommunicaEtor
[2010.06.02 23:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CommunicaEtor
[2010.06.02 23:51:00 | 000,241,664 | ---- | C] (Namtuk.com) -- C:\Windows\SysWow64\MyFramePanel.ocx
[2010.06.02 23:50:59 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2010.06.02 23:50:59 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ComCtl32.ocx
[2010.06.02 23:50:59 | 000,245,760 | ---- | C] (LansSoft Studio) -- C:\Windows\SysWow64\aUpdateNow.ocx
[2010.06.02 23:50:59 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.06.02 23:50:59 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx
[2010.06.02 23:50:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010.06.02 23:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FriendBlasterPro
[2010.06.02 23:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Thunderbird
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Thunderbird
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Mozilla
[2010.06.02 23:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010.06.02 23:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2010.06.02 23:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.06.02 23:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.06.02 23:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010.06.02 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.06.02 23:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.06.02 23:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.06.02 23:35:50 | 000,505,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.06.02 23:35:50 | 000,353,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.06.02 23:35:50 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.06.02 23:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.06.02 23:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.06.02 23:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nvidia Omega Drivers
[2010.06.02 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Opera
[2010.06.02 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Opera
[2010.06.02 23:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.06.02 23:19:49 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.06.02 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Macromedia
[2010.06.02 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Adobe
[2010.06.02 23:16:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.06.02 23:11:26 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Searches
[2010.06.02 23:11:19 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Identities
[2010.06.02 23:11:18 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Contacts
[2010.06.02 23:11:16 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\VirtualStore
[2010.06.02 23:11:11 | 000,000,000 | --SD | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Microsoft
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Videos
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Saved Games
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Pictures
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Music
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Links
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Favorites
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Downloads
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Documents
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Desktop
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Vorlagen
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Verlauf
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Temporary Internet Files
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Startmenü
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\SendTo
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Recent
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Netzwerkumgebung
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Lokale Einstellungen
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Videos
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Musik
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Eigene Dateien
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Bilder
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Druckumgebung
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Cookies
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Anwendungsdaten
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Anwendungsdaten
[2010.06.02 23:11:11 | 000,000,000 | -H-D | C] -- C:\Users\Dave-RockZ\AppData
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Temp
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Microsoft
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Media Center Programs
[2010.06.02 23:10:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.06.02 23:10:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.06.02 22:59:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.06.02 22:59:04 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010.05.31 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Simply Super Software
[2010.05.30 15:54:44 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Alpha Protocol
[2010.05.26 21:52:56 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\GcMail
[2010.05.25 18:44:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\microsoft
[2010.05.24 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\MeineWebSeiten
[2010.05.24 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Meine Corel-Shows
[2010.05.24 13:40:03 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\ICQ
[2010.05.24 13:40:03 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\HP Photosmart Projects
[2010.05.24 13:39:56 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Eigene Scans
[2010.05.24 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Eigene PaperPort-Dokumente
[2010.05.24 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\CyberLink
[2010.05.24 13:39:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Temporary Downloaded Files
[2010.05.24 13:39:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Adobe
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Outlook-Dateien
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\OneNote-Notizbücher
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Notes
[2010.05.24 13:39:44 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\My PSP Files
[2010.05.24 13:37:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Downloads
[2010.05.24 13:30:52 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\DriverGenius
[2010.05.24 13:01:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Desktop\Desktop
[2010.05.11 23:05:43 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.05.11 22:44:30 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.05.11 22:41:57 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.05.11 22:41:06 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.05.11 22:40:35 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.05.11 22:40:28 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.05.11 22:39:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.05.11 22:39:09 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.05.11 22:38:50 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.05.11 22:38:49 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.05.11 22:37:20 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.05.11 22:37:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.05.11 22:37:14 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.05.11 22:37:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.05.11 22:37:09 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.05.11 22:37:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.05.11 22:37:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.05.11 22:37:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.05.11 22:37:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.05.11 22:37:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.05.11 22:36:53 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.05.11 22:36:52 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.05.11 22:36:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.05.11 22:36:47 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.05.11 22:36:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.05.11 22:36:46 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.05.11 22:36:41 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.05.11 22:35:43 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.05.11 22:35:42 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010.05.11 22:35:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.05.11 22:35:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.05.11 22:35:39 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.05.11 22:35:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.05.11 22:35:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.05.11 22:35:37 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.05.11 22:35:37 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.05.11 22:35:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.05.11 22:35:37 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.05.11 22:35:37 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.05.11 22:35:37 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.05.11 22:35:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.05.11 22:35:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.05.11 22:35:36 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.05.11 22:35:36 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.05.11 22:35:36 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.05.11 22:35:36 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.05.11 22:35:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.05.11 22:35:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.05.11 22:35:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.05.11 22:35:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.05.11 22:35:31 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.05.11 22:35:22 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.05.11 22:35:19 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.05.11 22:35:12 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.05.11 22:35:07 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.05.11 22:35:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.05.11 22:35:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.05.11 22:35:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.05.11 22:35:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.05.11 22:35:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.05.11 22:35:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.05.11 22:35:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.05.11 22:35:03 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.05.11 22:35:02 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.05.11 22:35:01 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.05.11 22:35:01 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.05.11 22:35:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.05.11 22:35:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.05.11 22:35:01 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.05.11 22:35:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.05.11 22:35:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.05.11 22:34:54 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.05.11 22:34:54 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.05.11 22:34:54 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys
[2010.05.11 22:34:54 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.05.11 22:34:54 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.05.11 22:34:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.05.11 22:34:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.05.11 22:07:29 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
========== Files - Modified Within 30 Days ==========
[2010.06.03 23:08:38 | 001,310,720 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT
[2010.06.03 22:57:14 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.03 22:45:34 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2010.06.03 22:15:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001UA.job
[2010.06.03 21:56:52 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.06.03 21:56:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.03 20:38:23 | 000,018,938 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\75530-2357-not_my_president.jpg
[2010.06.03 20:33:44 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.03 20:32:04 | 000,012,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.03 20:32:04 | 000,012,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.03 20:29:16 | 001,493,750 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.03 20:29:16 | 000,650,756 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.06.03 20:29:16 | 000,614,120 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.03 20:29:16 | 000,129,432 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.06.03 20:29:16 | 000,106,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.03 20:24:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.03 20:24:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.03 20:24:40 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.03 18:05:32 | 001,432,959 | -H-- | M] () -- C:\Users\Dave-RockZ\AppData\Local\IconCache.db
[2010.06.03 17:55:14 | 000,057,569 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\schueler-ges.jpg
[2010.06.03 16:50:05 | 000,057,944 | ---- | M] () -- C:\Users\Dave-RockZ\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.03 16:36:20 | 000,001,087 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\Trillian.lnk
[2010.06.03 16:22:37 | 004,831,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.03 16:21:30 | 623,303,599 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.06.03 15:27:46 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.06.03 15:15:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001Core.job
[2010.06.03 15:13:36 | 000,002,338 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\Google Chrome.lnk
[2010.06.03 15:11:19 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.03 15:10:00 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.03 15:08:34 | 000,001,246 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2010.06.03 14:20:42 | 000,002,089 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\HijackThis.lnk
[2010.06.03 14:19:41 | 001,402,880 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\HiJackThis.msi
[2010.06.03 00:41:04 | 000,047,560 | ---- | M] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fses.sys
[2010.06.03 00:38:34 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010.06.03 00:35:42 | 000,033,920 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2010.06.03 00:32:51 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Internet Security 2010.lnk
[2010.06.03 00:31:04 | 000,524,288 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.03 00:31:04 | 000,524,288 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.03 00:31:04 | 000,065,536 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.03 00:18:39 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\StarMoney 7.0 Commerzbank-Edition.lnk
[2010.06.03 00:07:24 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.06.03 00:04:24 | 001,516,002 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.03 00:03:42 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2010.06.03 00:02:13 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010.06.02 23:58:18 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.06.02 23:57:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.06.02 23:57:05 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.06.02 23:56:23 | 000,000,987 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\TinyPic.lnk
[2010.06.02 23:55:56 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\PowerArchiver.lnk
[2010.06.02 23:55:51 | 000,001,003 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\QuickPar.lnk
[2010.06.02 23:51:00 | 000,001,921 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\FriendBlasterPro.lnk
[2010.06.02 23:44:21 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.06.02 23:44:09 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2010.06.02 23:37:12 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.06.02 23:36:46 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.06.02 23:36:46 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.06.02 23:36:38 | 000,001,615 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\DivX Movies.lnk
[2010.06.02 23:33:15 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.06.02 23:33:15 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.06.02 23:33:15 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.06.02 23:26:58 | 000,472,576 | ---- | M] () -- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
[2010.06.02 23:20:39 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.02 23:11:11 | 000,000,020 | -HS- | M] () -- C:\Users\Dave-RockZ\ntuser.ini
[2010.06.02 23:02:33 | 000,000,751 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.06.02 23:02:33 | 000,000,751 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.06.02 23:00:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.01 23:03:28 | 024,063,155 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\[aF]Death.Note.-.04.-.Verfolgt[80A38759].mp4
[2010.05.24 20:35:04 | 000,026,624 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc
[2010.05.16 18:56:44 | 000,032,256 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc
[2010.05.16 18:53:27 | 000,017,435 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx
[2010.05.16 14:42:44 | 000,012,468 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx
========== Files Created - No Company Name ==========
[2010.06.03 22:57:14 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.03 22:45:34 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2010.06.03 21:56:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.03 21:56:09 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.03 20:38:23 | 000,018,938 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\75530-2357-not_my_president.jpg
[2010.06.03 20:33:44 | 000,001,820 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.03 17:55:14 | 000,057,569 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\schueler-ges.jpg
[2010.06.03 16:36:20 | 000,001,087 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\Trillian.lnk
[2010.06.03 16:21:30 | 623,303,599 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.06.03 15:27:46 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.06.03 15:13:36 | 000,002,338 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\Google Chrome.lnk
[2010.06.03 15:11:19 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.03 15:10:53 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001UA.job
[2010.06.03 15:10:51 | 000,001,086 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001Core.job
[2010.06.03 15:10:00 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.03 14:20:42 | 000,002,089 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\HijackThis.lnk
[2010.06.03 14:19:37 | 001,402,880 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\HiJackThis.msi
[2010.06.03 00:38:34 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010.06.03 00:32:51 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\F-Secure Internet Security 2010.lnk
[2010.06.03 00:18:38 | 000,002,248 | ---- | C] () -- C:\Users\Public\Desktop\StarMoney 7.0 Commerzbank-Edition.lnk
[2010.06.03 00:11:20 | 000,001,246 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2010.06.03 00:07:24 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.06.03 00:05:05 | 000,033,920 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2010.06.03 00:04:09 | 001,516,002 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.03 00:03:42 | 000,001,226 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2010.06.03 00:02:13 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010.06.02 23:58:18 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.06.02 23:57:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.06.02 23:57:37 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.06.02 23:57:05 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.06.02 23:56:23 | 000,000,987 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\TinyPic.lnk
[2010.06.02 23:55:56 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\PowerArchiver.lnk
[2010.06.02 23:55:51 | 000,001,003 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\QuickPar.lnk
[2010.06.02 23:51:00 | 000,001,921 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\FriendBlasterPro.lnk
[2010.06.02 23:44:21 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.06.02 23:44:09 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2010.06.02 23:37:12 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.06.02 23:36:46 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.06.02 23:36:46 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.06.02 23:36:38 | 000,001,615 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\DivX Movies.lnk
[2010.06.02 23:26:58 | 000,472,576 | ---- | C] () -- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
[2010.06.02 23:20:39 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.02 23:11:11 | 001,310,720 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT
[2010.06.02 23:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.02 23:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.02 23:11:11 | 000,262,144 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.dat.LOG1
[2010.06.02 23:11:11 | 000,065,536 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.02 23:11:11 | 000,000,020 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.ini
[2010.06.02 23:11:11 | 000,000,000 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.dat.LOG2
[2010.06.02 23:00:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.02 22:58:37 | 536,219,647 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.01 23:01:59 | 024,063,155 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\[aF]Death.Note.-.04.-.Verfolgt[80A38759].mp4
[2010.05.24 20:35:21 | 000,026,624 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc
[2010.05.24 13:39:46 | 001,752,590 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\Vorschau.pdf
[2010.05.24 13:39:46 | 000,032,256 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc
[2010.05.24 13:39:46 | 000,017,435 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx
[2010.05.24 13:39:46 | 000,012,468 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx
[2010.05.24 13:39:46 | 000,002,684 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\hosts
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
========== Alternate Data Streams ==========
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Vorschau.pdf:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Temporary Downloaded Files:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Outlook-Dateien:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\OneNote-Notizbücher:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Notes:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\My PSP Files:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\MeineWebSeiten:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Meine Corel-Shows:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\ICQ:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\HP Photosmart Projects:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\hosts:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Eigene Scans:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Eigene PaperPort-Dokumente:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\DriverGenius:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Downloads:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\CyberLink:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Adobe:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Desktop\Desktop:Mac_Metadata
< End of report >
--- --- ---
und
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4168
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
03.06.2010 23:54:58
mbam-log-2010-06-03 (23-54-58).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|H:\|N:\|)
Durchsuchte Objekte: 418255
Laufzeit: 41 Minute(n), 53 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{sjh5qq24-ed6n-wb4h-svu6-010843642ux7} (Generic.Bot.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> No action taken.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winupdate (Spyware.Passwords) -> No action taken.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) |
