| |
| |||||||
Log-Analyse und Auswertung: HjackThis LOgfileWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.04.2010, 23:08
| #1 |
| |  HjackThis LOgfileCode:
ATTFilter Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:44:08, on 16.04.2010 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\System Control Manager\MGSysCtrl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\program files\avira\antivir desktop\avscan.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msi.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 5501 bytes das ist der logfile... jetzt habe ich noch mal mit Oldtimer noch 2 logs gemacht. Code:
ATTFilter OTL logfile created on: 4/16/2010 11:46:34 PM - Run 1 OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\*********\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free 6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 182.30 Gb Total Space | 152.22 Gb Free Space | 83.50% Space Free | Partition Type: NTFS Drive D: | 273.46 Gb Total Space | 232.64 Gb Free Space | 85.07% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: C********** Current User Name: C********** Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\*********\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\program files\avira\antivir desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation) PRC - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG) ========== Modules (SafeList) ========== MOD - C:\Users\*********\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (Micro Star SCM) -- C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG) SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (netr28) -- C:\Windows\System32\drivers\netr28.sys (Ralink Technology, Corp.) DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation) DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION) DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation) DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\system32\DRIVERS\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.) DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation ) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION) DRV - (RTL8187Se) -- C:\Windows\System32\drivers\RTL8187Se.sys (Realtek Semiconductor Corporation ) DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (toshidpt) -- C:\Windows\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.) DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.) DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation) DRV - (tosporte) -- C:\Windows\system32\DRIVERS\tosporte.sys (TOSHIBA Corporation) DRV - (enecirhid) -- C:\Windows\system32\DRIVERS\enecirhid.sys (ENE TECHNOLOGY INC.) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (RSUSBSTOR) -- C:\Windows\System32\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV - (enecirhidma) -- C:\Windows\system32\DRIVERS\enecirhidma.sys (ENE TECHNOLOGY INC.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msi.com IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/02 17:09:08 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/16 23:09:45 | 000,000,000 | ---D | M] [2010/03/30 23:37:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\mozilla\Extensions [2010/04/16 23:17:05 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\1fa495pj.default\extensions [2010/04/14 21:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions [2010/03/16 20:28:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2010/03/16 20:28:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010/03/16 20:28:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2010/03/16 20:28:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2010/03/16 20:28:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll (IniCom Networks, Inc.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010/04/16 23:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro [2010/04/16 23:07:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010/04/16 16:51:27 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010/04/16 16:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression [2010/04/14 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\SWiSH Max3 [2010/04/14 21:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWiSHzone.com [2010/04/14 20:10:41 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010/04/14 20:10:40 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010/04/14 20:10:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010/04/13 21:34:24 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\ManyCam [2010/04/13 19:52:11 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll [2010/04/13 19:44:21 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Visual Studio 2008 [2010/04/13 00:20:32 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010/04/13 00:20:09 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010/04/13 00:19:48 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010/04/13 00:19:27 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010/04/13 00:19:03 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010/04/13 00:18:34 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010/04/12 19:20:53 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\MAGIX [2010/04/12 19:20:49 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Xara [2010/04/12 19:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services [2010/04/11 19:46:02 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Nvu [2010/04/11 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu [2010/04/11 19:18:02 | 000,000,000 | ---D | C] -- C:\Windows\PreviewSoft [2010/04/11 19:17:48 | 000,000,000 | ---D | C] -- C:\Windows\Noslip [2010/04/08 22:55:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\FreeFixer [2010/04/08 22:55:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\FreeFixer [2010/04/08 22:02:57 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\DVDVideoSoft [2010/04/08 22:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2010/04/08 22:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2010/04/08 21:35:03 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_MusicMakerHipHopEdition2 [2010/04/08 21:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2 [2010/04/08 21:27:45 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\rewire.dll [2010/04/08 21:27:43 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Image-Line [2010/04/08 21:27:30 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\System32\vorbis.acm [2010/04/08 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins [2010/04/08 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim [2010/04/08 21:24:33 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line [2010/04/08 01:58:10 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\ManyCam [2010/04/04 02:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2010/04/03 01:03:50 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_Screenshare [2010/04/03 01:03:09 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_Speed2_burnR_mxcdr [2010/04/03 01:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xara [2010/04/03 01:02:40 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll [2010/04/03 01:02:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll [2010/04/03 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared [2010/04/03 01:02:38 | 000,913,408 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe [2010/04/03 01:02:38 | 000,644,384 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll [2010/04/03 01:02:38 | 000,202,016 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll [2010/04/03 01:02:38 | 000,173,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll [2010/04/03 01:02:38 | 000,161,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll [2010/04/03 01:02:38 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll [2010/04/03 01:02:38 | 000,111,904 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll [2010/04/03 01:02:38 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll [2010/04/03 01:02:38 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll [2010/04/03 01:02:38 | 000,058,656 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll [2010/04/03 01:02:38 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll [2010/04/03 01:02:38 | 000,054,560 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll [2010/04/03 01:02:38 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll [2010/04/03 01:02:38 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll [2010/04/03 01:02:38 | 000,042,272 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll [2010/04/03 01:02:38 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll [2010/04/03 01:02:38 | 000,038,176 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll [2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll [2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll [2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll [2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll [2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll [2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll [2010/04/03 01:02:18 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_MP3_Maker_15_Download-Version [2010/04/03 01:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2010/04/03 01:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX [2010/04/03 01:01:47 | 000,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll [2010/04/03 01:01:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX [2010/04/02 18:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2010/04/02 18:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape [2010/04/01 18:00:16 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010/03/31 18:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Pixelan [2010/03/31 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2010/03/31 17:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010/03/31 13:27:01 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010/03/31 13:27:01 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010/03/31 13:27:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010/03/30 23:39:26 | 000,000,000 | ---D | C] -- C:\Users\********\Tracing [2010/03/30 23:38:52 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Macromedia [2010/03/30 23:38:52 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Adobe [2010/03/30 23:36:55 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Mozilla [2010/03/30 23:19:13 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Avira [2010/03/30 20:24:05 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\TeamViewer [2010/03/30 20:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2010/03/30 19:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010/03/30 19:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/03/30 19:09:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010/03/30 19:09:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010/03/30 19:09:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010/03/30 19:03:12 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ElevatedDiagnostics [2010/03/30 05:07:36 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010/03/30 02:13:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\vlc [2010/03/30 01:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2010/03/30 00:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010/03/30 00:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2010/03/29 23:50:29 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll [2010/03/29 23:39:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010/03/29 23:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus! [2010/03/29 23:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live [2010/03/29 23:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\FlashFXP [2010/03/29 23:25:38 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Microsoft Help [2010/03/29 23:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010/03/29 23:14:33 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\HyperCam3 [2010/03/29 23:07:42 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Mozilla [2010/03/29 22:56:53 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010/03/29 22:56:52 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010/03/29 22:56:52 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010/03/29 22:56:52 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010/03/29 22:49:39 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010/03/29 22:49:39 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010/03/29 22:49:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010/03/29 22:49:38 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010/03/29 22:47:44 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010/03/29 22:47:40 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010/03/29 22:47:40 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010/03/29 22:47:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010/03/29 22:47:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010/03/29 22:47:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010/03/29 22:47:40 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010/03/29 22:47:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010/03/29 22:47:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010/03/29 22:47:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010/03/29 22:47:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010/03/29 22:47:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010/03/29 22:47:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010/03/29 22:47:34 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010/03/29 22:47:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010/03/29 22:47:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010/03/29 22:47:33 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010/03/29 22:41:42 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX [2010/03/29 22:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam [2010/03/29 22:15:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010/03/29 22:15:41 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010/03/29 22:15:41 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010/03/29 22:15:41 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010/03/29 22:15:41 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010/03/29 22:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010/03/29 22:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2010/03/29 22:14:51 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010/03/29 22:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft [2010/03/29 22:13:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010/03/29 22:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive [2010/03/29 22:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2010/03/29 22:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2010/03/29 21:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010/03/29 21:34:44 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010/03/29 21:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Toshiba [2010/03/29 21:29:35 | 000,059,904 | ---- | C] (ENE TECHNOLOGY INC.) -- C:\Windows\System32\drivers\enecir.sys [2010/03/29 21:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2010/03/29 21:20:28 | 000,722,720 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr28.sys [2010/03/29 21:20:28 | 000,226,592 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll [2010/03/29 20:21:38 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Toshiba [2010/03/29 20:21:30 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ArcSoft [2010/03/29 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\ATI [2010/03/29 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ATI [2010/03/29 20:21:14 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\ArcSoft [2010/03/29 20:20:51 | 000,000,000 | R--D | C] -- C:\Users\*********\Searches [2010/03/29 20:20:43 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Identities [2010/03/29 20:20:41 | 000,000,000 | R--D | C] -- C:\Users\*********\Contacts [2010/03/29 20:18:18 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\VirtualStore [2010/03/29 20:18:16 | 000,000,000 | --SD | C] -- C:\Users\*********\AppData\Roaming\Microsoft [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Videos [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Saved Games [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Pictures [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Music [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Links [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Favorites [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Downloads [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Documents [2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Desktop [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Vorlagen [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Verlauf [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Temporary Internet Files [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Startmenü [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\SendTo [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Recent [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Netzwerkumgebung [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Lokale Einstellungen [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Videos [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Musik [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Eigene Dateien [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Bilder [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Druckumgebung [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Cookies [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Anwendungsdaten [2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Anwendungsdaten [2010/03/29 20:18:16 | 000,000,000 | -H-D | C] -- C:\Users\*********\AppData [2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Temp [2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Microsoft [2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Media Center Programs [2010/03/29 20:16:07 | 000,000,000 | -HSD | C] -- C:\Recovery [2010/03/29 20:15:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution ========== Files - Modified Within 30 Days ========== [2010/04/16 23:49:07 | 001,835,008 | -HS- | M] () -- C:\Users\**********\NTUSER.DAT [2010/04/16 23:38:34 | 000,002,053 | ---- | M] () -- C:\Users\**********\Desktop\HijackThis.lnk [2010/04/16 23:24:22 | 000,083,568 | ---- | M] () -- C:\Users\**********\AppData\Local\GDIPFONTCACHEV1.DAT [2010/04/16 23:22:23 | 002,045,611 | -H-- | M] () -- C:\Users\C*********\AppData\Local\IconCache.db [2010/04/16 23:15:50 | 000,000,009 | ---- | M] () -- C:\Windows\ULEAD32.INI [2010/04/16 23:15:48 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010/04/16 23:15:48 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010/04/16 23:07:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010/04/16 23:07:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010/04/16 23:07:30 | 2415,419,392 | -HS- | M] () -- C:\hiberfil.sys [2010/04/14 21:39:08 | 000,684,954 | ---- | M] () -- C:\Windows\System32\perfh00C.dat [2010/04/14 21:39:08 | 000,684,000 | ---- | M] () -- C:\Windows\System32\perfh00A.dat [2010/04/14 21:39:08 | 000,680,010 | ---- | M] () -- C:\Windows\System32\perfh010.dat [2010/04/14 21:39:08 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010/04/14 21:39:08 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010/04/14 21:39:08 | 000,133,704 | ---- | M] () -- C:\Windows\System32\perfc00A.dat [2010/04/14 21:39:08 | 000,127,070 | ---- | M] () -- C:\Windows\System32\perfc00C.dat [2010/04/14 21:39:08 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010/04/14 21:39:08 | 000,124,006 | ---- | M] () -- C:\Windows\System32\perfc010.dat [2010/04/14 21:39:08 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010/04/14 21:30:43 | 000,000,020 | ---- | M] () -- C:\Windows\8ô~ [2010/04/13 22:51:42 | 000,338,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010/04/13 19:52:12 | 004,400,552 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI [2010/04/11 19:45:23 | 000,000,865 | ---- | M] () -- C:\Users\*********\Desktop\Nvu.lnk [2010/04/08 22:03:03 | 000,001,211 | ---- | M] () -- C:\Users\*********\Desktop\DVDVideoSoft Free Studio.lnk [2010/04/08 21:45:00 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini [2010/04/08 21:35:32 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker Hip Hop Edition 2.lnk [2010/04/08 21:28:49 | 000,001,110 | ---- | M] () -- C:\Users\*********\Desktop\ASIO4ALL v2 Instruction Manual.lnk [2010/04/08 21:27:44 | 000,001,111 | ---- | M] () -- C:\Users\*********\Desktop\FL Studio 9.lnk [2010/04/05 14:20:12 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000002.regtrans-ms [2010/04/05 14:20:12 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000001.regtrans-ms [2010/04/05 14:20:12 | 000,065,536 | -HS- | M] () -- C:\Users\********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TM.blf [2010/04/03 21:53:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010/04/02 18:08:42 | 000,001,003 | ---- | M] () -- C:\Users\*********\Desktop\PhotoScape.lnk [2010/03/31 18:01:06 | 000,002,532 | ---- | M] () -- C:\Users\*********\Documents\Vegas Pro registrieren.htm [2010/03/30 22:47:32 | 000,007,652 | ---- | M] () -- C:\Users\*********\AppData\Local\Resmon.ResmonCfg [2010/03/30 05:15:36 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf [2010/03/30 01:23:01 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/03/30 00:03:42 | 000,001,845 | ---- | M] () -- C:\Users\*********\Desktop\CCleaner.lnk [2010/03/29 23:48:59 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000002.regtrans-ms [2010/03/29 23:48:59 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000001.regtrans-ms [2010/03/29 23:48:59 | 000,065,536 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TM.blf [2010/03/29 23:21:05 | 000,003,584 | ---- | M] () -- C:\Users\*********\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/29 22:16:01 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/03/29 22:14:35 | 000,000,020 | ---- | M] () -- C:\Windows\4úy [2010/03/29 21:36:25 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/29 20:25:42 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010/03/29 20:25:42 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010/03/29 20:25:42 | 000,065,536 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010/03/29 20:18:16 | 000,000,020 | -HS- | M] () -- C:\Users\*********\ntuser.ini ========== Files Created - No Company Name ========== [2010/04/16 23:38:34 | 000,002,053 | ---- | C] () -- C:\Users\*********\Desktop\HijackThis.lnk [2010/04/14 21:30:43 | 000,000,020 | ---- | C] () -- C:\Windows\8ô~ [2010/04/11 19:45:23 | 000,000,865 | ---- | C] () -- C:\Users\*********\Desktop\Nvu.lnk [2010/04/11 19:17:57 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI [2010/04/08 22:02:59 | 000,001,211 | ---- | C] () -- C:\Users\*********\Desktop\DVDVideoSoft Free Studio.lnk [2010/04/08 21:35:47 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll [2010/04/08 21:35:32 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker Hip Hop Edition 2.lnk [2010/04/08 21:28:49 | 000,001,110 | ---- | C] () -- C:\Users\*********\Desktop\ASIO4ALL v2 Instruction Manual.lnk [2010/04/08 21:27:44 | 000,001,111 | ---- | C] () -- C:\Users\*********\Desktop\FL Studio 9.lnk [2010/04/05 14:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000002.regtrans-ms [2010/04/05 14:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000001.regtrans-ms [2010/04/05 14:20:11 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TM.blf [2010/04/03 21:53:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010/04/03 01:02:38 | 000,014,182 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib [2010/04/03 01:02:04 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2010/04/03 01:01:47 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini [2010/04/02 18:08:42 | 000,001,003 | ---- | C] () -- C:\Users\*********\Desktop\PhotoScape.lnk [2010/03/31 17:59:16 | 000,002,532 | ---- | C] () -- C:\Users\*********\Documents\Vegas Pro registrieren.htm [2010/03/30 22:47:32 | 000,007,652 | ---- | C] () -- C:\Users\*********\AppData\Local\Resmon.ResmonCfg [2010/03/30 05:07:36 | 2415,419,392 | -HS- | C] () -- C:\hiberfil.sys [2010/03/30 01:23:01 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2010/03/30 00:03:42 | 000,001,845 | ---- | C] () -- C:\Users\*********\Desktop\CCleaner.lnk [2010/03/29 23:48:58 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000002.regtrans-ms [2010/03/29 23:48:58 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000001.regtrans-ms [2010/03/29 23:48:58 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TM.blf [2010/03/29 23:21:05 | 000,003,584 | ---- | C] () -- C:\Users\*********\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/03/29 22:16:01 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010/03/29 22:14:35 | 000,000,020 | ---- | C] () -- C:\Windows\4úy [2010/03/29 21:36:25 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010/03/29 21:20:28 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2010/03/29 20:18:16 | 001,835,008 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT [2010/03/29 20:18:16 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2010/03/29 20:18:16 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2010/03/29 20:18:16 | 000,262,144 | -HS- | C] () -- C:\Users\*********\ntuser.dat.LOG1 [2010/03/29 20:18:16 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2010/03/29 20:18:16 | 000,000,020 | -HS- | C] () -- C:\Users\*********\ntuser.ini [2010/03/29 20:18:16 | 000,000,000 | -HS- | C] () -- C:\Users\*********\ntuser.dat.LOG2 [2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll < End of report > würde mich wirklich freuen wenn man es mal checken könnte, obs sich dabei waas ergibt halt ob mein system sauber ist  danke im vorraus für di ebemühung & ist es normal das bei mir 53 bis 60 prozesse am laufen sind oder angezeigt wird ? erkkennt man das in den logfiles ? harun Geändert von DJHARUN (16.04.2010 um 23:14 Uhr) |
|
| Themen zu HjackThis LOgfile |
| antivir, antivir guard, avgntflt.sys, avira, bho, components, conhost.exe, corp./icp, desktop, error, excel, firefox, firefox 3.6.3, fontcache, helper, hijack, hijackthis, home, home premium, internet, internet explorer, location, logfile, magix, media center, mozilla, mp3, nvstor.sys, object, oldtimer, otl logfile, otl.exe, plug-in, programdata, realtek, registry, searchplugins, security, server, software, studio, system, visual studio, webcheck, windows |
Linear-Darstellung
