Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet Explorer öffnet Seiten mit Werbung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.05.2010, 05:58   #1
Solluno
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



Hallo liebes Trojaner-Board,

ich wende mich heute mit einer Bitte an euch mir mit folgendem Problem zu helfen:
Mein Internet Explorer öffnet andauernd Seiten mit Werbung die ich zwar wieder wegklicken kann, aber es nervt. Dazu tretten noch andere komische Phänomene auf, wie zum Beispiel, dass ich nichts mehr öffnen kann mit Doppelklick. Stattdessen erscheint die Editierbox für den Namen der Datei oder des Ordners oder was auch immer.
Im folgenden "arbeite" ich die Punkte ab.
1.CCleaner vollständig ausgeführt
2.Malwarebytes gibt mir folgende Logdatei:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4140

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.05.2010 05:42:06
mbam-log-2010-05-25 (05-42-06).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 117168
Laufzeit: 5 Minute(n), 29 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\m5t8ql3yw3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Florian\AppData\Local\Temp\Jxf.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Users\Florian\downloads\Serial_RecordPad.45059.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Florian\AppData\Local\Temp\Jxh.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.


3. Rsit konnte ich nicht verwenden aus folgendem Grund:
Kostenloser Bilder Upload Service - Gratis Bilder hochladen / uploaden ohne Anmeldung

Jedoch funktioniert HijackThis selber immer noch, daher kann ich ein Logfile wenn nötig nachreichen.

Ich arbeite mit Win7 Enterprise 32bit Version.

Ich hoffe ihr könnt mir mit meinem Problem weiterhelfen

MfG Solluno =)

Alt 25.05.2010, 15:10   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



Hallo und

bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 25.05.2010, 16:36   #3
Solluno
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



Vielen dank für die Antwort =)

Malewarebyts, Voller Scan - Log:


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4140

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

25.05.2010 16:23:24
mbam-log-2010-05-25 (16-23-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 227824
Laufzeit: 59 Minute(n), 33 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 2

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Florian\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage\keygen.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
__________________

Alt 25.05.2010, 16:39   #4
Solluno
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 25.05.2010 16:25:25 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Florian\Downloads
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,96 Gb Total Space | 23,97 Gb Free Space | 31,56% Space Free | Partition Type: NTFS
Drive D: | 54,25 Gb Total Space | 18,07 Gb Free Space | 33,31% Space Free | Partition Type: FAT32
Drive E: | 18,82 Gb Total Space | 17,39 Gb Free Space | 92,41% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 596,02 Gb Total Space | 264,16 Gb Free Space | 44,32% Space Free | Partition Type: FAT32
 
Computer Name: FLORIAN-PC
Current User Name: Florian
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\IObit\Game Booster\gbtray.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Media Player\wmprph.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\prevhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Florian\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WLMS) -- C:\Windows\System32\wlms\wlms.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Capture Device Service) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe (InterVideo Inc.)
SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (U6000ALL) U6000 TV Box(ALL) -- C:\Windows\System32\drivers\U6000ALL.sys ()
DRV - (cpudrv) -- C:\Program Files\SystemRequirementsLab\cpudrv.sys ()
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LGVirHid) -- C:\Windows\System32\drivers\LGVirHid.sys (Logitech Inc.)
DRV - (LGBusEnum) -- C:\Windows\System32\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (DSDrv4) -- C:\PROGRA~2\DScaler\DSDrv4.sys ()
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (Atc002) -- C:\Windows\System32\drivers\l260x86.sys (Atheros Communications, Inc.)
DRV - (EIO1) -- C:\Windows\System32\drivers\EIO1.sys (ASUSTeK Computer Inc.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\Windows\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\Windows\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.seelensturm.com"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: {5c8bfb7c-9a54-11dc-8314-0800200c9a66}:3.6.3
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.05.08 04:39:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.24 09:48:05 | 000,000,000 | ---D | M]
 
[2010.05.08 03:40:57 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions
[2010.05.24 17:46:07 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions
[2010.05.08 13:48:56 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.05.08 05:21:59 | 000,000,000 | ---D | M] (Aero Fox) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010.05.08 05:24:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.05.08 05:22:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\opensearch@ask.com
[2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\browser\extensions
[2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\mac\mozapps\extensions
[2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\browser\extensions
[2010.05.08 05:21:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\5z3ikmye.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}\chrome\win\mozapps\extensions
[2010.05.25 14:28:55 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010.05.25 14:28:55 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.05.08 04:09:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.05.08 04:09:03 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{09ae9360-6707-11df-a19c-001e8c12810e}\Shell - "" = AutoRun
O33 - MountPoints2\{09ae9360-6707-11df-a19c-001e8c12810e}\Shell\AutoRun\command - "" = H:\Set-up.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.05.25 14:31:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\skypePM
[2010.05.25 14:29:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Skype
[2010.05.25 14:28:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.05.25 14:28:37 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.05.25 14:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.05.25 05:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.05.25 05:49:34 | 000,000,000 | ---D | C] -- C:\rsit
[2010.05.25 05:34:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes
[2010.05.25 05:34:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.05.25 05:34:17 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.05.25 05:34:17 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.05.25 05:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.05.25 05:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010.05.24 14:53:40 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Florian\Desktop\HiJackThis204.exe
[2010.05.24 14:48:59 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\audacity_temp
[2010.05.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Recordpad
[2010.05.24 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Recordpad
[2010.05.24 13:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Swift Sound
[2010.05.24 13:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2010.05.24 13:41:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\NCH Swift Sound
[2010.05.24 10:00:06 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.05.24 09:55:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2010.05.24 09:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.05.24 09:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.05.24 09:31:51 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DAEMON Tools Lite
[2010.05.24 09:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.05.24 09:25:22 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage
[2010.05.24 01:36:22 | 000,000,000 | ---D | C] -- C:\Program Files\Veetle
[2010.05.24 01:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\SopCast
[2010.05.23 22:31:39 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010.05.23 16:54:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Logitech
[2010.05.23 16:53:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.05.23 16:53:40 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010.05.23 14:31:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\GHISLER
[2010.05.23 14:25:54 | 000,000,000 | ---D | C] -- C:\totalcmd
[2010.05.23 14:25:54 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\GHISLER
[2010.05.23 12:08:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.05.21 21:49:11 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Ulead VideoStudio SE
[2010.05.21 21:44:32 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.05.21 21:44:24 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media-Komponenten
[2010.05.21 21:21:00 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\mIRC
[2010.05.21 21:21:00 | 000,000,000 | ---D | C] -- C:\Program Files\mIRC
[2010.05.21 18:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.05.20 21:08:57 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DScaler4
[2010.05.20 20:41:39 | 000,000,000 | ---D | C] -- C:\Program Files\DScaler
[2010.05.20 20:19:17 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Adobe
[2010.05.20 20:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.05.20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.05.20 20:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.05.20 17:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mydrv
[2010.05.20 16:58:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Ulead VideoStudio
[2010.05.20 16:57:34 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Ulead Systems
[2010.05.20 16:55:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InterVideo
[2010.05.20 16:54:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010.05.20 16:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ulead Systems
[2010.05.20 16:53:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems
[2010.05.20 16:37:15 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\System32\SER9PL.sys
[2010.05.20 16:28:19 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\MAGIX
[2010.05.20 16:25:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2010.05.20 16:25:41 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe
[2010.05.20 16:25:41 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll
[2010.05.20 16:25:41 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll
[2010.05.20 16:25:41 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll
[2010.05.20 16:25:41 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll
[2010.05.20 16:25:41 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll
[2010.05.20 16:25:41 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll
[2010.05.20 16:25:41 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.05.20 16:25:41 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll
[2010.05.20 16:25:41 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll
[2010.05.20 16:25:41 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll
[2010.05.20 16:25:40 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll
[2010.05.20 16:25:40 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll
[2010.05.20 16:25:40 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll
[2010.05.20 16:25:40 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll
[2010.05.20 16:25:40 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll
[2010.05.20 16:25:40 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll
[2010.05.20 16:25:40 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll
[2010.05.20 16:25:40 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll
[2010.05.20 16:25:40 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll
[2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll
[2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll
[2010.05.20 16:25:40 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll
[2010.05.20 16:25:40 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll
[2010.05.20 16:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2010.05.20 16:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2010.05.20 16:19:45 | 000,000,000 | ---D | C] -- C:\Program Files\Noël Danjou
[2010.05.20 14:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\EZ Grabber
[2010.05.15 02:15:24 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\dvdcss
[2010.05.13 17:59:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010.05.13 17:59:28 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010.05.12 17:48:51 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Verlauf
[2010.05.11 14:27:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org
[2010.05.11 14:22:16 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.05.09 23:17:32 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.05.09 22:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.05.09 18:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.05.09 17:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\Messer
[2010.05.09 16:09:46 | 000,000,000 | ---D | C] -- C:\Program Files\No23 Recorder
[2010.05.09 13:32:12 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Acreon
[2010.05.09 13:32:10 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\._Revolution_
[2010.05.09 09:39:54 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.05.09 09:39:54 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.05.09 09:39:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.05.09 09:39:50 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.05.09 09:39:48 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.05.09 09:39:48 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.05.09 09:39:43 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.05.09 09:39:43 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.05.09 09:39:42 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.05.09 09:39:41 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.05.09 09:39:36 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.05.09 09:39:36 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.05.09 09:39:36 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.05.09 09:39:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.05.09 09:39:32 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.05.09 09:39:32 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.05.09 09:39:32 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.05.09 09:39:30 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.05.09 09:39:30 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.05.09 09:39:27 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.05.09 09:39:21 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.05.08 23:19:03 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\TechSmith
[2010.05.08 23:18:53 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Camtasia Studio
[2010.05.08 23:16:56 | 000,000,000 | ---D | C] -- C:\Windows\System32\QuickTime
[2010.05.08 23:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2010.05.08 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TechSmith Shared
[2010.05.08 23:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\TechSmith
[2010.05.08 22:25:00 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Harry Potter
[2010.05.08 19:46:08 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\ICQ
[2010.05.08 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\vlc
[2010.05.08 16:32:03 | 000,046,592 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusb0.dll
[2010.05.08 16:32:03 | 000,019,456 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusbd-9x.exe
[2010.05.08 16:32:03 | 000,018,944 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\System32\libusbd-nt.exe
[2010.05.08 16:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\LibUSB-Win32-0.1.10.1
[2010.05.08 14:15:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\gtk-2.0
[2010.05.08 13:58:07 | 000,000,000 | ---D | C] -- C:\Users\Florian\.thumbnails
[2010.05.08 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\gegl-0.0
[2010.05.08 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\.gimp-2.6
[2010.05.08 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\FireShot
[2010.05.08 13:21:04 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Avira
[2010.05.08 12:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.05.08 12:53:17 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.05.08 12:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.05.08 12:52:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.05.08 12:52:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.05.08 12:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.05.08 12:20:37 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.05.08 12:20:37 | 000,274,432 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.05.08 12:20:37 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.05.08 12:20:37 | 000,100,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtiHdmi.sys
[2010.05.08 12:20:37 | 000,050,176 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.05.08 12:20:37 | 000,027,136 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.05.08 12:20:37 | 000,020,480 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.05.08 12:20:36 | 014,129,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.05.08 12:20:36 | 005,320,192 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atipmdag.sys
[2010.05.08 12:20:36 | 005,320,192 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.05.08 12:20:36 | 003,649,536 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.05.08 12:20:36 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.05.08 12:20:36 | 000,426,496 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.05.08 12:20:36 | 000,372,736 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.05.08 12:20:36 | 000,233,472 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.05.08 12:20:36 | 000,172,032 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.05.08 12:20:36 | 000,150,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.05.08 12:20:36 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.05.08 12:20:36 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.05.08 12:20:36 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.05.08 12:20:36 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.05.08 12:20:36 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.05.08 12:20:36 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.05.08 12:20:36 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.05.08 12:20:36 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.05.08 12:20:36 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.05.08 12:20:36 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.05.08 12:20:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\ati8703_Win7Vista32
[2010.05.08 12:20:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\WinRAR
[2010.05.08 12:17:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Download Manager
[2010.05.08 12:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.05.08 11:42:12 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Blizzard Entertainment
[2010.05.08 11:39:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010.05.08 11:33:29 | 000,012,672 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\System32\drivers\EIO1.sys
[2010.05.08 11:33:28 | 000,000,000 | ---D | C] -- C:\Program Files\VGAINFO
[2010.05.08 06:05:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\ATI
[2010.05.08 06:05:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\ATI
[2010.05.08 06:00:36 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\ElevatedDiagnostics
[2010.05.08 05:58:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L2
[2010.05.08 05:53:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.05.08 05:51:57 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.05.08 05:51:55 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.05.08 05:51:54 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.05.08 05:51:54 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.05.08 05:51:54 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.05.08 05:51:54 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.05.08 05:51:50 | 001,083,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.05.08 05:51:48 | 003,086,752 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.05.08 05:51:47 | 001,775,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.05.08 05:51:44 | 000,058,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.05.08 05:51:43 | 000,367,136 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.05.08 05:51:39 | 003,583,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.05.08 05:51:31 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.05.08 05:51:31 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.05.08 05:51:31 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.05.08 05:51:31 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.05.08 05:51:29 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.05.08 05:51:29 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.05.08 05:51:28 | 000,253,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.05.08 05:51:27 | 001,312,088 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.05.08 05:51:25 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.05.08 05:51:25 | 000,253,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.05.08 05:51:25 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.05.08 05:51:25 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.05.08 05:51:22 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.05.08 05:51:22 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.05.08 05:51:22 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.05.08 05:51:22 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.05.08 05:51:21 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.05.08 05:51:21 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.05.08 05:51:21 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.05.08 05:51:21 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.05.08 05:51:21 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.05.08 05:51:21 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.05.08 05:51:21 | 000,145,760 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.05.08 05:51:21 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.05.08 05:51:21 | 000,103,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.05.08 05:51:21 | 000,102,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.05.08 05:51:21 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.05.08 05:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.05.08 05:51:17 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2010.05.08 05:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2010.05.08 05:51:01 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.05.08 05:50:48 | 001,251,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.05.08 05:50:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.05.08 05:47:53 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2010.05.08 05:47:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\SystemRequirementsLab
[2010.05.08 05:47:01 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.05.08 05:43:01 | 000,000,000 | ---D | C] -- C:\Program Files\World of Warcraft
[2010.05.08 04:51:03 | 000,000,000 | R-SD | C] -- C:\Users\Florian\Documents\My Stationery
[2010.05.08 04:46:03 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\Meine empfangenen Dateien
[2010.05.08 04:30:39 | 000,000,000 | ---D | C] -- C:\Users\Florian\Desktop\opmusic
[2010.05.08 04:21:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Apple Computer
[2010.05.08 04:21:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Apple Computer
[2010.05.08 04:21:21 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.05.08 04:21:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.05.08 04:19:41 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010.05.08 04:19:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Apple
[2010.05.08 04:19:26 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010.05.08 04:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010.05.08 04:18:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.05.08 04:16:37 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.05.08 04:15:33 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.05.08 04:14:06 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\DVDVideoSoft
[2010.05.08 04:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.05.08 04:13:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.05.08 04:13:54 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.05.08 04:13:54 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.05.08 04:13:26 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2010.05.08 04:13:17 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Winamp
[2010.05.08 04:13:17 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2010.05.08 04:12:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.05.08 04:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010.05.08 04:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.05.08 04:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.05.08 04:09:36 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\uTorrent
[2010.05.08 04:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.05.08 04:09:17 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.05.08 04:09:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.05.08 04:09:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.05.08 04:09:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.05.08 04:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010.05.08 04:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.05.08 04:07:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\JDownloader
[2010.05.08 04:07:16 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2010.05.08 04:05:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\DivX
[2010.05.08 04:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.05.08 04:04:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared
[2010.05.08 04:04:55 | 000,000,000 | ---D | C] -- C:\Users\Florian\Documents\FFOutput
[2010.05.08 04:04:47 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2010.05.08 04:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime
[2010.05.08 04:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.05.08 04:03:33 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity
[2010.05.08 03:59:27 | 000,000,000 | ---D | C] -- C:\Users\Florian\Tracing
[2010.05.08 03:58:07 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.05.08 03:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.05.08 03:56:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010.05.08 03:56:13 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.05.08 03:55:57 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010.05.08 03:55:43 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.05.08 03:55:42 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.05.08 03:55:42 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.05.08 03:55:42 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.05.08 03:55:42 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.05.08 03:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.05.08 03:55:41 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010.05.08 03:55:35 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010.05.08 03:55:16 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.05.08 03:53:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.05.08 03:51:21 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.05.08 03:50:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010.05.08 03:48:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Macromedia
[2010.05.08 03:48:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Adobe
[2010.05.08 03:48:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.05.08 03:47:56 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2010.05.08 03:47:55 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.05.08 03:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.1
[2010.05.08 03:40:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Mozilla
[2010.05.08 03:40:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Mozilla
[2010.05.08 03:39:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.05.08 03:35:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\ICQ
[2010.05.08 03:35:25 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\AOL
[2010.05.08 03:29:39 | 000,000,000 | R--D | C] -- C:\Users\Florian\Searches
[2010.05.08 03:29:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Identities
[2010.05.08 03:29:26 | 000,000,000 | R--D | C] -- C:\Users\Florian\Contacts
[2010.05.08 03:29:18 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\VirtualStore
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Vorlagen
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Verlauf
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Temporary Internet Files
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Startmenü
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\SendTo
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Recent
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Netzwerkumgebung
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Lokale Einstellungen
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Videos
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Musik
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Eigene Dateien
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Documents\Eigene Bilder
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Druckumgebung
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Cookies
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\AppData\Local\Anwendungsdaten
[2010.05.08 03:29:17 | 000,000,000 | -HSD | C] -- C:\Users\Florian\Anwendungsdaten
[2010.05.08 03:29:16 | 000,000,000 | --SD | C] -- C:\Users\Florian\AppData\Roaming\Microsoft
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Videos
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Saved Games
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Pictures
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Music
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Links
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Favorites
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Downloads
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Documents
[2010.05.08 03:29:16 | 000,000,000 | R--D | C] -- C:\Users\Florian\Desktop
[2010.05.08 03:29:16 | 000,000,000 | -H-D | C] -- C:\Users\Florian\AppData
[2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Temp
[2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Microsoft
[2010.05.08 03:29:16 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Media Center Programs
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.05.08 03:28:59 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.05.08 03:21:08 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.05.08 03:18:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.05.08 03:07:10 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.05.08 02:06:05 | 000,028,672 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\l260x86.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
 
========== Files - Modified Within 30 Days ==========
 
[2010.05.25 16:27:18 | 001,835,008 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT
[2010.05.25 16:23:40 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\etti.sys
[2010.05.25 15:08:41 | 000,126,577 | ---- | M] () -- C:\Users\Florian\Desktop\sad_smiley_by_shangyne.jpg
[2010.05.25 15:05:52 | 000,003,399 | ---- | M] () -- C:\Windows\messer.ini
[2010.05.25 14:41:57 | 242,073,600 | ---- | M] () -- C:\Users\Florian\Desktop\20100525-143653.MPG
[2010.05.25 14:41:57 | 000,000,526 | ---- | M] () -- C:\Windows\win.ini
[2010.05.25 14:31:29 | 000,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2010.05.25 14:28:39 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.05.25 05:42:16 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\amau.sys
[2010.05.25 05:34:21 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.25 05:25:46 | 000,001,831 | ---- | M] () -- C:\Users\Florian\Desktop\CCleaner.lnk
[2010.05.25 05:23:44 | 000,011,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.05.25 05:23:44 | 000,011,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.05.25 05:18:22 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.05.25 05:18:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.05.25 05:18:02 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2010.05.25 05:16:23 | 002,791,923 | -H-- | M] () -- C:\Users\Florian\AppData\Local\IconCache.db
[2010.05.24 15:04:16 | 003,693,728 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.05.24 14:53:41 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Florian\Desktop\HiJackThis204.exe
[2010.05.24 13:48:42 | 000,169,984 | ---- | M] () -- C:\Windows\Jqegea.exe
[2010.05.24 10:00:07 | 000,089,232 | ---- | M] () -- C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.05.24 09:48:06 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.05.24 09:32:44 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.24 09:32:44 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.24 01:33:52 | 000,000,949 | ---- | M] () -- C:\Users\Florian\Desktop\SopCast.lnk
[2010.05.23 22:29:36 | 000,000,899 | ---- | M] () -- C:\Users\Florian\Desktop\DScaler.lnk
[2010.05.23 20:42:43 | 000,012,895 | ---- | M] () -- C:\Users\Florian\.recently-used.xbel
[2010.05.23 20:27:30 | 005,011,796 | ---- | M] () -- C:\Users\Florian\Desktop\FireShot capture #004 - 'YouTube - Kanal von KonshinLP' - www_youtube_com_user_KonshinLP.png
[2010.05.23 16:54:08 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.05.23 16:54:02 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.05.23 16:08:37 | 000,012,288 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.23 14:25:55 | 000,000,632 | ---- | M] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2010.05.22 09:47:27 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.05.22 09:47:27 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.05.22 09:47:27 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.05.22 09:47:27 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.05.22 09:47:27 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.05.21 21:21:00 | 000,000,909 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010.05.20 14:27:30 | 000,001,793 | ---- | M] () -- C:\Users\Florian\Desktop\EZ Grabber.lnk
[2010.05.13 20:57:29 | 000,000,213 | ---- | M] () -- C:\Users\Florian\Desktop\Portal.url
[2010.05.13 18:52:46 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.05.12 23:42:47 | 000,000,038 | ---- | M] () -- C:\Windows\AviSplitter.INI
[2010.05.12 22:36:55 | 000,064,295 | ---- | M] () -- C:\Users\Florian\Desktop\Kons.jpg
[2010.05.09 22:25:22 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.05.09 18:55:35 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010.05.09 16:09:48 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\No23 Recorder.lnk
[2010.05.09 15:21:25 | 000,756,483 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin2.jpg
[2010.05.08 23:16:45 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2010.05.08 16:50:40 | 000,000,740 | ---- | M] () -- C:\Users\Florian\Desktop\Fraps.lnk
[2010.05.08 16:24:51 | 000,448,619 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin.jpg
[2010.05.08 16:23:57 | 017,627,344 | ---- | M] () -- C:\Users\Florian\Desktop\Konshin.xcf
[2010.05.08 12:53:45 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.08 11:41:39 | 000,001,455 | ---- | M] () -- C:\Users\Florian\Desktop\Launcher.lnk
[2010.05.08 04:55:13 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.05.08 04:17:03 | 000,001,197 | ---- | M] () -- C:\Users\Florian\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.08 04:16:24 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.05.08 04:16:23 | 000,000,356 | RHS- | M] () -- C:\Boot.ini.saved
[2010.05.08 04:09:53 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.08 04:09:02 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.05.08 04:09:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.05.08 04:09:02 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.05.08 04:09:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.05.08 04:08:21 | 000,000,860 | ---- | M] () -- C:\Users\Florian\Desktop\JDownloader.lnk
[2010.05.08 04:08:07 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010.05.08 04:04:40 | 000,001,156 | ---- | M] () -- C:\Users\Florian\Desktop\Format Factory.lnk
[2010.05.08 04:03:34 | 000,000,913 | ---- | M] () -- C:\Users\Florian\Desktop\Audacity.lnk
[2010.05.08 03:58:47 | 000,001,287 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Movie Maker.lnk
[2010.05.08 03:57:30 | 000,000,020 | ---- | M] () -- C:\Windows\$û„
[2010.05.08 03:57:20 | 000,002,200 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Mail.lnk
[2010.05.08 03:56:46 | 000,002,068 | ---- | M] () -- C:\Users\Florian\Desktop\Windows Live Messenger .lnk
[2010.05.08 03:55:54 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.05.08 03:48:10 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.1.lnk
[2010.05.08 03:39:54 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.05.08 03:31:43 | 000,524,288 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.05.08 03:31:43 | 000,524,288 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.05.08 03:31:43 | 000,065,536 | -HS- | M] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.05.08 03:29:17 | 000,000,020 | -HS- | M] () -- C:\Users\Florian\ntuser.ini
[2010.05.08 03:22:44 | 000,043,797 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.05.08 03:20:47 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.05.04 22:02:38 | 000,000,212 | -H-- | M] () -- C:\Boot.BAK
[2010.04.30 17:25:10 | 001,083,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.04.30 17:25:04 | 001,775,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.04.30 17:25:04 | 000,058,400 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.04.30 17:24:58 | 003,583,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.04.30 17:24:58 | 000,367,136 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.04.30 16:59:12 | 003,086,752 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.04.28 18:45:24 | 001,251,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.04.27 20:51:40 | 001,738,072 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.04.27 20:51:32 | 000,253,272 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.04.27 20:51:24 | 000,253,784 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.04.27 20:51:04 | 001,312,088 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.04.27 13:50:10 | 000,299,424 | ---- | M] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\System32\DivXControlPanelApplet.cpl
 
========== Files Created - No Company Name ==========
 
[2010.05.25 16:23:40 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\etti.sys
[2010.05.25 15:08:40 | 000,126,577 | ---- | C] () -- C:\Users\Florian\Desktop\sad_smiley_by_shangyne.jpg
[2010.05.25 14:36:53 | 242,073,600 | ---- | C] () -- C:\Users\Florian\Desktop\20100525-143653.MPG
[2010.05.25 14:31:29 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010.05.25 14:28:39 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.05.25 05:42:16 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\amau.sys
[2010.05.25 05:34:21 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.25 05:25:46 | 000,001,831 | ---- | C] () -- C:\Users\Florian\Desktop\CCleaner.lnk
[2010.05.24 13:48:55 | 000,169,984 | ---- | C] () -- C:\Windows\Jqegea.exe
[2010.05.24 09:48:06 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.05.24 09:32:44 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.05.24 09:32:44 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010.05.24 01:33:52 | 000,000,949 | ---- | C] () -- C:\Users\Florian\Desktop\SopCast.lnk
[2010.05.24 01:33:12 | 005,387,807 | ---- | C] () -- C:\Users\Florian\Desktop\Setup-SopCast-3.2.9-2010-3-23.exe
[2010.05.23 22:31:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010.05.23 20:42:43 | 000,012,895 | ---- | C] () -- C:\Users\Florian\.recently-used.xbel
[2010.05.23 20:27:30 | 005,011,796 | ---- | C] () -- C:\Users\Florian\Desktop\FireShot capture #004 - 'YouTube - Kanal von KonshinLP' - www_youtube_com_user_KonshinLP.png
[2010.05.23 16:54:08 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.05.23 16:54:02 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.05.23 14:25:55 | 000,000,632 | ---- | C] () -- C:\Users\Public\Desktop\Total Commander.lnk
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\UC.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\RAR.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\PKZIP.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\PKUNZIP.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\NOCLOSE.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\LHA.PIF
[2010.05.23 14:25:54 | 000,000,545 | ---- | C] () -- C:\Windows\ARJ.PIF
[2010.05.21 21:21:00 | 000,000,909 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2010.05.20 20:41:45 | 000,000,899 | ---- | C] () -- C:\Users\Florian\Desktop\DScaler.lnk
[2010.05.20 16:37:15 | 000,026,719 | ---- | C] () -- C:\Windows\System32\SERSPL.VXD
[2010.05.20 16:25:40 | 000,038,492 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib
[2010.05.20 16:23:19 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.05.20 14:27:29 | 000,001,793 | ---- | C] () -- C:\Users\Florian\Desktop\EZ Grabber.lnk
[2010.05.13 19:14:11 | 000,000,213 | ---- | C] () -- C:\Users\Florian\Desktop\Portal.url
[2010.05.13 17:59:29 | 000,000,947 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.05.12 22:36:54 | 000,064,295 | ---- | C] () -- C:\Users\Florian\Desktop\Kons.jpg
[2010.05.09 22:25:22 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.05.09 17:52:51 | 000,003,399 | ---- | C] () -- C:\Windows\messer.ini
[2010.05.09 16:09:48 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\No23 Recorder.lnk
[2010.05.09 16:02:52 | 000,012,288 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.09 15:18:33 | 000,756,483 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin2.jpg
[2010.05.08 23:16:45 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2010.05.08 19:49:35 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2010.05.08 16:49:12 | 000,000,740 | ---- | C] () -- C:\Users\Florian\Desktop\Fraps.lnk
[2010.05.08 16:32:03 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys
[2010.05.08 14:35:41 | 017,627,344 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin.xcf
[2010.05.08 14:15:14 | 000,448,619 | ---- | C] () -- C:\Users\Florian\Desktop\Konshin.jpg
[2010.05.08 12:53:45 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.05.08 12:20:37 | 000,497,760 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.05.08 12:20:37 | 000,001,035 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.05.08 12:20:36 | 000,198,341 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.05.08 12:20:36 | 000,031,240 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.05.08 12:20:36 | 000,020,274 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.05.08 11:41:17 | 000,001,455 | ---- | C] () -- C:\Users\Florian\Desktop\Launcher.lnk
[2010.05.08 04:55:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.08 04:30:36 | 002,542,728 | ---- | C] () -- C:\Users\Florian\Desktop\WowMatrix.exe
[2010.05.08 04:30:35 | 000,236,544 | ---- | C] () -- C:\Users\Florian\Desktop\Chrono.exe
[2010.05.08 04:30:33 | 000,000,069 | R--- | C] () -- C:\Users\Florian\Desktop\listen.pls
[2010.05.08 04:16:23 | 000,000,212 | -H-- | C] () -- C:\Boot.BAK
[2010.05.08 04:14:08 | 000,001,197 | ---- | C] () -- C:\Users\Florian\Desktop\DVDVideoSoft Free Studio.lnk
[2010.05.08 04:09:53 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.05.08 04:08:21 | 000,000,860 | ---- | C] () -- C:\Users\Florian\Desktop\JDownloader.lnk
[2010.05.08 04:08:07 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk
[2010.05.08 04:04:40 | 000,001,156 | ---- | C] () -- C:\Users\Florian\Desktop\Format Factory.lnk
[2010.05.08 04:03:34 | 000,000,913 | ---- | C] () -- C:\Users\Florian\Desktop\Audacity.lnk
[2010.05.08 04:03:13 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010.05.08 03:58:47 | 000,001,287 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Movie Maker.lnk
[2010.05.08 03:57:30 | 000,000,020 | ---- | C] () -- C:\Windows\$û„
[2010.05.08 03:57:20 | 000,002,200 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Mail.lnk
[2010.05.08 03:56:46 | 000,002,068 | ---- | C] () -- C:\Users\Florian\Desktop\Windows Live Messenger .lnk
[2010.05.08 03:55:53 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.05.08 03:48:10 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.1.lnk
[2010.05.08 03:39:54 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.05.08 03:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.05.08 03:29:17 | 000,524,288 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.05.08 03:29:17 | 000,262,144 | -HS- | C] () -- C:\Users\Florian\ntuser.dat.LOG1
[2010.05.08 03:29:17 | 000,065,536 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.05.08 03:29:17 | 000,000,020 | -HS- | C] () -- C:\Users\Florian\ntuser.ini
[2010.05.08 03:29:17 | 000,000,000 | -HS- | C] () -- C:\Users\Florian\ntuser.dat.LOG2
[2010.05.08 03:29:16 | 001,835,008 | -HS- | C] () -- C:\Users\Florian\NTUSER.DAT
[2010.05.08 03:20:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.05.08 03:17:45 | 1610,014,720 | -HS- | C] () -- C:\hiberfil.sys
[2010.05.08 03:07:17 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.05.08 03:07:11 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.01.14 21:45:18 | 000,230,784 | ---- | C] () -- C:\Windows\System32\drivers\U6000ALL.sys
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2007.06.08 19:12:12 | 000,262,144 | ---- | C] () -- C:\Windows\System32\GTTunerCard.dll
[2004.07.29 02:19:46 | 000,175,104 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2003.06.28 14:34:20 | 000,069,707 | ---- | C] () -- C:\Windows\System32\DISP_OPT1.dll
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL
< End of report >
         

Alt 25.05.2010, 16:42   #5
Solluno
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.05.2010 16:25:25 - Run 1
OTL by OldTimer - Version 3.2.5.0     Folder = C:\Users\Florian\Downloads
 Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 63,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 75,96 Gb Total Space | 23,97 Gb Free Space | 31,56% Space Free | Partition Type: NTFS
Drive D: | 54,25 Gb Total Space | 18,07 Gb Free Space | 33,31% Space Free | Partition Type: FAT32
Drive E: | 18,82 Gb Total Space | 17,39 Gb Free Space | 92,41% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 596,02 Gb Total Space | 264,16 Gb Free Space | 44,32% Space Free | Partition Type: FAT32
 
Computer Name: FLORIAN-PC
Current User Name: Florian
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01910143-8233-1C88-A42A-F5ABD56385F9}" = Catalyst Control Center Graphics Full Existing
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04CB28D7-BDF0-2502-4365-ED13D6D956F4}" = CCC Help Russian
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A755762-EED8-47AB-A446-505766F93D43}" = Atheros Communications Inc.(R) L2 Fast Ethernet Driver
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{109945A8-D8D5-48B8-B4A5-195D3F99B56D}" = Logitech GamePanel Software 3.04.143
"{121B5E98-2DA8-8DB2-09CD-9770C9F92AB7}" = CCC Help Turkish
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{16EFE2ED-CC6A-C4C0-8405-283D5BFE7A84}" = CCC Help Hungarian
"{1DE1C304-BF2F-4A11-690D-49CE4EF57FFE}" = CCC Help Japanese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27397BCD-6F21-E671-976A-3C422E415751}" = Catalyst Control Center Localization All
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2E04DB15-3C1A-0D5C-68C3-62F7C42092D0}" = CCC Help Thai
"{36ADAD6D-F66C-175F-CE54-481EBB9D1FD9}" = CCC Help Danish
"{3DCA0088-989B-4EF3-B3E4-4A164FD39D95}" = Catalyst Control Center - Branding
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F191EA4-1DC6-66FD-E7A3-DE536CF0BC1B}" = ccc-utility
"{409F157D-BB55-A4C1-AF39-846F27BFC8CB}" = ATI Catalyst Install Manager
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4253A57A-650F-4E62-E662-AF7BF84C1D4C}" = CCC Help German
"{4350FB28-7330-7A5D-A997-69076760EC94}" = CCC Help Italian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5B6455A4-E812-479B-A762-C2356244CF97}" = AV Grabber
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{5FE38283-3658-58D8-4FA9-803C71997B96}" = CCC Help Spanish
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64A3B0CC-2EBC-A1D9-620A-BADC5A09F7A9}" = CCC Help Czech
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{714DA01B-9279-3697-5173-278635EDD8EE}" = CCC Help English
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7543BF13-8614-EE1B-D1B6-988D0E512329}" = Catalyst Control Center Graphics Full New
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E6BDEB2-17E7-1F93-E4FE-B2FF074335FB}" = CCC Help Portuguese
"{88A7AE4B-726F-2C25-284D-1F8F452250E4}" = CCC Help Chinese Traditional
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8B44248C-EEC9-190E-7760-EE671FF93D54}" = CCC Help Norwegian
"{900CFEB5-88D6-9937-A866-D1A4E94DB5DE}" = Catalyst Control Center InstallProxy
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADFCB53-EB4F-2410-BCAE-9CF582B0CAE5}" = Catalyst Control Center Graphics Light
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A24E4888-B0D0-89A4-7DED-DCC0CB9CCD54}" = Catalyst Control Center Core Implementation
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4759EE0-D18A-5115-1A07-E65A4B0CE0F7}" = CCC Help French
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{B5E95F5D-BE5B-3088-30B4-F4EA8D2A7EDA}" = CCC Help Finnish
"{BBFE04E3-BF31-8808-0704-EEAB004E13FB}" = ccc-core-static
"{C392E89E-7DFC-4D4C-D1BF-77688A63E406}" = CCC Help Chinese Standard
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D69832F7-1B31-4200-2192-DED3966C61B3}" = CCC Help Dutch
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E23F0E-08CE-279A-3777-C5108486A613}" = CCC Help Greek
"{DA71A94B-3617-4935-8BBE-1566B2174C95}" = Drv
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6E4530-4AB0-482E-91DE-7FE6309C6EF1}" = Camtasia Studio 7
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E42CB4C7-D188-15AE-E7F4-96634FF6368D}" = CCC Help Polish
"{E5811418-F477-D3DE-210C-7D7A512E1EFD}" = Catalyst Control Center Graphics Previews Vista
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7FC9307-374E-4017-8E9D-DE1154780480}" = System Requirements Lab for Intel
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FC048853-11AC-27E0-A928-48099E987D66}" = CCC Help Korean
"{FE4795D7-A814-C945-DAFF-73FC42ECFD90}" = CCC Help Swedish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AMCap" = AMCap
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DScaler 4 Test Version_is1" = DScaler 4 Test Version
"DScaler 4.1.15_is1" = DScaler 4.1.15
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FormatFactory" = FormatFactory 2.30
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free Video to iPod Converter_is1" = Free Video to iPod Converter version 3.4
"Free YouTube Download_is1" = Free YouTube Download 2.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"Game Booster_is1" = Game Booster
"InstallShield_{5B6455A4-E812-479B-A762-C2356244CF97}" = EZ Grabber
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Messer_is1" = Messer v0.992
"mIRC" = mIRC
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"SopCast" = SopCast 3.2.9
"Steam App 400" = Portal
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Totalcmd" = Total Commander (Remove or Repair)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.17
"VLC media player" = VLC media player 1.0.5
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 24.05.2010 04:16:22 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.0.0.0,
 Zeitstempel: 0x4bbc56b6  Name des fehlerhaften Moduls: CoolType.dll, Version: 5.7.82.7602,
 Zeitstempel: 0x4b9807c4  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000d3a11  ID des fehlerhaften
 Prozesses: 0x156c  Startzeit der fehlerhaften Anwendung: 0x01cafb176f117771  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe Photoshop CS5\Photoshop.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe Photoshop CS5\CoolType.dll
Berichtskennung:
 a2bd89ec-670c-11df-a19c-001e8c12810e
 
Error - 24.05.2010 05:50:54 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5bdadb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002fc47  ID des fehlerhaften Prozesses:
 0x1ecc  Startzeit der fehlerhaften Anwendung: 0x01cafb266b0e3cc9  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Audacity\audacity.exe  Pfad des fehlerhaften Moduls: 
C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: d7984ade-6719-11df-a19c-001e8c12810e
 
Error - 24.05.2010 05:59:08 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: audacity.exe, Version: 0.0.0.0, Zeitstempel:
 0x455814e4  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5bdadb  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002fc47  ID des fehlerhaften Prozesses:
 0x165c  Startzeit der fehlerhaften Anwendung: 0x01cafb26b391ebda  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Audacity\audacity.exe  Pfad des fehlerhaften Moduls: 
C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: fde13e3a-671a-11df-a19c-001e8c12810e
 
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 360: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 192: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 24.05.2010 09:02:04 | Computer Name = Florian-PC | Source = Bonjour Service | ID = 100
Description = 444: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
 vom Remotehost geschlossen.)
 
Error - 24.05.2010 09:35:27 | Computer Name = Florian-PC | Source = Application Hang | ID = 1002
Description = Programm wmplayer.exe, Version 12.0.7600.16415 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 838    Startzeit: 01cafb419fd9bae9    Endzeit: 47    Anwendungspfad: 
C:\Program Files\Windows Media Player\wmplayer.exe    Berichts-ID: 34567925-6739-11df-a1f3-001e8c12810e

 
Error - 25.05.2010 01:18:07 | Computer Name = Florian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.0.5.0, Zeitstempel:
 0x4b64ae05  Name des fehlerhaften Moduls: vlc.exe, Version: 1.0.5.0, Zeitstempel:
 0x4b64ae05  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00001749  ID des fehlerhaften Prozesses:
 0x928  Startzeit der fehlerhaften Anwendung: 0x01cafbc9a501d428  Pfad der fehlerhaften
 Anwendung: C:\Program Files\VideoLAN\VLC\vlc.exe  Pfad des fehlerhaften Moduls: C:\Program
 Files\VideoLAN\VLC\vlc.exe  Berichtskennung: e65c905d-67bc-11df-939f-001e8c12810e
 
[ System Events ]
Error - 24.05.2010 23:08:50 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfvfs02
 
Error - 24.05.2010 23:14:59 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfvfs02.sys konnte nicht geladen werden.
 
Error - 24.05.2010 23:14:59 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 24.05.2010 23:15:16 | Computer Name = Florian-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?25.?05.?2010 um 05:14:16 unerwartet heruntergefahren.
 
Error - 24.05.2010 23:16:02 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfvfs02
 
Error - 24.05.2010 23:17:56 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfvfs02.sys konnte nicht geladen werden.
 
Error - 24.05.2010 23:17:56 | Computer Name = Florian-PC | Source = Application Popup | ID = 875
Description = Treiber sfdrv01.sys konnte nicht geladen werden.
 
Error - 24.05.2010 23:19:02 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   sfdrv01  sfvfs02
 
Error - 25.05.2010 07:41:13 | Computer Name = Florian-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 
Mal passiert.
 
Error - 25.05.2010 08:46:48 | Computer Name = Florian-PC | Source = bowser | ID = 8003
Description = 
 
 
< End of report >
         
[/I]


Es tut mir unendlich leid, dass ich 3 Beiträge hintereinander machen musste, aber vom Platz her hat es nicht gepasst

Hoffe das sind die richtigen Logs.


Alt 25.05.2010, 20:29   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer öffnet Seiten mit Werbung - Standard

Internet Explorer öffnet Seiten mit Werbung



Zitat:
C:\Users\Florian\Desktop\Adobe.Photoshop.CS5.Extended.v12.0.Multilanguage\keygen.exe
Sorry, aber Du kannst formatieren!

Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr.

Für Dich geht es hier weiter => Neuaufsetzen des Systems
Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken.

Danach nie wieder sowas anrühren!
__________________
--> Internet Explorer öffnet Seiten mit Werbung

Antwort

Themen zu Internet Explorer öffnet Seiten mit Werbung
.dll, anti-malware, datei, dateien, explorer, folge, gratis, hijack, hijackthis, internet, internet explorer, local\temp, logdatei, logfile, malwarebytes' anti-malware, microsoft, namen, problem, seite, seiten, software, system, system32, temp, trojan.downloader, trojaner-board, werbung, win7, öffnet, öffnet seiten



Ähnliche Themen: Internet Explorer öffnet Seiten mit Werbung


  1. Internet Explorer öffnet falsche Seiten
    Alles rund um Windows - 25.10.2015 (16)
  2. Internet explorer öffnet seiten und Viren im inetexplorer
    Log-Analyse und Auswertung - 03.05.2015 (3)
  3. Firefox öffnet plötzlich, immer wieder unerwünschte Webseiten ...Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 12.06.2011 (17)
  4. Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 30.04.2011 (11)
  5. Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 23.01.2011 (11)
  6. Hilfe... Internet Explorer öffnet komische Seiten
    Log-Analyse und Auswertung - 13.11.2010 (3)
  7. Internet Explorer und co öffnet ständig Seiten
    Log-Analyse und Auswertung - 10.06.2010 (30)
  8. Internet Explorer öffnet Seiten mit Werbungen.
    Plagegeister aller Art und deren Bekämpfung - 12.05.2010 (5)
  9. Mein Internet Explorer öffnet Seiten mit Werbungen.
    Plagegeister aller Art und deren Bekämpfung - 09.05.2010 (19)
  10. Internet Explorer öffnet Werbung
    Plagegeister aller Art und deren Bekämpfung - 09.04.2010 (27)
  11. Internet Explorer öffnet Werbung
    Log-Analyse und Auswertung - 31.03.2010 (5)
  12. Internet Explorer öffnet sich und Seiten von selbst
    Plagegeister aller Art und deren Bekämpfung - 31.12.2009 (2)
  13. Internet Explorer öffnet einfach seiten !
    Log-Analyse und Auswertung - 25.12.2009 (1)
  14. Internet Explorer öffnet Werbung
    Plagegeister aller Art und deren Bekämpfung - 02.11.2009 (14)
  15. Internet Explorer öffnet automatisch und öffnet Werbung
    Log-Analyse und Auswertung - 28.08.2009 (18)
  16. Internet Explorer öffnet ständig falsche Seiten
    Log-Analyse und Auswertung - 18.10.2007 (7)
  17. Internet Explorer öffnet einfach Seiten
    Log-Analyse und Auswertung - 14.11.2005 (25)

Zum Thema Internet Explorer öffnet Seiten mit Werbung - Hallo liebes Trojaner-Board, ich wende mich heute mit einer Bitte an euch mir mit folgendem Problem zu helfen: Mein Internet Explorer öffnet andauernd Seiten mit Werbung die ich zwar wieder - Internet Explorer öffnet Seiten mit Werbung...
Archiv
Du betrachtest: Internet Explorer öffnet Seiten mit Werbung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.