Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Internet Explorer und sein Eigenleben

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.08.2010, 20:16   #1
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Guten Abend haben ein kleines Porblem mein Internet Explorer öffnet permanent irgend welche Werbeseiten. Haben mich schon ein wenig umgeguckt nur leider nichts passendes gefunden desewgen versuche ich es nun einmal auf diesen weg hier.

Hier meine Hjack logfile:
HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:34, on 30.08.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Users\Ceron\AppData\Local\Temp\Ubd.exe
C:\Windows\Usesea.exe
C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe
C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Razer\Diamondback 3G\razerhid.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe
C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\lcdsirreal267\LCDSirReal.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Razer\Diamondback 3G\razerofa.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Search Advisor\adgui.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\MirandaFusion\miranda32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Gutscheinmieze - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Programme\Valve\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Windows\system32\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [XBV6RD5SZF] C:\Users\Ceron\AppData\Local\Temp\Ubd.exe
O4 - HKCU\..\Run: [Search Advisor] C:\Program Files\Search Advisor\adgui.exe
O4 - HKCU\..\Run: [OTGV1DNWQQ] C:\Users\Ceron\AppData\Local\Temp\Ubc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
 
--
End of file - 6125 bytes
         
--- --- ---

Und schon einmal danke im vorraus.

Alt 30.08.2010, 20:18   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Hallo und

Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Vista und Win7 User
Alle Tools mit Rechtsklick "als Administrator ausführen" starten.



Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 30.08.2010, 21:59   #3
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Malwarebytes' Anti-Malware 1.18
Datenbank Version: 870

21:46:58 30.08.2010
mbam-log-8-30-2010 (21-46-58).txt

Scan Art: Komplett Scan (C:\|)
Objekte gescannt: 238344
Scan Dauer: 1 hour(s), 8 minute(s), 43 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine Malware Objekte gefunden)

Infizierte Registrierungswerte:
(Keine Malware Objekte gefunden)

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
(Keine Malware Objekte gefunden)

Infizierte Dateien:
(Keine Malware Objekte gefunden)
__________________

Alt 30.08.2010, 21:59   #4
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



aOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.08.2010 21:49:19 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 48,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 310,47 Gb Free Space | 66,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
PRC - C:\Windows\Usesea.exe (OpenSC Project)
PRC - C:\Users\Ceron\AppData\Local\Temp\Ubd.exe (OpenSC Project)
PRC - C:\Program Files\Search Advisor\adgui.exe ()
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - c:\program files\windows defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\lcdsirreal267\LCDSirReal.exe ()
PRC - C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
PRC - C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (ATI Technologies, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (WINFLASH) -- C:\Program Files\U-ABIT\FlashMenu\WinFlash.sys ()
DRV - (Memctl) -- C:\Program Files\U-ABIT\FlashMenu\Memctl.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 47 21 53 4F 3C CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010.08.29 13:35:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.29 21:37:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.01 18:09:42 | 000,000,000 | ---D | M]
 
[2010.08.15 10:06:35 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Extensions
[2010.08.27 19:07:34 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions
[2010.08.18 20:25:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.15 11:29:44 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\gutscheinmieze@synatix-gmbh.de
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Mozilla\FireFox\Profiles\k8kwbqpc.default\searchplugins\conduit.xml
[2010.08.25 18:48:27 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.23 21:23:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 20:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.15 11:29:44 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Diamondback] C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Metropolis] C:\Windows\System32\sshnas21.DLL (OpenSC Project)
O4 - HKCU..\Run: [OTGV1DNWQQ] C:\Users\Ceron\AppData\Local\Temp\Ubc.exe (OpenSC Project)
O4 - HKCU..\Run: [Search Advisor] C:\Program Files\Search Advisor\adgui.exe ()
O4 - HKCU..\Run: [Steam] C:\Programme\Valve\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [XBV6RD5SZF] C:\Users\Ceron\AppData\Local\Temp\Ubd.exe (OpenSC Project)
O4 - Startup: C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell - "" = AutoRun
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell\AutoRun\command - "" = J:\steambackup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.30 21:47:31 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\Neuer Ordner
[2010.08.29 19:14:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\all
[2010.08.29 18:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.08.29 18:24:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Avira
[2010.08.29 16:17:08 | 000,190,976 | ---- | C] (OpenSC Project) -- C:\Windows\Usesea.exe
[2010.08.29 15:57:21 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.08.29 15:57:21 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.08.29 15:57:21 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.08.29 15:57:21 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.08.29 15:57:20 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.08.29 13:36:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WhiteSmokeTranslator
[2010.08.29 13:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010.08.29 13:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Search Advisor
[2010.08.29 13:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Web Player
[2010.08.29 13:32:43 | 000,246,272 | ---- | C] (OpenSC Project) -- C:\Windows\System32\sshnas21.dll
[2010.08.28 19:32:33 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Windows\System\lame_enc.dll
[2010.08.28 15:26:42 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.08.28 15:26:42 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.08.28 15:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Winamp
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Winamp
[2010.08.28 09:48:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\beatmaker
[2010.08.28 09:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\BeatPack
[2010.08.27 19:28:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WinRAR
[2010.08.27 19:28:47 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.08.27 19:13:14 | 000,000,000 | ---D | C] -- C:\Programme\WinSCP
[2010.08.25 20:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.08.25 18:51:46 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\OpenOffice.org
[2010.08.25 18:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010.08.25 18:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.08.25 18:48:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.23 21:23:11 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:53 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.08.22 18:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.08.18 20:29:54 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\iPhone Ringtones
[2010.08.18 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.18 20:25:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.08.18 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\iRinger
[2010.08.16 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Adobe
[2010.08.16 20:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.16 20:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.08.16 20:45:32 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.08.15 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.08.15 19:22:49 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.08.15 18:32:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.08.15 18:29:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.08.15 16:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.08.15 16:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.08.15 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft Games
[2010.08.15 16:10:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010.08.15 16:10:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010.08.15 16:06:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volsnap.sys.mui
[2010.08.15 16:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbport.sys.mui
[2010.08.15 16:06:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbhub.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vhdmp.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tpm.sys.mui
[2010.08.15 16:06:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\portcls.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\umbus.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serscan.sys.mui
[2010.08.15 16:06:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wd.sys.mui
[2010.08.15 16:06:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mpio.sys.mui
[2010.08.15 16:06:52 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1y6032.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1e6032.sys.mui
[2010.08.15 16:06:52 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\E1G60I32.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1q6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1k6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\k57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\b57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serial.sys.mui
[2010.08.15 16:06:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\i8042prt.sys.mui
[2010.08.15 16:06:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\msdsm.sys.mui
[2010.08.15 16:06:52 | 000,006,144 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\bcm4sbxp.sys.mui
[2010.08.15 16:06:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\sermouse.sys.mui
[2010.08.15 16:06:52 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e100b325.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pcmcia.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouclass.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parport.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ataport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (VIA Technologies, Inc.              ) -- C:\Windows\System32\drivers\de-DE\getn62.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scsiport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismpx.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismp6.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parvdm.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouhid.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vwifibus.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\MTConfig.sys.mui
[2010.08.15 16:06:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdide.sys.mui
[2010.08.15 16:06:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\afd.sys.mui
[2010.08.15 16:06:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bfe.dll.mui
[2010.08.15 16:06:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
[2010.08.15 16:06:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ws2ifsl.sys.mui
[2010.08.15 16:06:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbrpm.sys.mui
[2010.08.15 16:06:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tcpip.sys.mui
[2010.08.15 16:06:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tunnel.sys.mui
[2010.08.15 16:06:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\modem.sys.mui
[2010.08.15 16:06:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fvevol.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\srv.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scfilter.sys.mui
[2010.08.15 16:06:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pacer.sys.mui
[2010.08.15 16:06:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rdbss.sys.mui
[2010.08.15 16:06:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\RNDISMP.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\qwavedrv.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\partmgr.sys.mui
[2010.08.15 16:06:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ntfs.sys.mui
[2010.08.15 16:06:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndis.sys.mui
[2010.08.15 16:06:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\nwifi.sys.mui
[2010.08.15 16:06:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndisuio.sys.mui
[2010.08.15 16:06:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndiscap.sys.mui
[2010.08.15 16:06:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mountmgr.sys.mui
[2010.08.15 16:06:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\luafv.sys.mui
[2010.08.15 16:06:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ipnat.sys.mui
[2010.08.15 16:06:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\http.sys.mui
[2010.08.15 16:06:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fltmgr.sys.mui
[2010.08.15 16:06:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volmgrx.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\viac7.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\processr.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\intelppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdk8.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ohci1394.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\1394ohci.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\acpi.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010.08.15 16:06:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\battc.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pci.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui
[2010.08.15 16:06:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\IPMIDrv.sys.mui
[2010.08.15 16:06:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdclass.sys.mui
[2010.08.15 16:06:21 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthpan.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wacompen.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vdrvroot.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hdaudbus.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\HdAudio.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\de-DE\atikmdag.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mssmbios.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hidbth.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\VIAAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\UAGP35.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\SISAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pnpmem.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\NV_AGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdhid.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\GAGP30KX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\Dot4usb.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\BTHUSB.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AMDAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AGP440.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\disk.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\cdrom.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthenum.sys.mui
[2010.08.15 15:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\U-ABIT
[2010.08.15 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\GetRightToGo
[2010.08.15 14:58:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.08.15 14:58:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.08.15 14:58:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.08.15 14:54:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.08.15 14:53:25 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.08.15 14:53:25 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.08.15 14:53:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.15 14:53:15 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.15 14:53:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.15 14:53:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.15 14:53:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.15 14:53:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.15 14:53:14 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.15 14:53:14 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.15 14:53:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.15 14:53:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.15 14:52:58 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.15 14:52:52 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.08.15 14:52:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.08.15 14:52:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.08.15 14:52:50 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.08.15 14:52:49 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.08.15 14:52:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.08.15 14:52:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.08.15 14:52:49 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.08.15 14:52:44 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.08.15 14:52:44 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.08.15 14:52:44 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.08.15 14:52:43 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.08.15 14:52:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.08.15 14:52:40 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.08.15 14:52:40 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.08.15 14:52:40 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.08.15 14:52:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.08.15 14:52:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.08.15 14:52:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.08.15 14:52:40 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.08.15 14:52:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.08.15 14:52:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.08.15 14:52:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.08.15 14:52:32 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.08.15 14:52:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.15 14:52:32 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.15 14:52:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.15 14:52:29 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.08.15 14:52:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.08.15 14:52:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.08.15 13:02:03 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Square Enix
[2010.08.15 12:32:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.15 12:32:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.08.15 11:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010.08.15 11:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.08.15 11:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.08.15 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Gutscheinmieze
[2010.08.15 11:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\ATI
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\ATI
[2010.08.15 11:26:33 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.08.15 11:26:31 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.08.15 11:19:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.08.15 11:18:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.08.15 11:18:49 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.08.15 11:18:49 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.08.15 11:18:49 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.08.15 11:18:49 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.08.15 11:18:49 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.08.15 11:18:49 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.08.15 11:18:48 | 003,604,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.08.15 11:18:48 | 003,154,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.08.15 11:18:48 | 001,829,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.08.15 11:18:48 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.08.15 11:18:48 | 000,371,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.08.15 11:18:48 | 000,367,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.08.15 11:18:48 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.08.15 11:18:48 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.08.15 11:18:48 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.08.15 11:18:48 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.08.15 11:18:48 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.08.15 11:18:48 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.08.15 11:18:48 | 000,064,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.08.15 11:18:48 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.08.15 11:18:47 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.08.15 11:18:47 | 001,327,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.08.15 11:18:47 | 000,252,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.08.15 11:18:47 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.08.15 11:18:47 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.08.15 11:18:46 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.08.15 11:18:46 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.08.15 11:18:46 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.08.15 11:18:46 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.08.15 11:18:46 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.08.15 11:18:46 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.08.15 11:18:46 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.08.15 11:18:46 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.08.15 11:18:46 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.08.15 11:18:46 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.08.15 11:18:46 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.08.15 11:18:46 | 000,104,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.08.15 11:18:46 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.08.15 11:18:46 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.08.15 11:18:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.08.15 11:18:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Macromedia
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Adobe
[2010.08.15 11:10:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.08.15 11:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.08.15 10:58:57 | 001,073,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010.08.15 10:58:57 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010.08.15 10:57:49 | 002,441,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2010.08.15 10:57:49 | 001,035,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvmfdx32.sys
[2010.08.15 10:57:49 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvunrm.exe
[2010.08.15 10:57:49 | 000,200,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\fdco1.dll
[2010.08.15 10:57:49 | 000,037,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvconrm.dll
[2010.08.15 10:57:48 | 001,522,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.08.15 10:57:47 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010.08.15 10:57:47 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010.08.15 10:57:43 | 001,074,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.08.15 10:57:43 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod100.dll
[2010.08.15 10:57:42 | 003,629,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2010.08.15 10:57:41 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2010.08.15 10:57:41 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2010.08.15 10:57:40 | 003,166,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2010.08.15 10:57:39 | 005,509,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2010.08.15 10:57:32 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010.08.15 10:57:32 | 000,147,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010.08.15 10:57:25 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:40:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Meine empfangenen Dateien
[2010.08.15 10:32:25 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.08.15 10:32:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Tracing
[2010.08.15 10:31:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.08.15 10:30:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.08.15 10:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.08.15 10:30:25 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DAEMON Tools Lite
[2010.08.15 10:30:19 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.08.15 10:30:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.08.15 10:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010.08.15 10:26:49 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.08.15 10:26:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.15 10:25:51 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Opera
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Opera
[2010.08.15 10:25:03 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.08.15 10:19:48 | 000,073,728 | ---- | C] (Razer Inc.) -- C:\Windows\System32\diamondback.cpl
[2010.08.15 10:19:44 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.08.15 10:19:44 | 000,000,000 | ---D | C] -- C:\Programme\Razer
[2010.08.15 10:19:17 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\InstallShield
[2010.08.15 10:09:59 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2010.08.15 10:09:32 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
[2010.08.15 10:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Malwarebytes
[2010.08.15 10:08:56 | 000,017,144 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.15 10:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.15 10:08:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.15 10:08:50 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple Computer
[2010.08.15 10:08:49 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Apple Computer
[2010.08.15 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.08.15 10:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.08.15 10:08:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Last.fm
[2010.08.15 10:08:00 | 000,000,000 | ---D | C] -- C:\Programme\Last.fm
[2010.08.15 10:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.08.15 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple
[2010.08.15 10:07:37 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Mozilla
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Mozilla
[2010.08.15 10:06:31 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.08.15 10:06:17 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.15 10:05:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Miranda Fusion
[2010.08.15 10:05:16 | 000,000,000 | ---D | C] -- C:\Programme\MirandaFusion
[2010.08.15 10:04:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010.08.15 10:03:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.08.15 10:01:22 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Documents\Runes of Magic
[2010.08.15 09:55:28 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Searches
[2010.08.15 09:55:28 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.08.15 09:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Identities
[2010.08.15 09:55:17 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Contacts
[2010.08.15 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\VirtualStore
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Temporary Internet Files
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Templates
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Start Menu
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\SendTo
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Recent
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\PrintHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\NetHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Videos
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Pictures
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Music
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\My Documents
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Local Settings
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\History
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Cookies
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Application Data
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Application Data
[2010.08.15 09:55:05 | 000,000,000 | --SD | C] -- C:\Users\Ceron\AppData\Roaming\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Videos
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Saved Games
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Pictures
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Music
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Links
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Favorites
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Downloads
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Documents
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Desktop
[2010.08.15 09:55:05 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\AppData
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Temp
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Media Center Programs
[2010.08.15 09:50:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.08.15 09:20:31 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.08.10 05:15:58 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:00 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:52:04 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:16:06 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:14:12 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.30 21:51:46 | 001,310,720 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.30 21:42:23 | 023,994,412 | ---- | M] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.30 21:32:11 | 000,000,286 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010.08.30 21:02:01 | 000,000,246 | -H-- | M] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.08.30 20:05:04 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.30 20:05:04 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.30 19:59:55 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.30 19:59:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.30 19:59:33 | 1508,024,320 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.29 22:04:13 | 001,685,713 | -H-- | M] () -- C:\Users\Ceron\AppData\Local\IconCache.db
[2010.08.29 21:41:57 | 002,375,827 | ---- | M] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 20:19:34 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010.08.29 18:36:16 | 000,002,963 | ---- | M] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:34:33 | 001,402,880 | ---- | M] () -- C:\Users\Ceron\Desktop\HiJackThis_v2.0.4.msi
[2010.08.29 18:19:10 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.29 13:33:33 | 000,190,976 | ---- | M] (OpenSC Project) -- C:\Windows\Usesea.exe
[2010.08.29 13:32:43 | 000,246,272 | ---- | M] (OpenSC Project) -- C:\Windows\System32\sshnas21.dll
[2010.08.28 19:28:55 | 000,000,700 | ---- | M] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.28 01:11:06 | 000,000,600 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | M] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 20:07:33 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.25 19:45:16 | 000,062,952 | ---- | M] () -- C:\Users\Ceron\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.25 19:19:12 | 001,498,506 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.25 19:19:12 | 000,651,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.25 19:19:12 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.25 19:19:12 | 000,129,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.25 19:19:12 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.25 18:52:04 | 000,001,193 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:56 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.22 18:04:40 | 000,000,827 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.18 20:26:07 | 002,422,912 | ---- | M] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.08.15 19:27:53 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010.08.15 18:31:40 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 16:10:04 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:04 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | M] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | M] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:59:31 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 11:30:35 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 11:06:35 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 10:13:35 | 000,065,536 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 10:06:32 | 000,001,909 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | M] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | M] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:52:12 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2010.08.15 09:39:31 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.08.10 05:15:58 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:18 | 000,071,096 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:55:00 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:54:50 | 000,519,680 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.08.04 03:52:04 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:46:32 | 003,899,392 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2010.08.04 03:28:26 | 004,021,760 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:23:44 | 000,065,536 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2010.08.04 03:21:38 | 003,324,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2010.08.04 03:21:14 | 000,523,968 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2010.08.04 03:16:06 | 000,241,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:15:02 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.08.04 03:14:48 | 000,027,648 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.08.04 03:14:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
 
========== Files Created - No Company Name ==========
 
[2010.08.30 21:42:09 | 023,994,412 | ---- | C] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.29 21:41:57 | 002,375,827 | ---- | C] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 18:36:16 | 000,002,963 | ---- | C] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:34:30 | 001,402,880 | ---- | C] () -- C:\Users\Ceron\Desktop\HiJackThis_v2.0.4.msi
[2010.08.29 18:19:09 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.29 13:31:02 | 000,000,286 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010.08.29 13:30:51 | 000,000,246 | -H-- | C] () -- C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010.08.28 19:28:55 | 000,000,700 | ---- | C] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.27 19:13:17 | 000,000,600 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | C] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 18:52:04 | 000,001,193 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.18 20:25:57 | 002,422,912 | ---- | C] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:53 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2010.08.15 18:31:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 18:29:05 | 1508,024,320 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.15 16:10:57 | 000,651,768 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.08.15 16:10:57 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:57 | 000,129,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.08.15 16:10:57 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | C] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 15:55:50 | 000,010,848 | ---- | C] () -- C:\Windows\System32\drivers\WinFlash.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | C] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:51:59 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 10:58:03 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.08.15 10:30:36 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 10:10:00 | 000,000,827 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.15 10:08:56 | 000,034,296 | ---- | C] () -- C:\Windows\System32\drivers\mbamcatchme.sys
[2010.08.15 10:06:32 | 000,001,909 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | C] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 09:55:06 | 000,262,144 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG1
[2010.08.15 09:55:06 | 000,065,536 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 09:55:06 | 000,000,290 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.08.15 09:55:06 | 000,000,272 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | C] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:55:06 | 000,000,000 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG2
[2010.08.15 09:55:05 | 001,310,720 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.15 09:52:12 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2010.08.15 09:20:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.08.15 09:20:32 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.08.04 03:55:18 | 000,071,096 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:21:14 | 000,523,968 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
< End of report >
         
--- --- ---

Alt 30.08.2010, 22:02   #5
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 30.08.2010 21:49:19 - Run 1
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 48,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 310,47 Gb Free Space | 66,66% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047E5F60-5357-43FB-A080-1912EB0132A4}" = FlashMenu
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{107DE62C-DACF-3204-9154-4BB24196E9AE}" = ccc-utility
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E354FBA-C7CE-402A-BB0D-225230BB1918}" = Logitech G15 Keyboard Software 1.04
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45CCC540-F869-A543-CA28-1CB92B7A2DB7}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50EDAEF4-760D-1C92-8E61-853D624EB601}" = Catalyst Control Center Graphics Previews Common
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B5D55EB-7E74-04BA-215A-49612EAF6673}" = CCC Help English
"{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61
"{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}" = AMD Drag and Drop Transcoding
"{723166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Search Advisor
"{729166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Quick Web Player
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20D402D-BBE3-C212-9B9E-07ECAFB4D3C0}" = ATI Catalyst Install Manager
"{F7E9794B-D60F-CDE4-CEB8-CE695180C179}" = Catalyst Control Center InstallProxy
"{FD9F3DED-B730-378A-7688-510148E67135}" = Catalyst Control Center Graphics Previews Vista
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"AutocompletePro2_is1" = AutocompletePro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeatPack" = BeatPack (0.9)
"CCleaner" = CCleaner (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MirandaFusion" = Miranda Fusion 2.0.8
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"NVIDIA Drivers" = NVIDIA Drivers
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 29.08.2010 07:32:05 | Computer Name = Neutrino | Source = VSS | ID = 8194
Description = 
 
Error - 29.08.2010 09:46:00 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 448: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 12:19:43 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 12:19:43 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 360: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 12:19:43 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 372: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 12:19:43 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 444: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 12:19:43 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 452: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 15:42:01 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 192: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 29.08.2010 15:43:03 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 192: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 30.08.2010 15:42:57 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
[ System Events ]
Error - 30.08.2010 15:22:44 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:44 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:47 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:48 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
 
< End of report >
         
--- --- ---


Alt 31.08.2010, 08:26   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Zitat:
Malwarebytes' Anti-Malware 1.18
Datenbank Version: 870
Du hast Malwarebytes vorher nicht aktualisiert. Bitte auf Version 1.46 updaten, danach die Datenbank aktualisieren und einen Vollscan machen.
__________________
--> Internet Explorer und sein Eigenleben

Alt 31.08.2010, 20:25   #7
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4513

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

31.08.2010 20:25:03
mbam-log-2010-08-31 (20-25-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 222112
Laufzeit: 3 Stunde(n), 51 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4

Infizierte Speicherprozesse:
C:\Users\Ceron\AppData\Local\Temp\Ubd.exe (Trojan.Downloader) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xbv6rd5szf (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Users\Ceron\AppData\Local\Temp\Ubd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Ceron\AppData\Local\Temp\Ubm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Ceron\AppData\Local\Temp\Ubg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Ceron\AppData\Local\Temp\Ubj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Alt 31.08.2010, 21:35   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Dann brauch ich jetzt ein frisches OTL.Log (OTL.txt) - mach also nen neuen Durchlauf, stell das Dateidatum auf min. 90 Tage
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.08.2010, 21:44   #9
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.08.2010 21:43:13 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 309,31 Gb Free Space | 66,41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047E5F60-5357-43FB-A080-1912EB0132A4}" = FlashMenu
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{107DE62C-DACF-3204-9154-4BB24196E9AE}" = ccc-utility
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E354FBA-C7CE-402A-BB0D-225230BB1918}" = Logitech G15 Keyboard Software 1.04
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45CCC540-F869-A543-CA28-1CB92B7A2DB7}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50EDAEF4-760D-1C92-8E61-853D624EB601}" = Catalyst Control Center Graphics Previews Common
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B5D55EB-7E74-04BA-215A-49612EAF6673}" = CCC Help English
"{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61
"{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}" = AMD Drag and Drop Transcoding
"{723166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Search Advisor
"{729166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Quick Web Player
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20D402D-BBE3-C212-9B9E-07ECAFB4D3C0}" = ATI Catalyst Install Manager
"{F7E9794B-D60F-CDE4-CEB8-CE695180C179}" = Catalyst Control Center InstallProxy
"{FD9F3DED-B730-378A-7688-510148E67135}" = Catalyst Control Center Graphics Previews Vista
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"AutocompletePro2_is1" = AutocompletePro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeatPack" = BeatPack (0.9)
"CCleaner" = CCleaner (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MirandaFusion" = Miranda Fusion 2.0.8
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"NVIDIA Drivers" = NVIDIA Drivers
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.08.2010 11:53:42 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7581
 
Error - 31.08.2010 11:53:42 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7581
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10093
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10093
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 468: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 460: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 456: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
[ System Events ]
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:47 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:48 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 16:09:32 | Computer Name = Neutrino | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
 Status gemeldet: 32
 
Error - 31.08.2010 14:27:05 | Computer Name = Neutrino | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
 Status gemeldet: 32
 
 
< End of report >
         
--- --- ---

Alt 31.08.2010, 21:45   #10
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.08.2010 21:43:13 - Run 2
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 60,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 309,31 Gb Free Space | 66,41% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Search Advisor\adgui.exe ()
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\MirandaFusion\miranda32.exe ( )
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\lcdsirreal267\LCDSirReal.exe ()
PRC - C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
PRC - C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (ATI Technologies, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (WINFLASH) -- C:\Program Files\U-ABIT\FlashMenu\WinFlash.sys ()
DRV - (Memctl) -- C:\Program Files\U-ABIT\FlashMenu\Memctl.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 47 21 53 4F 3C CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010.08.29 13:35:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.29 21:37:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.01 18:09:42 | 000,000,000 | ---D | M]
 
[2010.08.15 10:06:35 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Extensions
[2010.08.31 16:35:30 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions
[2010.08.18 20:25:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.15 11:29:44 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\gutscheinmieze@synatix-gmbh.de
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Mozilla\FireFox\Profiles\k8kwbqpc.default\searchplugins\conduit.xml
[2010.08.25 18:48:27 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.23 21:23:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 20:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.15 11:29:44 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Diamondback] C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Search Advisor] C:\Program Files\Search Advisor\adgui.exe ()
O4 - HKCU..\Run: [Steam] C:\Programme\Valve\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell - "" = AutoRun
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell\AutoRun\command - "" = J:\steambackup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.08.31 16:32:38 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.08.31 16:31:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.30 21:47:31 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\Neuer Ordner
[2010.08.29 19:14:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\all
[2010.08.29 18:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.08.29 18:24:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Avira
[2010.08.29 15:57:21 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.08.29 15:57:21 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.08.29 15:57:21 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.08.29 15:57:21 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.08.29 15:57:20 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.08.29 13:36:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WhiteSmokeTranslator
[2010.08.29 13:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010.08.29 13:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Search Advisor
[2010.08.29 13:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Web Player
[2010.08.28 19:32:33 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Windows\System\lame_enc.dll
[2010.08.28 15:26:42 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.08.28 15:26:42 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.08.28 15:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Winamp
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Winamp
[2010.08.28 09:48:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\beatmaker
[2010.08.28 09:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\BeatPack
[2010.08.27 19:28:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WinRAR
[2010.08.27 19:28:47 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.08.27 19:13:14 | 000,000,000 | ---D | C] -- C:\Programme\WinSCP
[2010.08.25 20:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.08.25 18:51:46 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\OpenOffice.org
[2010.08.25 18:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010.08.25 18:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.08.25 18:48:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.23 21:23:11 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:53 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.08.22 18:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.08.18 20:29:54 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\iPhone Ringtones
[2010.08.18 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.18 20:25:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.08.18 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\iRinger
[2010.08.16 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Adobe
[2010.08.16 20:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.16 20:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.08.16 20:45:32 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.08.15 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.08.15 19:22:49 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.08.15 18:32:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.08.15 18:29:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.08.15 16:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.08.15 16:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.08.15 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft Games
[2010.08.15 16:10:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010.08.15 16:10:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010.08.15 16:06:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volsnap.sys.mui
[2010.08.15 16:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbport.sys.mui
[2010.08.15 16:06:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbhub.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vhdmp.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tpm.sys.mui
[2010.08.15 16:06:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\portcls.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\umbus.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serscan.sys.mui
[2010.08.15 16:06:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wd.sys.mui
[2010.08.15 16:06:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mpio.sys.mui
[2010.08.15 16:06:52 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1y6032.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1e6032.sys.mui
[2010.08.15 16:06:52 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\E1G60I32.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1q6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1k6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\k57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\b57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serial.sys.mui
[2010.08.15 16:06:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\i8042prt.sys.mui
[2010.08.15 16:06:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\msdsm.sys.mui
[2010.08.15 16:06:52 | 000,006,144 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\bcm4sbxp.sys.mui
[2010.08.15 16:06:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\sermouse.sys.mui
[2010.08.15 16:06:52 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e100b325.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pcmcia.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouclass.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parport.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ataport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (VIA Technologies, Inc.              ) -- C:\Windows\System32\drivers\de-DE\getn62.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scsiport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismpx.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismp6.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parvdm.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouhid.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vwifibus.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\MTConfig.sys.mui
[2010.08.15 16:06:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdide.sys.mui
[2010.08.15 16:06:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\afd.sys.mui
[2010.08.15 16:06:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bfe.dll.mui
[2010.08.15 16:06:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
[2010.08.15 16:06:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ws2ifsl.sys.mui
[2010.08.15 16:06:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbrpm.sys.mui
[2010.08.15 16:06:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tcpip.sys.mui
[2010.08.15 16:06:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tunnel.sys.mui
[2010.08.15 16:06:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\modem.sys.mui
[2010.08.15 16:06:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fvevol.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\srv.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scfilter.sys.mui
[2010.08.15 16:06:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pacer.sys.mui
[2010.08.15 16:06:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rdbss.sys.mui
[2010.08.15 16:06:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\RNDISMP.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\qwavedrv.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\partmgr.sys.mui
[2010.08.15 16:06:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ntfs.sys.mui
[2010.08.15 16:06:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndis.sys.mui
[2010.08.15 16:06:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\nwifi.sys.mui
[2010.08.15 16:06:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndisuio.sys.mui
[2010.08.15 16:06:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndiscap.sys.mui
[2010.08.15 16:06:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mountmgr.sys.mui
[2010.08.15 16:06:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\luafv.sys.mui
[2010.08.15 16:06:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ipnat.sys.mui
[2010.08.15 16:06:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\http.sys.mui
[2010.08.15 16:06:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fltmgr.sys.mui
[2010.08.15 16:06:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volmgrx.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\viac7.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\processr.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\intelppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdk8.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ohci1394.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\1394ohci.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\acpi.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010.08.15 16:06:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\battc.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pci.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui
[2010.08.15 16:06:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\IPMIDrv.sys.mui
[2010.08.15 16:06:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdclass.sys.mui
[2010.08.15 16:06:21 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthpan.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wacompen.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vdrvroot.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hdaudbus.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\HdAudio.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\de-DE\atikmdag.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mssmbios.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hidbth.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\VIAAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\UAGP35.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\SISAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pnpmem.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\NV_AGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdhid.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\GAGP30KX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\Dot4usb.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\BTHUSB.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AMDAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AGP440.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\disk.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\cdrom.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthenum.sys.mui
[2010.08.15 15:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\U-ABIT
[2010.08.15 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\GetRightToGo
[2010.08.15 14:58:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.08.15 14:58:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.08.15 14:58:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.08.15 14:54:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.08.15 14:53:25 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.08.15 14:53:25 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.08.15 14:53:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.15 14:53:15 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.15 14:53:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.15 14:53:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.15 14:53:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.15 14:53:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.15 14:53:14 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.15 14:53:14 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.15 14:53:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.15 14:53:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.15 14:52:58 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.15 14:52:52 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.08.15 14:52:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.08.15 14:52:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.08.15 14:52:50 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.08.15 14:52:49 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.08.15 14:52:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.08.15 14:52:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.08.15 14:52:49 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.08.15 14:52:44 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.08.15 14:52:44 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.08.15 14:52:44 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.08.15 14:52:43 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.08.15 14:52:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.08.15 14:52:40 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.08.15 14:52:40 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.08.15 14:52:40 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.08.15 14:52:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.08.15 14:52:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.08.15 14:52:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.08.15 14:52:40 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.08.15 14:52:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.08.15 14:52:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.08.15 14:52:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.08.15 14:52:32 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.08.15 14:52:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.15 14:52:32 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.15 14:52:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.15 14:52:29 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.08.15 14:52:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.08.15 14:52:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.08.15 13:02:03 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Square Enix
[2010.08.15 12:32:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.15 12:32:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.08.15 11:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010.08.15 11:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.08.15 11:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.08.15 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Gutscheinmieze
[2010.08.15 11:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\ATI
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\ATI
[2010.08.15 11:26:33 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.08.15 11:26:31 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.08.15 11:19:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.08.15 11:18:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.08.15 11:18:49 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.08.15 11:18:49 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.08.15 11:18:49 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.08.15 11:18:49 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.08.15 11:18:49 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.08.15 11:18:49 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.08.15 11:18:48 | 003,604,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.08.15 11:18:48 | 003,154,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.08.15 11:18:48 | 001,829,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.08.15 11:18:48 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.08.15 11:18:48 | 000,371,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.08.15 11:18:48 | 000,367,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.08.15 11:18:48 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.08.15 11:18:48 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.08.15 11:18:48 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.08.15 11:18:48 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.08.15 11:18:48 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.08.15 11:18:48 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.08.15 11:18:48 | 000,064,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.08.15 11:18:48 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.08.15 11:18:47 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.08.15 11:18:47 | 001,327,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.08.15 11:18:47 | 000,252,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.08.15 11:18:47 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.08.15 11:18:47 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.08.15 11:18:46 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.08.15 11:18:46 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.08.15 11:18:46 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.08.15 11:18:46 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.08.15 11:18:46 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.08.15 11:18:46 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.08.15 11:18:46 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.08.15 11:18:46 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.08.15 11:18:46 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.08.15 11:18:46 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.08.15 11:18:46 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.08.15 11:18:46 | 000,104,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.08.15 11:18:46 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.08.15 11:18:46 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.08.15 11:18:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.08.15 11:18:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Macromedia
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Adobe
[2010.08.15 11:10:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.08.15 11:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.08.15 10:58:57 | 001,073,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010.08.15 10:58:57 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010.08.15 10:57:49 | 002,441,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2010.08.15 10:57:49 | 001,035,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvmfdx32.sys
[2010.08.15 10:57:49 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvunrm.exe
[2010.08.15 10:57:49 | 000,200,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\fdco1.dll
[2010.08.15 10:57:49 | 000,037,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvconrm.dll
[2010.08.15 10:57:48 | 001,522,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.08.15 10:57:47 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010.08.15 10:57:47 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010.08.15 10:57:43 | 001,074,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.08.15 10:57:43 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod100.dll
[2010.08.15 10:57:42 | 003,629,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2010.08.15 10:57:41 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2010.08.15 10:57:41 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2010.08.15 10:57:40 | 003,166,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2010.08.15 10:57:39 | 005,509,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2010.08.15 10:57:32 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010.08.15 10:57:32 | 000,147,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010.08.15 10:57:25 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:40:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Meine empfangenen Dateien
[2010.08.15 10:32:25 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.08.15 10:32:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Tracing
[2010.08.15 10:31:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.08.15 10:30:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.08.15 10:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.08.15 10:30:25 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DAEMON Tools Lite
[2010.08.15 10:30:19 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.08.15 10:30:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.08.15 10:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010.08.15 10:26:49 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.08.15 10:26:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.15 10:25:51 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Opera
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Opera
[2010.08.15 10:25:03 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.08.15 10:19:48 | 000,073,728 | ---- | C] (Razer Inc.) -- C:\Windows\System32\diamondback.cpl
[2010.08.15 10:19:44 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.08.15 10:19:44 | 000,000,000 | ---D | C] -- C:\Programme\Razer
[2010.08.15 10:19:17 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\InstallShield
[2010.08.15 10:09:59 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2010.08.15 10:09:32 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
[2010.08.15 10:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Malwarebytes
[2010.08.15 10:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.15 10:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.15 10:08:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.15 10:08:50 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple Computer
[2010.08.15 10:08:49 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Apple Computer
[2010.08.15 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.08.15 10:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.08.15 10:08:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Last.fm
[2010.08.15 10:08:00 | 000,000,000 | ---D | C] -- C:\Programme\Last.fm
[2010.08.15 10:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.08.15 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple
[2010.08.15 10:07:37 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Mozilla
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Mozilla
[2010.08.15 10:06:31 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.08.15 10:06:17 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.15 10:05:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Miranda Fusion
[2010.08.15 10:05:16 | 000,000,000 | ---D | C] -- C:\Programme\MirandaFusion
[2010.08.15 10:04:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010.08.15 10:03:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.08.15 10:01:22 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Documents\Runes of Magic
[2010.08.15 09:55:28 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Searches
[2010.08.15 09:55:28 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.08.15 09:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Identities
[2010.08.15 09:55:17 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Contacts
[2010.08.15 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\VirtualStore
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Temporary Internet Files
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Templates
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Start Menu
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\SendTo
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Recent
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\PrintHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\NetHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Videos
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Pictures
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Music
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\My Documents
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Local Settings
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\History
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Cookies
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Application Data
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Application Data
[2010.08.15 09:55:05 | 000,000,000 | --SD | C] -- C:\Users\Ceron\AppData\Roaming\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Videos
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Saved Games
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Pictures
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Music
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Links
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Favorites
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Downloads
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Documents
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Desktop
[2010.08.15 09:55:05 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\AppData
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Temp
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Media Center Programs
[2010.08.15 09:50:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.08.15 09:20:31 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.08.10 05:15:58 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:00 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:52:04 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:16:06 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:14:12 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
 
========== Files - Modified Within 30 Days ==========
 
[2010.08.31 21:43:18 | 001,310,720 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.31 20:33:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.31 20:33:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.31 20:28:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.31 20:28:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.31 20:27:53 | 1508,024,320 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.31 16:31:39 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 22:08:59 | 001,686,307 | -H-- | M] () -- C:\Users\Ceron\AppData\Local\IconCache.db
[2010.08.30 21:42:23 | 023,994,412 | ---- | M] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.29 21:41:57 | 002,375,827 | ---- | M] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 20:19:34 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010.08.29 18:36:16 | 000,002,963 | ---- | M] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:19:10 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.28 19:28:55 | 000,000,700 | ---- | M] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.28 01:11:06 | 000,000,600 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | M] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 20:07:33 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.25 19:45:16 | 000,062,952 | ---- | M] () -- C:\Users\Ceron\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.25 19:19:12 | 001,498,506 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.25 19:19:12 | 000,651,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.25 19:19:12 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.25 19:19:12 | 000,129,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.25 19:19:12 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.25 18:52:04 | 000,001,193 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:56 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.22 18:04:40 | 000,000,827 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.18 20:26:07 | 002,422,912 | ---- | M] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.08.15 19:27:53 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010.08.15 18:31:40 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 16:10:04 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:04 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | M] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | M] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:59:31 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 11:30:35 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 11:06:35 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 10:13:35 | 000,065,536 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 10:06:32 | 000,001,909 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | M] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | M] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:52:12 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2010.08.15 09:39:31 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.08.10 05:15:58 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:18 | 000,071,096 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:55:00 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:54:50 | 000,519,680 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.08.04 03:52:04 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:46:32 | 003,899,392 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2010.08.04 03:28:26 | 004,021,760 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:23:44 | 000,065,536 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2010.08.04 03:21:38 | 003,324,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2010.08.04 03:21:14 | 000,523,968 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2010.08.04 03:16:06 | 000,241,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:15:02 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.08.04 03:14:48 | 000,027,648 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.08.04 03:14:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
 
========== Files Created - No Company Name ==========
 
[2010.08.31 16:31:39 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 21:42:09 | 023,994,412 | ---- | C] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.29 21:41:57 | 002,375,827 | ---- | C] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 18:36:16 | 000,002,963 | ---- | C] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:19:09 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.28 19:28:55 | 000,000,700 | ---- | C] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.27 19:13:17 | 000,000,600 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | C] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 18:52:04 | 000,001,193 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.18 20:25:57 | 002,422,912 | ---- | C] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:53 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2010.08.15 18:31:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 18:29:05 | 1508,024,320 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.15 16:10:57 | 000,651,768 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.08.15 16:10:57 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:57 | 000,129,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.08.15 16:10:57 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | C] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 15:55:50 | 000,010,848 | ---- | C] () -- C:\Windows\System32\drivers\WinFlash.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | C] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:51:59 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 10:58:03 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.08.15 10:30:36 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 10:10:00 | 000,000,827 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.15 10:08:56 | 000,034,296 | ---- | C] () -- C:\Windows\System32\drivers\mbamcatchme.sys
[2010.08.15 10:06:32 | 000,001,909 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | C] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 09:55:06 | 000,262,144 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG1
[2010.08.15 09:55:06 | 000,065,536 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 09:55:06 | 000,000,290 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.08.15 09:55:06 | 000,000,272 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | C] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:55:06 | 000,000,000 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG2
[2010.08.15 09:55:05 | 001,310,720 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.15 09:52:12 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2010.08.15 09:20:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.08.15 09:20:32 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.08.04 03:55:18 | 000,071,096 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:21:14 | 000,523,968 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
< End of report >
         
--- --- ---

Alt 31.08.2010, 21:47   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Hast Du das Datei-Alter nicht auf 90 Tage oder höher gesetzt?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.08.2010, 21:57   #12
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



Hattest du mir nicht gesagt nur das abgeändert was du mir gesagt hast kann es ja mal auf maximal stellen und eben noch mal scannen.

Alt 31.08.2010, 22:02   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Internet Explorer und sein Eigenleben - Icon19

Internet Explorer und sein Eigenleben



Zitat:
Zitat von cosinus Beitrag anzeigen
Dann brauch ich jetzt ein frisches OTL.Log (OTL.txt) - mach also nen neuen Durchlauf, stell das Dateidatum auf min. 90 Tage
Ich zitier mich gern nochmal selbst
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.08.2010, 22:07   #14
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 31.08.2010 22:06:29 - Run 4
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 309,23 Gb Free Space | 66,39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Search Advisor\adgui.exe ()
PRC - C:\Programme\Opera\opera.exe (Opera Software)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\MirandaFusion\miranda32.exe ( )
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Gemeinsame Dateien\Logitech\LCD Manager\Applets\lcdsirreal267\LCDSirReal.exe ()
PRC - C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
PRC - C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\Applets\LCDPOP3.exe (Logitech Inc.)
PRC - C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
PRC - C:\Programme\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Ceron\Desktop\all\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (ATI Technologies, Inc.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (WINFLASH) -- C:\Program Files\U-ABIT\FlashMenu\WinFlash.sys ()
DRV - (Memctl) -- C:\Program Files\U-ABIT\FlashMenu\Memctl.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 47 21 53 4F 3C CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: support@predictad.com:1.11
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com [2010.08.29 13:35:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.06.29 21:37:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.07.01 18:09:42 | 000,000,000 | ---D | M]
 
[2010.08.15 10:06:35 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Extensions
[2010.08.31 16:35:30 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions
[2010.08.18 20:25:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.15 11:29:44 | 000,000,000 | ---D | M] -- C:\Users\Ceron\AppData\Roaming\mozilla\Firefox\Profiles\k8kwbqpc.default\extensions\gutscheinmieze@synatix-gmbh.de
[2010.03.24 16:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Mozilla\FireFox\Profiles\k8kwbqpc.default\searchplugins\conduit.xml
[2010.08.25 18:48:27 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.23 21:23:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.03.19 09:23:30 | 000,686,592 | ---- | M] (Synatix GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2008.03.15 15:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 20:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.08.15 11:29:44 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src
[2008.02.19 16:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 17:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2006.11.17 13:19:24 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Users\Ceron\AppData\Roaming\Gutscheinmieze\toolbar.dll (Synatix GmbH)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Diamondback] C:\Programme\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Common Files\Logitech\LCD Manager\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [ Malwarebytes Anti-Malware  (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Search Advisor] C:\Program Files\Search Advisor\adgui.exe ()
O4 - HKCU..\Run: [Steam] C:\Programme\Valve\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell - "" = AutoRun
O33 - MountPoints2\{e66ca9fb-a84f-11df-8f9f-00508dbc5e42}\Shell\AutoRun\command - "" = J:\steambackup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2010.08.31 16:32:38 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.08.31 16:31:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.08.30 21:47:31 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\Neuer Ordner
[2010.08.29 19:14:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\all
[2010.08.29 18:36:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010.08.29 18:24:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Avira
[2010.08.29 15:57:21 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.08.29 15:57:21 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.08.29 15:57:21 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.08.29 15:57:21 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.08.29 15:57:20 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.08.29 15:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.08.29 13:36:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WhiteSmokeTranslator
[2010.08.29 13:35:56 | 000,000,000 | ---D | C] -- C:\Program Files\AutocompletePro
[2010.08.29 13:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Search Advisor
[2010.08.29 13:35:45 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Web Player
[2010.08.28 19:32:33 | 000,208,896 | ---- | C] (www.mp3dev.org) -- C:\Windows\System\lame_enc.dll
[2010.08.28 15:26:42 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.08.28 15:26:42 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.08.28 15:26:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PX Storage Engine
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Winamp
[2010.08.28 15:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Winamp
[2010.08.28 09:48:39 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Desktop\beatmaker
[2010.08.28 09:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\BeatPack
[2010.08.27 19:28:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\WinRAR
[2010.08.27 19:28:47 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.08.27 19:13:14 | 000,000,000 | ---D | C] -- C:\Programme\WinSCP
[2010.08.25 20:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.08.25 18:51:46 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\OpenOffice.org
[2010.08.25 18:49:35 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010.08.25 18:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010.08.25 18:48:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.25 18:48:23 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.08.23 21:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.08.23 21:23:11 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:53 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.08.22 18:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm
[2010.08.18 20:29:54 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\iPhone Ringtones
[2010.08.18 20:25:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.08.18 20:25:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2010.08.18 20:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.08.18 19:15:34 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\iRinger
[2010.08.16 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Adobe
[2010.08.16 20:45:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.16 20:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.08.16 20:45:32 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.08.15 19:28:06 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.08.15 19:22:49 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010.08.15 18:32:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.08.15 18:29:56 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.08.15 16:21:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.08.15 16:19:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.08.15 16:18:57 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft Games
[2010.08.15 16:10:26 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\de-DE
[2010.08.15 16:10:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\0407
[2010.08.15 16:10:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\de
[2010.08.15 16:06:54 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volsnap.sys.mui
[2010.08.15 16:06:54 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbport.sys.mui
[2010.08.15 16:06:54 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbhub.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\de-DE\pscr.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vhdmp.sys.mui
[2010.08.15 16:06:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tpm.sys.mui
[2010.08.15 16:06:54 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\portcls.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\umbus.sys.mui
[2010.08.15 16:06:54 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serscan.sys.mui
[2010.08.15 16:06:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wd.sys.mui
[2010.08.15 16:06:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mpio.sys.mui
[2010.08.15 16:06:52 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\de-DE\yk62x86.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1y6032.sys.mui
[2010.08.15 16:06:52 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1e6032.sys.mui
[2010.08.15 16:06:52 | 000,022,016 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\E1G60I32.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1q6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e1k6032.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\k57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,013,312 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\b57nd60x.sys.mui
[2010.08.15 16:06:52 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\serial.sys.mui
[2010.08.15 16:06:52 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\i8042prt.sys.mui
[2010.08.15 16:06:52 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\msdsm.sys.mui
[2010.08.15 16:06:52 | 000,006,144 | ---- | C] (Broadcom Corporation) -- C:\Windows\System32\drivers\de-DE\bcm4sbxp.sys.mui
[2010.08.15 16:06:52 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\sermouse.sys.mui
[2010.08.15 16:06:52 | 000,005,120 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\de-DE\e100b325.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pcmcia.sys.mui
[2010.08.15 16:06:52 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouclass.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parport.sys.mui
[2010.08.15 16:06:52 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ataport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (VIA Technologies, Inc.              ) -- C:\Windows\System32\drivers\de-DE\getn62.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scsiport.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismpx.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rndismp6.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\parvdm.sys.mui
[2010.08.15 16:06:52 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mouhid.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vwifibus.sys.mui
[2010.08.15 16:06:52 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\MTConfig.sys.mui
[2010.08.15 16:06:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdide.sys.mui
[2010.08.15 16:06:51 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\afd.sys.mui
[2010.08.15 16:06:48 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bfe.dll.mui
[2010.08.15 16:06:48 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wdf01000.sys.mui
[2010.08.15 16:06:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ws2ifsl.sys.mui
[2010.08.15 16:06:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\usbrpm.sys.mui
[2010.08.15 16:06:46 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tcpip.sys.mui
[2010.08.15 16:06:46 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\tunnel.sys.mui
[2010.08.15 16:06:46 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\modem.sys.mui
[2010.08.15 16:06:44 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fvevol.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\srv.sys.mui
[2010.08.15 16:06:44 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\scfilter.sys.mui
[2010.08.15 16:06:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pacer.sys.mui
[2010.08.15 16:06:41 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\rdbss.sys.mui
[2010.08.15 16:06:41 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\RNDISMP.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\qwavedrv.sys.mui
[2010.08.15 16:06:41 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\partmgr.sys.mui
[2010.08.15 16:06:38 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ntfs.sys.mui
[2010.08.15 16:06:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndis.sys.mui
[2010.08.15 16:06:38 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\nwifi.sys.mui
[2010.08.15 16:06:38 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndisuio.sys.mui
[2010.08.15 16:06:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ndiscap.sys.mui
[2010.08.15 16:06:31 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mountmgr.sys.mui
[2010.08.15 16:06:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\luafv.sys.mui
[2010.08.15 16:06:30 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ipnat.sys.mui
[2010.08.15 16:06:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\http.sys.mui
[2010.08.15 16:06:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\fltmgr.sys.mui
[2010.08.15 16:06:27 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\volmgrx.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\viac7.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\processr.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\intelppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdppm.sys.mui
[2010.08.15 16:06:21 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\amdk8.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ohci1394.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\1394ohci.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerId.sys.mui
[2010.08.15 16:06:21 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrSerIb.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\acpi.sys.mui
[2010.08.15 16:06:21 | 000,010,752 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\de-DE\ltmdmnt.sys.mui
[2010.08.15 16:06:21 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\battc.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pci.sys.mui
[2010.08.15 16:06:21 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthport.sys.mui
[2010.08.15 16:06:21 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\IPMIDrv.sys.mui
[2010.08.15 16:06:21 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdclass.sys.mui
[2010.08.15 16:06:21 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthpan.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\wacompen.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\vdrvroot.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\isapnp.sys.mui
[2010.08.15 16:06:21 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hdaudbus.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\HdAudio.sys.mui
[2010.08.15 16:06:21 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\de-DE\atikmdag.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\mssmbios.sys.mui
[2010.08.15 16:06:21 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\hidbth.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\VIAAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\UAGP35.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\SISAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\pnpmem.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\NV_AGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\kbdhid.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\GAGP30KX.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\Dot4usb.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\BTHUSB.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AMDAGP.SYS.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\AGP440.sys.mui
[2010.08.15 16:06:21 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\de-DE\BrParwdm.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\disk.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\cdrom.sys.mui
[2010.08.15 16:06:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\de-DE\bthenum.sys.mui
[2010.08.15 15:55:00 | 000,000,000 | ---D | C] -- C:\Program Files\U-ABIT
[2010.08.15 15:41:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\GetRightToGo
[2010.08.15 14:58:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.08.15 14:58:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.08.15 14:58:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.08.15 14:54:37 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.08.15 14:53:25 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.08.15 14:53:25 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.08.15 14:53:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.15 14:53:15 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.15 14:53:15 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.15 14:53:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.08.15 14:53:15 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.08.15 14:53:15 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.15 14:53:14 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.15 14:53:14 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.15 14:53:14 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.15 14:53:14 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.08.15 14:52:58 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.15 14:52:52 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.08.15 14:52:52 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.08.15 14:52:52 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.08.15 14:52:50 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.08.15 14:52:49 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.08.15 14:52:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.08.15 14:52:49 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.08.15 14:52:49 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.08.15 14:52:44 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.08.15 14:52:44 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.08.15 14:52:44 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.08.15 14:52:43 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.08.15 14:52:42 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.08.15 14:52:40 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.08.15 14:52:40 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.08.15 14:52:40 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.08.15 14:52:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.08.15 14:52:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.08.15 14:52:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.08.15 14:52:40 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.08.15 14:52:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.08.15 14:52:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.08.15 14:52:34 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.08.15 14:52:33 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.08.15 14:52:32 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.08.15 14:52:32 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.08.15 14:52:32 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.15 14:52:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.15 14:52:29 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.08.15 14:52:29 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.08.15 14:52:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.08.15 13:02:03 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Square Enix
[2010.08.15 12:32:24 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.08.15 12:32:24 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.08.15 11:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2010.08.15 11:30:22 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010.08.15 11:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.08.15 11:29:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Gutscheinmieze
[2010.08.15 11:28:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\ATI
[2010.08.15 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\ATI
[2010.08.15 11:26:33 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.08.15 11:26:31 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.08.15 11:19:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.08.15 11:18:49 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.08.15 11:18:49 | 001,738,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2010.08.15 11:18:49 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.08.15 11:18:49 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.08.15 11:18:49 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.08.15 11:18:49 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.08.15 11:18:49 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.08.15 11:18:48 | 003,604,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.08.15 11:18:48 | 003,154,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.08.15 11:18:48 | 001,829,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.08.15 11:18:48 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.08.15 11:18:48 | 000,371,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.08.15 11:18:48 | 000,367,208 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.08.15 11:18:48 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.08.15 11:18:48 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.08.15 11:18:48 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2010.08.15 11:18:48 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.08.15 11:18:48 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.08.15 11:18:48 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.08.15 11:18:48 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.08.15 11:18:48 | 000,064,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.08.15 11:18:48 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.08.15 11:18:47 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.08.15 11:18:47 | 001,327,104 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.08.15 11:18:47 | 000,252,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.08.15 11:18:47 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.08.15 11:18:47 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.08.15 11:18:46 | 001,131,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2010.08.15 11:18:46 | 000,961,296 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2010.08.15 11:18:46 | 000,900,368 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2010.08.15 11:18:46 | 000,448,272 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2010.08.15 11:18:46 | 000,427,792 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2010.08.15 11:18:46 | 000,405,776 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2010.08.15 11:18:46 | 000,299,424 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.08.15 11:18:46 | 000,290,064 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2010.08.15 11:18:46 | 000,235,280 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2010.08.15 11:18:46 | 000,223,504 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2010.08.15 11:18:46 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.08.15 11:18:46 | 000,104,672 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.08.15 11:18:46 | 000,104,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.08.15 11:18:46 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.08.15 11:18:46 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.08.15 11:18:43 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.08.15 11:18:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Macromedia
[2010.08.15 11:10:45 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Adobe
[2010.08.15 11:10:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.08.15 11:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.08.15 10:58:57 | 001,073,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll
[2010.08.15 10:58:57 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2010.08.15 10:57:49 | 002,441,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwssr.dll
[2010.08.15 10:57:49 | 001,035,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvmfdx32.sys
[2010.08.15 10:57:49 | 000,356,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvunrm.exe
[2010.08.15 10:57:49 | 000,200,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\fdco1.dll
[2010.08.15 10:57:49 | 000,037,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvconrm.dll
[2010.08.15 10:57:48 | 001,522,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2010.08.15 10:57:47 | 000,229,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccs.dll
[2010.08.15 10:57:47 | 000,045,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccsrs.dll
[2010.08.15 10:57:43 | 001,074,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2010.08.15 10:57:43 | 000,036,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod100.dll
[2010.08.15 10:57:42 | 003,629,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvvitvsr.dll
[2010.08.15 10:57:41 | 002,854,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmoblsr.dll
[2010.08.15 10:57:41 | 000,458,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmccssr.dll
[2010.08.15 10:57:40 | 003,166,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgamesr.dll
[2010.08.15 10:57:39 | 005,509,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispsr.dll
[2010.08.15 10:57:32 | 000,490,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe
[2010.08.15 10:57:32 | 000,147,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcolor.exe
[2010.08.15 10:57:25 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:40:56 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Documents\Meine empfangenen Dateien
[2010.08.15 10:32:25 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.08.15 10:32:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\Tracing
[2010.08.15 10:31:10 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.08.15 10:30:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.08.15 10:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive
[2010.08.15 10:30:25 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\DAEMON Tools Lite
[2010.08.15 10:30:19 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.08.15 10:30:01 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.08.15 10:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010.08.15 10:26:49 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010.08.15 10:26:37 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.08.15 10:26:36 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.08.15 10:25:51 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Opera
[2010.08.15 10:25:13 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Opera
[2010.08.15 10:25:03 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.08.15 10:19:48 | 000,073,728 | ---- | C] (Razer Inc.) -- C:\Windows\System32\diamondback.cpl
[2010.08.15 10:19:44 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.08.15 10:19:44 | 000,000,000 | ---D | C] -- C:\Programme\Razer
[2010.08.15 10:19:17 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\InstallShield
[2010.08.15 10:09:59 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2010.08.15 10:09:32 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN
[2010.08.15 10:08:58 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Malwarebytes
[2010.08.15 10:08:56 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.08.15 10:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.15 10:08:55 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.15 10:08:50 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple Computer
[2010.08.15 10:08:49 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Apple Computer
[2010.08.15 10:08:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.08.15 10:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2010.08.15 10:08:10 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Last.fm
[2010.08.15 10:08:00 | 000,000,000 | ---D | C] -- C:\Programme\Last.fm
[2010.08.15 10:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.08.15 10:07:38 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Apple
[2010.08.15 10:07:37 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.08.15 10:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Mozilla
[2010.08.15 10:06:35 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Mozilla
[2010.08.15 10:06:31 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2010.08.15 10:06:17 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.08.15 10:05:19 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Miranda Fusion
[2010.08.15 10:05:16 | 000,000,000 | ---D | C] -- C:\Programme\MirandaFusion
[2010.08.15 10:04:15 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.08.15 10:04:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010.08.15 10:03:28 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.08.15 10:01:22 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Documents\Runes of Magic
[2010.08.15 09:55:28 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Searches
[2010.08.15 09:55:28 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.08.15 09:55:20 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Identities
[2010.08.15 09:55:17 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Contacts
[2010.08.15 09:55:07 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\VirtualStore
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Temporary Internet Files
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Templates
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Start Menu
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\SendTo
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Recent
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\PrintHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\NetHood
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Videos
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Pictures
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Documents\My Music
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\My Documents
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Local Settings
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\History
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Cookies
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\Application Data
[2010.08.15 09:55:06 | 000,000,000 | -HSD | C] -- C:\Users\Ceron\AppData\Local\Application Data
[2010.08.15 09:55:05 | 000,000,000 | --SD | C] -- C:\Users\Ceron\AppData\Roaming\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Videos
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Saved Games
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Pictures
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Music
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Links
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Favorites
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Downloads
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Documents
[2010.08.15 09:55:05 | 000,000,000 | R--D | C] -- C:\Users\Ceron\Desktop
[2010.08.15 09:55:05 | 000,000,000 | -H-D | C] -- C:\Users\Ceron\AppData
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Temp
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Local\Microsoft
[2010.08.15 09:55:05 | 000,000,000 | ---D | C] -- C:\Users\Ceron\AppData\Roaming\Media Center Programs
[2010.08.15 09:50:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.08.15 09:20:31 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.08.10 05:15:58 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:00 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:52:04 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | C] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | C] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:16:06 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:14:12 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.07.15 14:47:36 | 000,101,904 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtihdW73.sys
[2010.07.07 03:54:08 | 000,519,680 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.07.07 03:28:20 | 004,021,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2010.07.07 03:24:32 | 000,065,536 | ---- | C] (AMD) -- C:\Windows\System32\coinst.dll
[2010.07.07 03:23:14 | 003,324,416 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2010.07.07 03:14:58 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.07.07 03:14:44 | 000,027,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
 
========== Files - Modified Within 90 Days ==========
 
[2010.08.31 22:07:02 | 001,310,720 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.31 20:33:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.31 20:33:21 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.31 20:28:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.31 20:28:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.31 20:27:53 | 1508,024,320 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.31 16:31:39 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 22:08:59 | 001,686,307 | -H-- | M] () -- C:\Users\Ceron\AppData\Local\IconCache.db
[2010.08.30 21:42:23 | 023,994,412 | ---- | M] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.29 21:41:57 | 002,375,827 | ---- | M] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 20:19:34 | 000,001,152 | ---- | M] () -- C:\Windows\System32\mapisvc.inf
[2010.08.29 18:36:16 | 000,002,963 | ---- | M] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:19:10 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.28 19:28:55 | 000,000,700 | ---- | M] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.28 01:11:06 | 000,000,600 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | M] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 20:07:33 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.25 19:45:16 | 000,062,952 | ---- | M] () -- C:\Users\Ceron\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.25 19:19:12 | 001,498,506 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.08.25 19:19:12 | 000,651,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.08.25 19:19:12 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.08.25 19:19:12 | 000,129,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.08.25 19:19:12 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.08.25 18:52:04 | 000,001,193 | ---- | M] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.23 21:22:56 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.08.23 21:22:56 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.08.23 21:22:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.08.22 18:04:40 | 000,000,827 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.18 20:26:07 | 002,422,912 | ---- | M] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:54 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.08.15 19:27:53 | 000,000,355 | RHS- | M] () -- C:\Boot.ini.saved
[2010.08.15 18:31:40 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 16:10:04 | 000,295,922 | ---- | M] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:04 | 000,038,104 | ---- | M] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | M] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | M] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:59:31 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 11:30:35 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 11:06:35 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 10:13:35 | 000,524,288 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 10:13:35 | 000,065,536 | -HS- | M] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 10:06:32 | 000,001,909 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | M] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | M] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | M] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:52:12 | 000,171,136 | RHS- | M] () -- C:\w7ldr
[2010.08.15 09:39:31 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.08.10 05:15:58 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTimeVR.qtx
[2010.08.10 05:15:58 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\System32\QuickTime.qts
[2010.08.04 04:21:42 | 006,096,384 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\atikmdag.sys
[2010.08.04 03:55:18 | 000,071,096 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:55:00 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiapfxx.exe
[2010.08.04 03:54:50 | 000,519,680 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\aticfx32.dll
[2010.08.04 03:52:04 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\ATIDEMGX.dll
[2010.08.04 03:51:36 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2010.08.04 03:51:10 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2010.08.04 03:50:06 | 000,159,744 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2010.08.04 03:49:50 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\atipdlxx.dll
[2010.08.04 03:49:48 | 015,845,888 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atioglxx.dll
[2010.08.04 03:49:40 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\Oemdspif.dll
[2010.08.04 03:49:34 | 000,011,776 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2010.08.04 03:49:26 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\ati2edxx.dll
[2010.08.04 03:46:32 | 003,899,392 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atidxx32.dll
[2010.08.04 03:28:26 | 004,021,760 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\System32\atiumdag.dll
[2010.08.04 03:26:00 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalrt.dll
[2010.08.04 03:25:50 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticalcl.dll
[2010.08.04 03:24:34 | 004,341,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\System32\aticaldd.dll
[2010.08.04 03:23:44 | 000,065,536 | ---- | M] (AMD) -- C:\Windows\System32\coinst.dll
[2010.08.04 03:21:38 | 003,324,416 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiumdva.dll
[2010.08.04 03:21:14 | 000,523,968 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2010.08.04 03:16:06 | 000,241,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\atiadlxx.dll
[2010.08.04 03:15:54 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiglpxx.dll
[2010.08.04 03:15:48 | 000,016,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atigktxx.dll
[2010.08.04 03:15:28 | 000,214,016 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\System32\drivers\atikmpag.sys
[2010.08.04 03:15:02 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiuxpag.dll
[2010.08.04 03:14:48 | 000,027,648 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atiu9pag.dll
[2010.08.04 03:14:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\atimpc32.dll
[2010.08.04 03:09:22 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\System32\amdpcom32.dll
[2010.07.29 08:30:49 | 000,197,632 | ---- | M] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.07.29 08:30:34 | 000,082,944 | ---- | M] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.07.28 18:23:48 | 001,084,008 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.07.28 18:23:36 | 003,154,920 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.07.28 18:23:36 | 001,829,992 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.07.28 18:23:24 | 003,604,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.07.28 18:23:24 | 000,367,208 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.07.28 18:23:24 | 000,064,616 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.07.28 18:23:02 | 000,371,816 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2010.07.27 13:54:00 | 001,251,944 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.07.27 07:54:44 | 000,022,053 | ---- | M] () -- C:\Windows\atiogl.xml
[2010.07.22 16:48:38 | 000,214,352 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2010.07.22 16:48:32 | 000,068,944 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2010.07.22 16:48:26 | 000,074,064 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2010.07.22 16:37:26 | 000,175,200 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.07.15 14:47:36 | 000,101,904 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\System32\drivers\AtihdW73.sys
[2010.07.06 11:48:32 | 001,327,104 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2010.07.01 13:43:30 | 000,104,160 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2010.07.01 13:43:28 | 000,104,672 | ---- | M] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2010.07.01 13:43:24 | 000,104,672 | ---- | M] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2010.06.30 08:22:45 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.06.30 08:22:33 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.06.30 08:21:57 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.06.30 08:21:47 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.06.30 08:21:47 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.06.30 08:21:44 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.06.30 08:19:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.06.30 06:21:49 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.06.27 17:15:00 | 000,252,928 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2010.06.19 08:33:29 | 003,955,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.06.19 08:33:29 | 003,899,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.06.19 08:23:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.06.19 06:07:18 | 002,326,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.06.16 15:22:56 | 000,219,348 | ---- | M] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.16 00:28:58 | 000,002,857 | ---- | M] () -- C:\Windows\System32\atipblag.dat
 
========== Files Created - No Company Name ==========
 
[2010.08.31 16:31:39 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.30 21:42:09 | 023,994,412 | ---- | C] () -- C:\Users\Ceron\Desktop\cs.wav
[2010.08.29 21:41:57 | 002,375,827 | ---- | C] () -- C:\Users\Ceron\Desktop\Cs.bmkz
[2010.08.29 18:36:16 | 000,002,963 | ---- | C] () -- C:\Users\Ceron\Desktop\HiJackThis.lnk
[2010.08.29 18:19:09 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010.08.29 13:35:46 | 000,000,965 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Quick Web Player.lnk
[2010.08.28 19:28:55 | 000,000,700 | ---- | C] () -- C:\Users\Ceron\Desktop\Audacity.lnk
[2010.08.28 15:26:43 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.08.27 19:13:17 | 000,000,600 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\winscp.rnd
[2010.08.27 19:13:15 | 000,001,747 | ---- | C] () -- C:\Users\Ceron\Desktop\WinSCP.lnk
[2010.08.25 18:52:04 | 000,001,193 | ---- | C] () -- C:\Users\Ceron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
[2010.08.25 18:50:38 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.2.lnk
[2010.08.18 20:25:57 | 002,422,912 | ---- | C] () -- C:\Users\Ceron\Desktop\Portal Radio Tune _high quality.mp3
[2010.08.18 17:54:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.08.15 19:27:53 | 000,000,211 | -H-- | C] () -- C:\Boot.BAK
[2010.08.15 18:31:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.08.15 18:30:36 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.08.15 18:29:05 | 1508,024,320 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.15 16:10:57 | 000,651,768 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2010.08.15 16:10:57 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2010.08.15 16:10:57 | 000,129,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2010.08.15 16:10:57 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2010.08.15 15:56:41 | 000,044,646 | ---- | C] () -- C:\Windows\System32\FlashMenu.sys
[2010.08.15 15:55:50 | 000,010,848 | ---- | C] () -- C:\Windows\System32\drivers\WinFlash.sys
[2010.08.15 13:00:36 | 000,001,105 | ---- | C] () -- C:\Users\Ceron\Desktop\JustCause2 - Shortcut.lnk
[2010.08.15 11:51:59 | 000,000,832 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.15 10:58:03 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.08.15 10:30:36 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.08.15 10:10:00 | 000,000,827 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2010.08.15 10:08:56 | 000,034,296 | ---- | C] () -- C:\Windows\System32\drivers\mbamcatchme.sys
[2010.08.15 10:06:32 | 000,001,909 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.15 10:05:19 | 000,000,993 | ---- | C] () -- C:\Users\Ceron\Desktop\Miranda Fusion.lnk
[2010.08.15 09:56:06 | 000,001,407 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010.08.15 09:55:06 | 000,524,288 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010.08.15 09:55:06 | 000,262,144 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG1
[2010.08.15 09:55:06 | 000,065,536 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010.08.15 09:55:06 | 000,000,290 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.08.15 09:55:06 | 000,000,272 | ---- | C] () -- C:\Users\Ceron\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.08.15 09:55:06 | 000,000,020 | -HS- | C] () -- C:\Users\Ceron\ntuser.ini
[2010.08.15 09:55:06 | 000,000,000 | -HS- | C] () -- C:\Users\Ceron\ntuser.dat.LOG2
[2010.08.15 09:55:05 | 001,310,720 | -HS- | C] () -- C:\Users\Ceron\NTUSER.DAT
[2010.08.15 09:52:12 | 000,171,136 | RHS- | C] () -- C:\w7ldr
[2010.08.15 09:20:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.08.15 09:20:32 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.08.04 03:55:18 | 000,071,096 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2010.08.04 03:21:14 | 000,523,968 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2010.07.27 07:54:44 | 000,022,053 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.06.16 15:22:56 | 000,219,348 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
< End of report >
         
--- --- ---

Alt 31.08.2010, 22:09   #15
Ceron104
 
Internet Explorer und sein Eigenleben - Standard

Internet Explorer und sein Eigenleben



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 31.08.2010 22:06:29 - Run 4
OTL by OldTimer - Version 3.2.11.0     Folder = C:\Users\Ceron\Desktop\all
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 44,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 59,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,75 Gb Total Space | 309,23 Gb Free Space | 66,39% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 931,51 Gb Total Space | 111,75 Gb Free Space | 12,00% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: NEUTRINO
Current User Name: Ceron
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 90 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047E5F60-5357-43FB-A080-1912EB0132A4}" = FlashMenu
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{107DE62C-DACF-3204-9154-4BB24196E9AE}" = ccc-utility
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018F0}" = Java(TM) 6 Update 18
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3E354FBA-C7CE-402A-BB0D-225230BB1918}" = Logitech G15 Keyboard Software 1.04
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45CCC540-F869-A543-CA28-1CB92B7A2DB7}" = ccc-core-static
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50EDAEF4-760D-1C92-8E61-853D624EB601}" = Catalyst Control Center Graphics Previews Common
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{606BC780-101C-41DB-808D-4539BFA0774A}" = MobileMe Control Panel
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B5D55EB-7E74-04BA-215A-49612EAF6673}" = CCC Help English
"{6D482078-8D15-4FD3-B838-C7B49174650F}" = Opera 10.61
"{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}" = AMD Drag and Drop Transcoding
"{723166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Search Advisor
"{729166B3-1B80-4F9F-8D59-312A89633E0A}_is1" = Quick Web Player
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{85991ED2-010C-4930-96FA-52F43C2CE98A}" = Apple Mobile Device Support
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}" = iTunes
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.4 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20D402D-BBE3-C212-9B9E-07ECAFB4D3C0}" = ATI Catalyst Install Manager
"{F7E9794B-D60F-CDE4-CEB8-CE695180C179}" = Catalyst Control Center InstallProxy
"{FD9F3DED-B730-378A-7688-510148E67135}" = Catalyst Control Center Graphics Previews Vista
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"AutocompletePro2_is1" = AutocompletePro
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BeatPack" = BeatPack (0.9)
"CCleaner" = CCleaner (remove only)
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Gutscheinmieze - Toolbar" = Gutscheinmieze - Toolbar
"LastFM_is1" = Last.fm 1.5.4.24567
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MirandaFusion" = Miranda Fusion 2.0.8
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"NVIDIA Drivers" = NVIDIA Drivers
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 0.9.8a
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.08.2010 11:53:42 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7581
 
Error - 31.08.2010 11:53:42 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7581
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10093
 
Error - 31.08.2010 11:53:45 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10093
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 468: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 240: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 460: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 188: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
Error - 31.08.2010 14:26:29 | Computer Name = Neutrino | Source = Bonjour Service | ID = 100
Description = 456: ERROR: read_msg errno 10054 (An existing connection was forcibly
 closed by the remote host.)
 
[ System Events ]
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:45 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:46 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:47 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 15:22:48 | Computer Name = Neutrino | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
 lautet: 10.
 
Error - 30.08.2010 16:09:32 | Computer Name = Neutrino | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
 Status gemeldet: 32
 
Error - 31.08.2010 14:27:05 | Computer Name = Neutrino | Source = Service Control Manager | ID = 7016
Description = Der Dienst "NVIDIA Display Driver Service" hat einen ungültigen aktuellen
 Status gemeldet: 32
 
 
< End of report >
         
--- --- ---

Antwort

Themen zu Internet Explorer und sein Eigenleben
adobe, antivir, antivir guard, avg, avira, bho, bonjour, converter, desktop, eigenleben, explorer, hijack, hijackthis, internet, internet explorer, launch, local\temp, logfile, mp3, nvidia, object, realtek, rundll, software, system, temp, windows, öffnet, {dfefcdee-cf1a-4fc8-88ad-48514e463b27}



Ähnliche Themen: Internet Explorer und sein Eigenleben


  1. Windows 7 Internet Explorer langsam Internet Explorer reagiert lahm oder gar nicht
    Log-Analyse und Auswertung - 28.05.2014 (15)
  2. Windows 8.1 Lenovo Laptop und sein Eigenleben
    Log-Analyse und Auswertung - 26.04.2014 (3)
  3. Probleme mit internet explorer: C:\Programm files\Internet Explorer\iexplorer.exe ist keine Win 32 A
    Log-Analyse und Auswertung - 19.09.2011 (1)
  4. Avast Web Schutz verhindert Internet-Zugang über Firefox/Internet Explorer
    Antiviren-, Firewall- und andere Schutzprogramme - 27.05.2011 (7)
  5. Kann nur mit dem Internet Explorer ins Internet, Antivirenprogramm aktuallisiert sich nicht
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (11)
  6. Internet Explorer 2 x im Taskmanager und Internet-Explorer + System furchtbar langsam
    Log-Analyse und Auswertung - 24.09.2010 (7)
  7. Internet Explorer und Firefox kommen nicht ins Internet
    Plagegeister aller Art und deren Bekämpfung - 16.06.2010 (71)
  8. Mein Internet-Explorer hat ein Eigenleben
    Log-Analyse und Auswertung - 23.09.2009 (1)
  9. Eigenleben
    Plagegeister aller Art und deren Bekämpfung - 03.07.2009 (4)
  10. internet geht zäh, internet windows explorer spinnt
    Log-Analyse und Auswertung - 20.11.2008 (20)
  11. Nach Windows Update Internet Explorer schließt sich nach dem öffen kann es sein ?
    Log-Analyse und Auswertung - 15.12.2007 (3)
  12. Eigenleben
    Log-Analyse und Auswertung - 15.07.2007 (8)
  13. GData Internet Security 2007 und installiert und der Internet Explorer läuft nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 25.01.2007 (1)
  14. hijackthis wg. Eigenleben vom IE
    Log-Analyse und Auswertung - 31.05.2006 (3)
  15. iexplore.exe (NICHT Internet Explorer) versucht auf das Internet zuzugreifen!
    Plagegeister aller Art und deren Bekämpfung - 11.04.2006 (12)
  16. Nerviges Eigenleben....!
    Log-Analyse und Auswertung - 31.01.2006 (10)
  17. Es muss nicht unbedingt der Internet Explorer sein.
    Alles rund um Windows - 09.10.2004 (13)

Zum Thema Internet Explorer und sein Eigenleben - Guten Abend haben ein kleines Porblem mein Internet Explorer öffnet permanent irgend welche Werbeseiten. Haben mich schon ein wenig umgeguckt nur leider nichts passendes gefunden desewgen versuche ich es nun - Internet Explorer und sein Eigenleben...
Archiv
Du betrachtest: Internet Explorer und sein Eigenleben auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.