HjackThis LOgfile
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:44:08, on 16.04.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\program files\avira\antivir desktop\avscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msi.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
--
End of file - 5501 bytes
das ist der logfile...
jetzt habe ich noch mal mit Oldtimer noch 2 logs gemacht. Code:
OTL logfile created on: 4/16/2010 11:46:34 PM - Run 1
OTL by OldTimer - Version 3.2.1.1 Folder = C:\Users\*********\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 57.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 182.30 Gb Total Space | 152.22 Gb Free Space | 83.50% Space Free | Partition Type: NTFS
Drive D: | 273.46 Gb Total Space | 232.64 Gb Free Space | 85.07% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: C**********
Current User Name: C**********
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\*********\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Trend Micro\HijackThis\HijackThis.exe (Trend Micro Inc.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\program files\avira\antivir desktop\avscan.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG)
========== Modules (SafeList) ==========
MOD - C:\Users\*********\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirMailService) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Micro Star SCM) -- C:\Program Files\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\FABS.exe (MAGIX AG)
SRV - (UPnPService) -- C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (Magix AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Shared\Database2\bin\fbserver.exe (MAGIX®)
========== Driver Services (SafeList) ==========
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (netr28) -- C:\Windows\System32\drivers\netr28.sys (Ralink Technology, Corp.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\system32\DRIVERS\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (HidBatt) -- C:\Windows\system32\DRIVERS\HidBatt.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RTL8187Se) -- C:\Windows\System32\drivers\RTL8187Se.sys (Realtek Semiconductor Corporation )
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (toshidpt) -- C:\Windows\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\system32\DRIVERS\tosporte.sys (TOSHIBA Corporation)
DRV - (enecirhid) -- C:\Windows\system32\DRIVERS\enecirhid.sys (ENE TECHNOLOGY INC.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RSUSBSTOR) -- C:\Windows\System32\Drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (enecirhidma) -- C:\Windows\system32\DRIVERS\enecirhidma.sys (ENE TECHNOLOGY INC.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msi.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/04/02 17:09:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/16 23:09:45 | 000,000,000 | ---D | M]
[2010/03/30 23:37:16 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\mozilla\Extensions
[2010/04/16 23:17:05 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\1fa495pj.default\extensions
[2010/04/14 21:02:10 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010/03/16 20:28:04 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/03/16 20:28:04 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010/03/16 20:28:04 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/03/16 20:28:04 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/03/16 20:28:04 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/04/16 23:38:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/04/16 23:07:41 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010/04/16 16:51:27 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/04/16 16:49:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Expression
[2010/04/14 21:06:07 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\SWiSH Max3
[2010/04/14 21:00:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SWiSHzone.com
[2010/04/14 20:10:41 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010/04/14 20:10:40 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010/04/14 20:10:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010/04/13 21:34:24 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\ManyCam
[2010/04/13 19:52:11 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
[2010/04/13 19:44:21 | 000,000,000 | ---D | C] -- C:\Users\********\Documents\Visual Studio 2008
[2010/04/13 00:20:32 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010/04/13 00:20:09 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010/04/13 00:19:48 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010/04/13 00:19:27 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010/04/13 00:19:03 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/04/13 00:18:34 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/04/12 19:20:53 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\MAGIX
[2010/04/12 19:20:49 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Xara
[2010/04/12 19:19:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2010/04/11 19:46:02 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Nvu
[2010/04/11 19:45:15 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu
[2010/04/11 19:18:02 | 000,000,000 | ---D | C] -- C:\Windows\PreviewSoft
[2010/04/11 19:17:48 | 000,000,000 | ---D | C] -- C:\Windows\Noslip
[2010/04/08 22:55:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\FreeFixer
[2010/04/08 22:55:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\FreeFixer
[2010/04/08 22:02:57 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\DVDVideoSoft
[2010/04/08 22:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010/04/08 22:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010/04/08 21:35:03 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_MusicMakerHipHopEdition2
[2010/04/08 21:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2010/04/08 21:27:45 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\System32\rewire.dll
[2010/04/08 21:27:43 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\Image-Line
[2010/04/08 21:27:30 | 001,554,944 | ---- | C] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) -- C:\Windows\System32\vorbis.acm
[2010/04/08 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugins
[2010/04/08 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files\Outsim
[2010/04/08 21:24:33 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2010/04/08 01:58:10 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\ManyCam
[2010/04/04 02:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010/04/03 01:03:50 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_Screenshare
[2010/04/03 01:03:09 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_Speed2_burnR_mxcdr
[2010/04/03 01:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\xara
[2010/04/03 01:02:40 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4r.dll
[2010/04/03 01:02:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010/04/03 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2010/04/03 01:02:38 | 000,913,408 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe
[2010/04/03 01:02:38 | 000,644,384 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll
[2010/04/03 01:02:38 | 000,202,016 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll
[2010/04/03 01:02:38 | 000,173,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll
[2010/04/03 01:02:38 | 000,161,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll
[2010/04/03 01:02:38 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll
[2010/04/03 01:02:38 | 000,111,904 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll
[2010/04/03 01:02:38 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll
[2010/04/03 01:02:38 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll
[2010/04/03 01:02:38 | 000,058,656 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll
[2010/04/03 01:02:38 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll
[2010/04/03 01:02:38 | 000,054,560 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll
[2010/04/03 01:02:38 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll
[2010/04/03 01:02:38 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll
[2010/04/03 01:02:38 | 000,042,272 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll
[2010/04/03 01:02:38 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll
[2010/04/03 01:02:38 | 000,038,176 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll
[2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll
[2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll
[2010/04/03 01:02:38 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll
[2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll
[2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll
[2010/04/03 01:02:38 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll
[2010/04/03 01:02:18 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\MAGIX_MP3_Maker_15_Download-Version
[2010/04/03 01:02:18 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2010/04/03 01:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\MAGIX
[2010/04/03 01:01:47 | 000,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll
[2010/04/03 01:01:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\MAGIX
[2010/04/02 18:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2010/04/02 18:08:19 | 000,000,000 | ---D | C] -- C:\Program Files\PhotoScape
[2010/04/01 18:00:16 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/03/31 18:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Pixelan
[2010/03/31 17:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2010/03/31 17:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010/03/31 13:27:01 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/03/31 13:27:01 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/03/31 13:27:01 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/03/30 23:39:26 | 000,000,000 | ---D | C] -- C:\Users\********\Tracing
[2010/03/30 23:38:52 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Macromedia
[2010/03/30 23:38:52 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Adobe
[2010/03/30 23:36:55 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Local\Mozilla
[2010/03/30 23:19:13 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\Avira
[2010/03/30 20:24:05 | 000,000,000 | ---D | C] -- C:\Users\********\AppData\Roaming\TeamViewer
[2010/03/30 20:23:51 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010/03/30 19:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/03/30 19:09:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/30 19:09:42 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/03/30 19:09:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/03/30 19:09:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/03/30 19:03:12 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ElevatedDiagnostics
[2010/03/30 05:07:36 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010/03/30 02:13:33 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\vlc
[2010/03/30 01:22:47 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010/03/30 00:04:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/03/30 00:03:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010/03/29 23:50:29 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deploytk.dll
[2010/03/29 23:39:07 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010/03/29 23:37:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010/03/29 23:37:00 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010/03/29 23:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\FlashFXP
[2010/03/29 23:25:38 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Microsoft Help
[2010/03/29 23:18:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/03/29 23:14:33 | 000,000,000 | ---D | C] -- C:\Users\*********\Documents\HyperCam3
[2010/03/29 23:07:42 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Mozilla
[2010/03/29 22:56:53 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010/03/29 22:56:52 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010/03/29 22:56:52 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010/03/29 22:56:52 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010/03/29 22:49:39 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010/03/29 22:49:39 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010/03/29 22:49:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010/03/29 22:49:38 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010/03/29 22:47:44 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/03/29 22:47:40 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010/03/29 22:47:40 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010/03/29 22:47:40 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010/03/29 22:47:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010/03/29 22:47:40 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010/03/29 22:47:40 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010/03/29 22:47:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010/03/29 22:47:40 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010/03/29 22:47:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010/03/29 22:47:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/03/29 22:47:34 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010/03/29 22:47:34 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/03/29 22:47:34 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/03/29 22:47:34 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/03/29 22:47:33 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010/03/29 22:47:33 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010/03/29 22:41:42 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010/03/29 22:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\Fake Webcam
[2010/03/29 22:15:42 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010/03/29 22:15:41 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010/03/29 22:15:41 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010/03/29 22:15:41 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010/03/29 22:15:41 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010/03/29 22:15:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010/03/29 22:15:41 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2010/03/29 22:14:51 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/03/29 22:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010/03/29 22:13:35 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/03/29 22:13:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010/03/29 22:13:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/03/29 22:04:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010/03/29 21:36:23 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010/03/29 21:34:44 | 000,181,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/03/29 21:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Toshiba
[2010/03/29 21:29:35 | 000,059,904 | ---- | C] (ENE TECHNOLOGY INC.) -- C:\Windows\System32\drivers\enecir.sys
[2010/03/29 21:20:55 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2010/03/29 21:20:28 | 000,722,720 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr28.sys
[2010/03/29 21:20:28 | 000,226,592 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2010/03/29 20:21:38 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Toshiba
[2010/03/29 20:21:30 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ArcSoft
[2010/03/29 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\ATI
[2010/03/29 20:21:15 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\ATI
[2010/03/29 20:21:14 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\ArcSoft
[2010/03/29 20:20:51 | 000,000,000 | R--D | C] -- C:\Users\*********\Searches
[2010/03/29 20:20:43 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Identities
[2010/03/29 20:20:41 | 000,000,000 | R--D | C] -- C:\Users\*********\Contacts
[2010/03/29 20:18:18 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\VirtualStore
[2010/03/29 20:18:16 | 000,000,000 | --SD | C] -- C:\Users\*********\AppData\Roaming\Microsoft
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Videos
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Saved Games
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Pictures
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Music
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Links
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Favorites
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Downloads
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Documents
[2010/03/29 20:18:16 | 000,000,000 | R--D | C] -- C:\Users\*********\Desktop
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Vorlagen
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Verlauf
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Temporary Internet Files
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Startmenü
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\SendTo
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Recent
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Netzwerkumgebung
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Lokale Einstellungen
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Videos
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Musik
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Eigene Dateien
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Documents\Eigene Bilder
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Druckumgebung
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Cookies
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\AppData\Local\Anwendungsdaten
[2010/03/29 20:18:16 | 000,000,000 | -HSD | C] -- C:\Users\*********\Anwendungsdaten
[2010/03/29 20:18:16 | 000,000,000 | -H-D | C] -- C:\Users\*********\AppData
[2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Temp
[2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Local\Microsoft
[2010/03/29 20:18:16 | 000,000,000 | ---D | C] -- C:\Users\*********\AppData\Roaming\Media Center Programs
[2010/03/29 20:16:07 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010/03/29 20:15:42 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
========== Files - Modified Within 30 Days ==========
[2010/04/16 23:49:07 | 001,835,008 | -HS- | M] () -- C:\Users\**********\NTUSER.DAT
[2010/04/16 23:38:34 | 000,002,053 | ---- | M] () -- C:\Users\**********\Desktop\HijackThis.lnk
[2010/04/16 23:24:22 | 000,083,568 | ---- | M] () -- C:\Users\**********\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/16 23:22:23 | 002,045,611 | -H-- | M] () -- C:\Users\C*********\AppData\Local\IconCache.db
[2010/04/16 23:15:50 | 000,000,009 | ---- | M] () -- C:\Windows\ULEAD32.INI
[2010/04/16 23:15:48 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 23:15:48 | 000,017,376 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/16 23:07:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/16 23:07:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/16 23:07:30 | 2415,419,392 | -HS- | M] () -- C:\hiberfil.sys
[2010/04/14 21:39:08 | 000,684,954 | ---- | M] () -- C:\Windows\System32\perfh00C.dat
[2010/04/14 21:39:08 | 000,684,000 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2010/04/14 21:39:08 | 000,680,010 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2010/04/14 21:39:08 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010/04/14 21:39:08 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/04/14 21:39:08 | 000,133,704 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2010/04/14 21:39:08 | 000,127,070 | ---- | M] () -- C:\Windows\System32\perfc00C.dat
[2010/04/14 21:39:08 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010/04/14 21:39:08 | 000,124,006 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2010/04/14 21:39:08 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/04/14 21:30:43 | 000,000,020 | ---- | M] () -- C:\Windows\8ô~
[2010/04/13 22:51:42 | 000,338,024 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/04/13 19:52:12 | 004,400,552 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/04/11 19:45:23 | 000,000,865 | ---- | M] () -- C:\Users\*********\Desktop\Nvu.lnk
[2010/04/08 22:03:03 | 000,001,211 | ---- | M] () -- C:\Users\*********\Desktop\DVDVideoSoft Free Studio.lnk
[2010/04/08 21:45:00 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2010/04/08 21:35:32 | 000,001,212 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker Hip Hop Edition 2.lnk
[2010/04/08 21:28:49 | 000,001,110 | ---- | M] () -- C:\Users\*********\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/04/08 21:27:44 | 000,001,111 | ---- | M] () -- C:\Users\*********\Desktop\FL Studio 9.lnk
[2010/04/05 14:20:12 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000002.regtrans-ms
[2010/04/05 14:20:12 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000001.regtrans-ms
[2010/04/05 14:20:12 | 000,065,536 | -HS- | M] () -- C:\Users\********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TM.blf
[2010/04/03 21:53:24 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/04/02 18:08:42 | 000,001,003 | ---- | M] () -- C:\Users\*********\Desktop\PhotoScape.lnk
[2010/03/31 18:01:06 | 000,002,532 | ---- | M] () -- C:\Users\*********\Documents\Vegas Pro registrieren.htm
[2010/03/30 22:47:32 | 000,007,652 | ---- | M] () -- C:\Users\*********\AppData\Local\Resmon.ResmonCfg
[2010/03/30 05:15:36 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010/03/30 01:23:01 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/03/30 00:03:42 | 000,001,845 | ---- | M] () -- C:\Users\*********\Desktop\CCleaner.lnk
[2010/03/29 23:48:59 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000002.regtrans-ms
[2010/03/29 23:48:59 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000001.regtrans-ms
[2010/03/29 23:48:59 | 000,065,536 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TM.blf
[2010/03/29 23:21:05 | 000,003,584 | ---- | M] () -- C:\Users\*********\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 22:16:01 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/03/29 22:14:35 | 000,000,020 | ---- | M] () -- C:\Windows\4úy
[2010/03/29 21:36:25 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/29 20:25:42 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/29 20:25:42 | 000,524,288 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/29 20:25:42 | 000,065,536 | -HS- | M] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/29 20:18:16 | 000,000,020 | -HS- | M] () -- C:\Users\*********\ntuser.ini
========== Files Created - No Company Name ==========
[2010/04/16 23:38:34 | 000,002,053 | ---- | C] () -- C:\Users\*********\Desktop\HijackThis.lnk
[2010/04/14 21:30:43 | 000,000,020 | ---- | C] () -- C:\Windows\8ô~
[2010/04/11 19:45:23 | 000,000,865 | ---- | C] () -- C:\Users\*********\Desktop\Nvu.lnk
[2010/04/11 19:17:57 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2010/04/08 22:02:59 | 000,001,211 | ---- | C] () -- C:\Users\*********\Desktop\DVDVideoSoft Free Studio.lnk
[2010/04/08 21:35:47 | 000,049,152 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2010/04/08 21:35:32 | 000,001,212 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker Hip Hop Edition 2.lnk
[2010/04/08 21:28:49 | 000,001,110 | ---- | C] () -- C:\Users\*********\Desktop\ASIO4ALL v2 Instruction Manual.lnk
[2010/04/08 21:27:44 | 000,001,111 | ---- | C] () -- C:\Users\*********\Desktop\FL Studio 9.lnk
[2010/04/05 14:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000002.regtrans-ms
[2010/04/05 14:20:11 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TMContainer00000000000000000001.regtrans-ms
[2010/04/05 14:20:11 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{e93898dd-40a8-11df-a95c-406186130e20}.TM.blf
[2010/04/03 21:53:24 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010/04/03 01:02:38 | 000,014,182 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib
[2010/04/03 01:02:04 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010/04/03 01:01:47 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/04/02 18:08:42 | 000,001,003 | ---- | C] () -- C:\Users\*********\Desktop\PhotoScape.lnk
[2010/03/31 17:59:16 | 000,002,532 | ---- | C] () -- C:\Users\*********\Documents\Vegas Pro registrieren.htm
[2010/03/30 22:47:32 | 000,007,652 | ---- | C] () -- C:\Users\*********\AppData\Local\Resmon.ResmonCfg
[2010/03/30 05:07:36 | 2415,419,392 | -HS- | C] () -- C:\hiberfil.sys
[2010/03/30 01:23:01 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010/03/30 00:03:42 | 000,001,845 | ---- | C] () -- C:\Users\*********\Desktop\CCleaner.lnk
[2010/03/29 23:48:58 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000002.regtrans-ms
[2010/03/29 23:48:58 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TMContainer00000000000000000001.regtrans-ms
[2010/03/29 23:48:58 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{0426df4c-3b7c-11df-a3ab-406186130e20}.TM.blf
[2010/03/29 23:21:05 | 000,003,584 | ---- | C] () -- C:\Users\*********\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/29 22:16:01 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010/03/29 22:14:35 | 000,000,020 | ---- | C] () -- C:\Windows\4úy
[2010/03/29 21:36:25 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/29 21:20:28 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2010/03/29 20:18:16 | 001,835,008 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT
[2010/03/29 20:18:16 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/03/29 20:18:16 | 000,524,288 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/03/29 20:18:16 | 000,262,144 | -HS- | C] () -- C:\Users\*********\ntuser.dat.LOG1
[2010/03/29 20:18:16 | 000,065,536 | -HS- | C] () -- C:\Users\*********\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/03/29 20:18:16 | 000,000,020 | -HS- | C] () -- C:\Users\*********\ntuser.ini
[2010/03/29 20:18:16 | 000,000,000 | -HS- | C] () -- C:\Users\*********\ntuser.dat.LOG2
[2009/07/14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
< End of report >
würde mich wirklich freuen wenn man es mal checken könnte, obs sich dabei waas ergibt halt ob mein system sauber ist :D
danke im vorraus für di ebemühung :D
& ist es normal das bei mir 53 bis 60 prozesse am laufen sind oder angezeigt wird ?
erkkennt man das in den logfiles ?
harun |
