| wake0071 | 27.04.2011 20:58 |
PC Stürzt ab nach einer gewissen Zeit
Hallo seit ein paar Tagen stürzt mein Pc dauernd ab
OTL Logfile: Code:
OTL Extras logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{126AFB8B-0D6E-4E51-B5E6-DB2DDE7E91F3}" = rport=137 | protocol=17 | dir=out | app=system |
"{1DFB3C89-F4F0-41BA-99F9-AF0E01086FB8}" = lport=139 | protocol=6 | dir=in | app=system |
"{30F29941-2CB2-4B05-BAB1-C662BF63DBBA}" = rport=138 | protocol=17 | dir=out | app=system |
"{32FEA5DB-C27D-41B7-8589-CF4C3F23FB4B}" = lport=445 | protocol=6 | dir=in | app=system |
"{46717E7C-DC95-46E5-8C3D-054371B4F0D5}" = lport=138 | protocol=17 | dir=in | app=system |
"{5342E541-827F-4A52-A5E6-46E3864AD691}" = rport=139 | protocol=6 | dir=out | app=system |
"{63A4D43D-CB1A-4C90-8DC3-DE217E7E1559}" = lport=137 | protocol=17 | dir=in | app=system |
"{7E3DF5A7-DA12-4FB4-A19E-276E2A860C55}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C277255D-A5F5-4FF6-959C-87F9C35A5BEC}" = rport=445 | protocol=6 | dir=out | app=system |
"{C5C0B8C2-0662-4D7F-840B-B53BE9CCC578}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EBFFFD17-1ED9-450D-9F68-2B868849B4AC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F4479F38-C417-4285-914A-B53780E22835}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3735044E-1CD7-40A2-933C-545FBF4A67C6}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{43B94363-9C98-4EDD-AB83-6D01153E932B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4B71E128-35CF-4359-8A65-52376DDF1FE7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{63CD2225-6A3D-4FB6-920C-827FE455BBFF}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{734637E9-B3DC-420F-AC99-EE3D2EA566A3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7B5BFA0B-1126-4C20-984E-B506B25C1E3E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A767BE8D-D9AF-403E-B58B-88C3889AA7BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF7F13EE-8AF8-4727-887B-29645CE7D01D}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{C6457A00-22C3-4700-8BD1-6D85DD2998EB}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{F9FA553F-FA51-4183-9E88-9C54905D46EA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FF20A27C-A07A-4E28-96DC-F805003F3B08}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"TCP Query User{1A6A8C30-EFBF-4FCD-8D86-2D7016B6224F}C:\program files\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"UDP Query User{A88ACFF6-A421-4D7E-8D34-5781DB48ABD1}C:\program files\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{185C9D5C-DF96-49D2-9059-188F0DAC4921}" = Heyer's Karten-Studio 2
"{1C8521E5-5A7B-4A4E-A9CD-AD53116EAEE0}" = ASUS Data Security Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 24
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}" = ATK Hotkey
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}" = ATKOSD2
"{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X (10.0.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ERUNT_is1" = ERUNT 1.1j
"flunatic_is1" = flunatic 1.2
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"ICQToolbar" = ICQ Toolbar
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"orgaMAX_is1" = orgaMAX Business Software
"Rechnung3" = Softwarenetz Rechnung3
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.1.9
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 29.03.2011 14:44:21 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 30.03.2011 10:13:06 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.04.2011 08:25:36 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.04.2011 10:01:42 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.04.2011 11:55:25 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.04.2011 17:14:53 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.04.2011 09:37:32 | Computer Name = Rouven-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SynTPEnh.exe, Version 10.1.8.0, Zeitstempel
0x47589ff7, fehlerhaftes Modul SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 0x47589ff7,
Ausnahmecode 0xc0000409, Fehleroffset 0x0002975c, Prozess-ID 0x81c, Anwendungsstartzeit
01cc01fb5416cba7.
Error - 26.04.2011 10:30:29 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.04.2011 02:18:39 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
Error - 27.04.2011 14:42:52 | Computer Name = Rouven-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 20.04.2011 05:07:44 | Computer Name = Rouven-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 20.04.2011 11:22:56 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description =
Error - 20.04.2011 13:06:37 | Computer Name = Rouven-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 20.04.2011 um 17:51:28 unerwartet heruntergefahren.
Error - 20.04.2011 13:06:39 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description =
Error - 20.04.2011 13:12:09 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 20.04.2011 13:45:44 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description =
Error - 20.04.2011 14:47:59 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description =
Error - 20.04.2011 15:14:58 | Computer Name = Rouven-PC | Source = Service Control Manager | ID = 7043
Description =
Error - 20.04.2011 20:03:14 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description =
Error - 21.04.2011 03:38:17 | Computer Name = Rouven-PC | Source = HTTP | ID = 15016
Description =
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 27.04.2011 21:52:10 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Rouven\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 178,85 Gb Total Space | 150,76 Gb Free Space | 84,29% Space Free | Partition Type: NTFS
Drive D: | 119,23 Gb Total Space | 119,14 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
Computer Name: ROUVEN-PC | User Name: Rouven | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKOSD2\ATKOSD2.exe ()
PRC - C:\Program Files\ATK Hotkey\Hcontrol.exe (ATK0100)
PRC - C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
PRC - C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
PRC - C:\Program Files\ATK Hotkey\WDC.exe ()
PRC - C:\Program Files\ATK Hotkey\KBFiltr.exe ()
PRC - C:\Program Files\ATK Hotkey\ATKOSD.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
PRC - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Rouven\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (ASLDRService) -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (ADSMService) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe ()
========== Driver Services (SafeList) ==========
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NETw3v32) Intel(R) -- C:\Windows\System32\drivers\NETw3v32.sys (Intel Corporation)
DRV - (AtcL001) -- C:\Windows\System32\drivers\l160x86.sys (Atheros Communications, Inc.)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (AsDsm) -- C:\Windows\System32\drivers\AsDsm.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys ()
DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( )
DRV - (Asushwio) -- C:\Windows\System32\drivers\Asushwio.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.icq.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.27 21:52:49 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Malwarebytes
[2011.04.27 21:52:36 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.27 21:52:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.27 21:52:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.27 21:52:30 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.27 21:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.04.27 21:44:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2011.04.27 21:44:19 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2011.04.27 21:34:41 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:34:41 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:34:41 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 18:23:06 | 000,181,344 | ---- | C] (SoftwareNetz) -- C:\Windows\snui.exe
[2011.04.27 18:23:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareNetz
[2011.04.27 18:23:05 | 000,000,000 | ---D | C] -- C:\Softwarenetz
[2011.04.27 18:13:19 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 18:13:16 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.27 17:53:46 | 004,292,096 | ---- | C] (dimastr.com) -- C:\Windows\System32\redemption.dll
[2011.04.27 17:53:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\orgaMAX Business Software
[2011.04.27 17:53:43 | 000,297,472 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\midas.dll
[2011.04.27 17:51:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\deltra Software GmbH
[2011.04.27 17:51:48 | 004,082,688 | ---- | C] (Borland Software Corporation) -- C:\Windows\System32\qtintf70.dll
[2011.04.27 17:51:46 | 000,000,000 | ---D | C] -- C:\orgaMAX
[2011.04.27 17:34:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Desktop\Heimfrost
[2011.04.23 19:17:29 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Brother
[2011.04.23 19:09:45 | 000,000,000 | ---D | C] -- C:\HKS-Daten
[2011.04.23 19:09:42 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\B+P Heyer
[2011.04.23 19:09:33 | 000,000,000 | ---D | C] -- C:\ProgramData\B+P Heyer
[2011.04.23 19:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heyer's Karten-Studio
[2011.04.23 19:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\BPH
[2011.04.21 16:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\flunatic
[2011.04.21 16:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\flunatic
[2011.04.21 09:48:55 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.21 09:48:54 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.21 09:48:54 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.04.21 09:48:54 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.21 09:48:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.21 09:48:54 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.21 09:48:54 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.21 09:48:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.21 09:48:54 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.21 09:48:54 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.21 09:48:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.21 09:48:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.21 09:48:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.21 09:48:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.21 09:48:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.21 09:48:54 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.21 09:48:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.21 09:48:52 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.21 09:48:52 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.20 21:12:56 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2011.04.20 19:36:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Adobe
[2011.04.20 19:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.04.20 19:33:58 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2011.04.20 19:33:58 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2011.04.20 19:33:57 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2011.04.20 19:33:56 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2011.04.20 19:33:56 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2011.04.20 19:33:56 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2011.04.20 19:33:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2011.04.20 19:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2011.04.20 19:29:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2011.04.20 17:37:30 | 000,094,208 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll
[2011.04.20 17:37:30 | 000,057,856 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\System32\brinsstr.dll
[2011.04.20 17:37:30 | 000,016,384 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll
[2011.04.20 17:37:30 | 000,012,288 | R--- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll
[2011.04.20 17:37:28 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll
[2011.04.20 17:37:22 | 000,163,840 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll
[2011.04.20 17:37:22 | 000,131,072 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\brunin03.dll
[2011.04.20 17:37:22 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\4.0
[2011.04.20 10:43:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\.tfo4
[2011.04.20 10:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.20 10:41:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011.04.20 10:37:56 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:55 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:55 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:37:16 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.04.20 10:30:11 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\vlc
[2011.04.20 10:28:24 | 000,218,688 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:15 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2011.04.20 10:28:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.04.20 10:28:12 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 10:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.04.20 10:24:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.20 10:24:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2011.04.20 10:17:56 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.20 10:17:55 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2011.04.20 10:16:39 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.04.20 10:15:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.04.20 10:15:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.04.20 10:15:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.04.20 10:12:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.04.20 09:32:23 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\ICQ
[2011.04.20 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.04.20 09:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011.04.20 09:23:27 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.20 09:23:24 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\DVDVideoSoft
[2011.04.20 09:23:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2011.04.20 09:23:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.20 09:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.04.20 08:53:29 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011.04.20 08:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.04.20 08:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ6Toolbar
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Mozilla
[2011.04.20 08:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011.04.20 08:50:33 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 08:50:25 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.5
[2011.04.20 08:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.04.20 08:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.04.20 08:26:30 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.20 08:26:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.20 08:26:30 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.20 08:26:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll
[2011.04.20 08:26:29 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.20 08:26:29 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.20 08:26:29 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.20 08:26:29 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.20 08:26:28 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.20 08:26:28 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.20 08:26:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.20 08:26:27 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe
[2011.04.20 08:26:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.20 08:26:27 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.20 08:26:27 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.20 08:26:26 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.20 08:26:26 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.20 08:26:24 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.20 08:26:24 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.20 08:26:24 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe
[2011.04.20 08:26:24 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.20 08:26:24 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.20 08:26:24 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe
[2011.04.20 08:25:44 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2011.04.20 08:25:44 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2011.04.20 08:25:44 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2011.04.20 08:24:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2011.04.20 08:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.04.20 08:18:18 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011.04.20 08:18:17 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.04.20 08:18:17 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.04.20 08:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011.04.20 08:12:50 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\Meine empfangenen Dateien
[2011.04.20 08:09:45 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Tracing
[2011.04.20 08:08:43 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll
[2011.04.20 08:07:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011.04.20 08:07:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.20 08:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2011.04.20 08:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.04.20 08:07:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2011.04.20 08:06:34 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.04.20 07:58:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2011.04.20 07:08:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.04.20 07:04:31 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.04.20 04:58:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2011.04.20 03:51:37 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscb.dll
[2011.04.20 03:51:37 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
[2011.04.20 03:51:36 | 000,313,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\thawbrkr.dll
[2011.04.20 03:51:36 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
[2011.04.20 03:51:36 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\offfilt.dll
[2011.04.20 03:51:36 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\korwbrkr.dll
[2011.04.20 03:51:36 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nlhtml.dll
[2011.04.20 03:51:36 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssitlb.dll
[2011.04.20 03:51:36 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\propdefs.dll
[2011.04.20 03:51:36 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xmlfilter.dll
[2011.04.20 03:51:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msstrc.dll
[2011.04.20 03:51:36 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mimefilt.dll
[2011.04.20 03:51:36 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtffilt.dll
[2011.04.20 03:51:36 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
[2011.04.20 03:51:36 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsepno.dll
[2011.04.20 03:51:35 | 006,103,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chtbrkr.dll
[2011.04.20 03:51:35 | 001,671,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\chsbrkr.dll
[2011.04.20 03:51:35 | 001,582,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.04.20 03:51:35 | 001,418,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.04.20 03:51:35 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.04.20 03:51:35 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011.04.20 03:51:35 | 000,203,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.04.20 03:51:35 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011.04.20 03:44:57 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.04.20 03:44:57 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011.04.20 03:44:55 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.04.20 03:44:54 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011.04.20 03:30:59 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2011.04.20 03:11:35 | 000,622,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardagt.exe
[2011.04.20 03:11:35 | 000,105,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2011.04.20 03:11:35 | 000,097,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardapi.dll
[2011.04.20 03:11:35 | 000,037,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\infocardcpl.cpl
[2011.04.20 03:11:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\icardres.dll
[2011.04.20 03:11:34 | 000,781,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationNative_v0300.dll
[2011.04.20 03:06:33 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscorier.dll
[2011.04.20 03:06:31 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscories.dll
[2011.04.20 03:04:14 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll
[2011.04.20 03:04:13 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll
[2011.04.20 03:01:59 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrsmgr.dll
[2011.04.20 03:01:54 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrs.exe
[2011.04.20 03:01:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrshost.exe
[2011.04.20 03:01:54 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmprovhost.exe
[2011.04.20 03:01:54 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wsmplpxy.dll
[2011.04.20 03:01:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wevtfwd.dll
[2011.04.20 03:01:53 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecutil.exe
[2011.04.20 03:01:53 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wecapi.dll
[2011.04.20 03:01:53 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmRes.dll
[2011.04.20 03:01:53 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrssrv.dll
[2011.04.20 03:01:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pwrshplugin.dll
[2011.04.20 03:01:47 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManMigrationPlugin.dll
[2011.04.20 03:01:47 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSManHTTPConfig.exe
[2011.04.20 03:01:47 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winrscmd.dll
[2011.04.20 03:01:47 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmWmiPl.dll
[2011.04.20 03:01:47 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmAuto.dll
[2011.04.20 00:44:20 | 012,240,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0007.dll
[2011.04.20 00:44:18 | 002,644,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NlsLexicons0009.dll
[2011.04.20 00:44:11 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NaturalLanguage6.dll
[2011.04.20 00:26:42 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2011.04.20 00:26:28 | 000,409,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.04.20 00:26:23 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.20 00:26:23 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2011.04.20 00:26:23 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.20 00:26:23 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
[2011.04.20 00:26:22 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
[2011.04.20 00:26:15 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll
[2011.04.20 00:26:14 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE
[2011.04.20 00:26:14 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE
[2011.04.20 00:26:13 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE
[2011.04.20 00:26:13 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE
[2011.04.20 00:26:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe
[2011.04.20 00:26:13 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE
[2011.04.20 00:25:46 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll
[2011.04.20 00:25:46 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll
[2011.04.20 00:25:46 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll
[2011.04.20 00:25:39 | 003,548,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.04.20 00:25:38 | 003,600,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.04.20 00:25:30 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.20 00:25:29 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.20 00:25:26 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2011.04.20 00:25:23 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pacerprf.dll
[2011.04.20 00:25:21 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL
[2011.04.20 00:25:20 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.04.20 00:25:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.20 00:25:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2011.04.20 00:25:06 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll
[2011.04.20 00:25:06 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll
[2011.04.20 00:25:02 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2011.04.20 00:24:39 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.20 00:24:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
[2011.04.20 00:24:34 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpeffects.dll
[2011.04.20 00:24:30 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2011.04.20 00:24:26 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.20 00:24:25 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.20 00:24:18 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2011.04.20 00:24:02 | 000,636,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2011.04.20 00:24:01 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2011.04.20 00:24:01 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2011.04.20 00:24:00 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2011.04.20 00:23:59 | 002,927,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.20 00:23:55 | 001,256,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2011.04.20 00:23:48 | 000,988,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2011.04.20 00:23:48 | 000,927,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2011.04.20 00:23:48 | 000,615,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ci.dll
[2011.04.20 00:23:48 | 000,019,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kd1394.dll
[2011.04.20 00:23:47 | 000,378,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2011.04.20 00:23:47 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2011.04.20 00:23:47 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2011.04.20 00:23:47 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srdelayed.exe
[2011.04.20 00:23:47 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbd106n.dll
[2011.04.20 00:23:38 | 000,866,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2011.04.20 00:23:33 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.04.20 00:23:33 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll
[2011.04.20 00:23:33 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll
[2011.04.20 00:23:33 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll
[2011.04.20 00:23:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll
[2011.04.20 00:23:33 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.04.20 00:23:33 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe
[2011.04.20 00:23:25 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011.04.20 00:23:25 | 000,323,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011.04.20 00:23:25 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.04.20 00:23:25 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2011.04.20 00:23:24 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm
[2011.04.20 00:23:21 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2011.04.20 00:23:15 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2011.04.20 00:23:15 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2011.04.20 00:23:15 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2011.04.20 00:23:12 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll
[2011.04.20 00:23:12 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll
[2011.04.20 00:23:10 | 000,425,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll
[2011.04.20 00:23:09 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll
[2011.04.20 00:23:08 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2011.04.20 00:23:05 | 000,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Faultrep.dll
[2011.04.20 00:23:04 | 000,443,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2011.04.20 00:23:03 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dataclen.dll
[2011.04.20 00:23:02 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.04.20 00:23:01 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rmcast.sys
[2011.04.20 00:22:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb
[2011.04.20 00:22:53 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb
[2011.04.20 00:22:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011.04.20 00:22:37 | 000,523,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2011.04.20 00:22:37 | 000,511,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2011.04.20 00:22:37 | 000,472,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2011.04.20 00:22:37 | 000,472,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2011.04.20 00:22:37 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2011.04.20 00:22:37 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2011.04.20 00:22:36 | 000,329,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2011.04.20 00:22:36 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2011.04.20 00:22:15 | 001,695,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
[2011.04.20 00:21:58 | 000,996,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMNetMgr.dll
[2011.04.20 00:21:58 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\logagent.exe
[2011.04.20 00:21:55 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scrobj.dll
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshom.ocx
[2011.04.20 00:21:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2011.04.20 00:21:53 | 001,645,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\connect.dll
[2011.04.20 00:21:45 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\raschap.dll
[2011.04.20 00:21:45 | 000,244,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll
[2011.04.20 00:21:43 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll
[2011.04.20 00:21:38 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
[2011.04.20 00:21:38 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2011.04.20 00:21:38 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2011.04.20 00:21:38 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
[2011.04.20 00:21:36 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2011.04.20 00:21:26 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2011.04.20 00:21:24 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx
[2011.04.20 00:21:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll
[2011.04.19 23:48:07 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2011.04.19 23:47:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.04.19 23:39:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.04.19 23:27:47 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.04.19 23:26:35 | 000,011,776 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2011.04.19 23:24:37 | 000,172,032 | ---- | C] (Ricoh Company,Ltd) -- C:\Windows\System32\rixdicon.dll
[2011.04.19 23:24:37 | 000,045,568 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimmptsk.sys
[2011.04.19 23:24:37 | 000,038,400 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rixdptsk.sys
[2011.04.19 23:24:36 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\System32\snymsico.dll
[2011.04.19 23:24:36 | 000,043,008 | ---- | C] (REDC) -- C:\Windows\System32\drivers\rimsptsk.sys
[2011.04.19 23:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2011.04.19 23:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2011.04.19 23:20:14 | 000,046,592 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\l160x86.sys
[2011.04.19 23:20:13 | 001,019,136 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\drivers\smserial.sys
[2011.04.19 23:20:13 | 000,221,184 | ---- | C] (Motorola Inc.) -- C:\Windows\System32\sm56co76.dll
[2011.04.19 23:20:12 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1
[2011.04.19 23:09:10 | 000,307,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll
[2011.04.19 23:07:22 | 000,485,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE
[2011.04.19 23:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATKOSD2
[2011.04.19 23:03:46 | 000,005,632 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[2011.04.19 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\ATKGFNEX
[2011.04.19 23:02:23 | 000,000,000 | ---D | C] -- C:\Program Files\ATK Hotkey
[2011.04.19 22:51:55 | 000,000,000 | ---D | C] -- C:\882f93ffbf7c9b68d4
[2011.04.19 22:49:44 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2011.04.19 22:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.04.19 22:49:37 | 000,000,000 | ---D | C] -- C:\Intel
[2011.04.19 22:36:03 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2011.04.19 22:36:03 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2011.04.19 22:35:51 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2011.04.19 22:35:51 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2011.04.19 22:35:51 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2011.04.19 22:35:43 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2011.04.19 22:35:43 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Macromedia
[2011.04.19 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Adobe
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.04.19 22:30:14 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Google
[2011.04.19 22:23:35 | 000,315,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2011.04.19 22:22:51 | 000,029,752 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\AsDsm.sys
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2011.04.19 22:22:50 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2011.04.19 22:22:49 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2011.04.19 22:22:35 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\InstallShield
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Searches
[2011.04.19 22:17:14 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.04.19 22:17:06 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Identities
[2011.04.19 22:17:05 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Contacts
[2011.04.19 22:17:04 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\VirtualStore
[2011.04.19 22:16:52 | 000,000,000 | --SD | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Videos
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Saved Games
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Pictures
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Music
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Links
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Favorites
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Downloads
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Documents
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\Desktop
[2011.04.19 22:16:52 | 000,000,000 | R--D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Vorlagen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Verlauf
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Temporary Internet Files
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Startmenü
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\SendTo
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Recent
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Netzwerkumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Lokale Einstellungen
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Videos
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Musik
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Eigene Dateien
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Documents\Eigene Bilder
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Druckumgebung
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Cookies
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\AppData\Local\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -HSD | C] -- C:\Users\Rouven\Anwendungsdaten
[2011.04.19 22:16:52 | 000,000,000 | -H-D | C] -- C:\Users\Rouven\AppData
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Temp
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Local\Microsoft
[2011.04.19 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Media Center Programs
[2011.03.30 16:23:30 | 000,000,000 | ---D | C] -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011.03.30 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2011.03.30 16:23:22 | 000,000,000 | ---D | C] -- C:\Users\Rouven\Documents\VirtualDJ
========== Files - Modified Within 30 Days ==========
[2011.04.27 21:54:13 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.27 21:54:13 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.27 21:54:13 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.27 21:54:13 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.27 21:52:36 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011.04.27 21:46:49 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:40 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.27 21:46:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.27 21:46:25 | 3218,374,656 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.27 21:44:22 | 000,000,920 | ---- | M] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | M] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | M] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:42:58 | 000,301,568 | ---- | M] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 21:42:55 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Rouven\Desktop\Erunt-setup.exe
[2011.04.27 21:42:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\OTL.exe
[2011.04.27 21:42:38 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Rouven\Desktop\TFC.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | M] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | M] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.23 23:13:40 | 000,232,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.23 19:17:50 | 000,000,466 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.04.21 16:03:16 | 000,000,811 | ---- | M] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:38:13 | 001,213,954 | ---- | M] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:14:49 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.04.20 19:13:02 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 10:37:33 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011.04.20 10:37:32 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011.04.20 10:37:32 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011.04.20 10:28:24 | 000,218,688 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2011.04.20 10:28:14 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:17:56 | 000,001,694 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | M] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:31 | 000,001,039 | ---- | M] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | M] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:18:27 | 000,001,854 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:14:05 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf
[2011.04.19 23:49:50 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:24:13 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 22:54:55 | 000,000,680 | ---- | M] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.04.19 22:30:15 | 000,002,054 | ---- | M] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:35 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\HideWin.exe
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | M] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.03.30 16:23:33 | 000,000,850 | ---- | M] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2011.03.29 20:43:36 | 000,006,144 | ---- | M] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2011.04.27 21:52:36 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.27 21:44:22 | 000,000,920 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2011.04.27 21:44:20 | 000,000,740 | ---- | C] () -- C:\Users\Rouven\Desktop\NTREGOPT.lnk
[2011.04.27 21:44:20 | 000,000,721 | ---- | C] () -- C:\Users\Rouven\Desktop\ERUNT.lnk
[2011.04.27 21:34:42 | 000,301,568 | ---- | C] () -- C:\Users\Rouven\Desktop\g2m3e4r.exe
[2011.04.27 19:56:11 | 000,004,241 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung 1_Rouven Wallentowitz.pdf
[2011.04.27 18:23:06 | 000,001,622 | ---- | C] () -- C:\Users\Rouven\Desktop\Rechnung3.lnk
[2011.04.27 17:53:46 | 000,001,485 | ---- | C] () -- C:\Users\Rouven\Desktop\orgaMAX starten....lnk
[2011.04.21 16:03:16 | 000,000,811 | ---- | C] () -- C:\Users\Rouven\Desktop\flunatic.lnk
[2011.04.20 19:36:15 | 001,213,954 | ---- | C] () -- C:\Users\Rouven\Desktop\Kontakte von Rouven Wallentowitz.pdf
[2011.04.20 19:34:01 | 000,000,835 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2011.04.20 19:33:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2011.04.20 17:40:57 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2011.04.20 17:37:22 | 000,006,224 | ---- | C] () -- C:\Windows\CVRPAGE.bmp
[2011.04.20 10:28:14 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.04.20 10:24:45 | 000,000,811 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.20 10:22:41 | 000,006,144 | ---- | C] () -- C:\Users\Rouven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.20 10:17:56 | 000,001,694 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView Thumbnails.lnk
[2011.04.20 10:17:56 | 000,000,814 | ---- | C] () -- C:\Users\Rouven\Desktop\IrfanView.lnk
[2011.04.20 10:15:44 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.20 10:12:58 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2011.04.20 10:12:58 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.04.20 09:24:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011.04.20 09:23:25 | 000,001,039 | ---- | C] () -- C:\Users\Rouven\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.20 09:23:15 | 000,001,198 | ---- | C] () -- C:\Users\Rouven\Desktop\Free YouTube to MP3 Converter.lnk
[2011.04.20 08:51:17 | 000,001,616 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.5.lnk
[2011.04.20 08:29:35 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.20 08:18:27 | 000,001,854 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011.04.20 07:10:14 | 3218,374,656 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.20 03:51:37 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.04.20 03:51:37 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.04.20 03:51:36 | 011,967,524 | ---- | C] () -- C:\Windows\System32\korwbrkr.lex
[2011.04.20 03:01:48 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2011.04.20 03:01:48 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2011.04.20 03:01:48 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2011.04.20 00:25:47 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf
[2011.04.19 23:49:50 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\1043_ASUSTeK_F3Sg.alu
[2011.04.19 23:47:01 | 000,000,466 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.04.19 23:47:01 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.04.19 23:39:38 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.04.19 23:26:35 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.04.19 23:26:35 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.04.19 23:26:35 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2011.04.19 23:26:35 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2011.04.19 23:26:35 | 000,000,372 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2011.04.19 23:26:35 | 000,000,371 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2011.04.19 23:24:13 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
[2011.04.19 23:23:45 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2011.04.19 22:30:15 | 000,002,054 | ---- | C] () -- C:\Users\Rouven\Desktop\Google Chrome.lnk
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011.04.19 22:23:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011.04.19 22:22:50 | 000,000,803 | ---- | C] () -- C:\Users\Public\Desktop\ASUS Data Security Manager.lnk
[2011.04.19 22:17:15 | 000,000,956 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.19 22:17:14 | 000,000,951 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2011.04.19 22:17:05 | 000,000,922 | ---- | C] () -- C:\Users\Rouven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2011.04.19 22:16:58 | 000,000,680 | ---- | C] () -- C:\Users\Rouven\AppData\Local\d3d9caps.dat
[2011.03.30 16:23:33 | 000,000,850 | ---- | C] () -- C:\Users\Rouven\Desktop\VirtualDJ Home FREE.lnk
[2008.04.16 13:11:34 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 13:11:34 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,232,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,595,996 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,070 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.10.10 13:33:00 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\Asushwio.sys
========== LOP Check ==========
[2011.04.23 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\B+P Heyer
[2011.04.27 18:13:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\Buhl Data Service GmbH
[2011.04.20 10:34:16 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 09:23:27 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.04.27 08:17:29 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\ICQ
[2011.04.20 10:17:56 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\IrfanView
[2011.04.27 18:13:19 | 000,000,000 | ---D | M] -- C:\Users\Rouven\AppData\Roaming\LetsTrade
[2011.04.27 21:37:33 | 000,014,912 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- --- Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6459
Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19048
27.04.2011 21:56:43
mbam-log-2011-04-27 (21-56-43).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133647
Laufzeit: 2 Minute(n), 53 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
Vielen Dank für euer Hilfe
greetz wake0071 |
