Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Taskmanager lässt sich nicht mehr öffnen. (https://www.trojaner-board.de/93358-taskmanager-laesst-mehr-oeffnen.html)

Foen69 30.11.2010 17:29
Taskmanager lässt sich nicht mehr öffnen.
 
Hallo zusammen!

Ich habe ein Problem und ich hoffe ihr könnt mir helfen.

Kann seit geraumer Zeit den Taskmanager und regedit nicht mehr öffnen.

Logfiles mit malwarebytes und OTL sind erstellt worden.

Hier der OTL log:

OTL logfile created on: 30.11.2010 16:53:54 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Foen69\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 72,00% Memory free
12,00 Gb Paging File | 10,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 228,23 Gb Total Space | 184,16 Gb Free Space | 80,69% Space Free | Partition Type: NTFS
Drive D: | 227,13 Gb Total Space | 218,29 Gb Free Space | 96,11% Space Free | Partition Type: NTFS

Computer Name: FOEN69-VAIO | User Name: Foen69 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.30 16:53:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Foen69\Desktop\OTL.exe
PRC - [2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Windows\SysWOW64\audiohd.exe
PRC - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.10.08 14:00:10 | 000,836,464 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2010.06.22 09:39:28 | 000,183,152 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
PRC - [2010.06.22 09:39:28 | 000,081,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
PRC - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2010.06.08 23:55:16 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.06.01 03:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2010.05.26 10:08:08 | 000,055,152 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCSpt.exe
PRC - [2010.05.18 13:38:46 | 000,075,776 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.01.20 14:24:12 | 000,087,408 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Personalization Manager\VpmIfPav.exe
PRC - [2009.10.22 19:57:52 | 000,942,690 | ---- | M] ( ) -- C:\Program Files (x86)\MirandaFusion\miranda32.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe


========== Modules (SafeList) ==========

MOD - [2010.11.30 16:53:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Foen69\Desktop\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2010.07.14 13:30:14 | 000,018,688 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll
MOD - [2010.06.08 23:04:16 | 000,226,592 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\syswow64\BtMmHook.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.10.13 22:28:54 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2010.10.13 22:28:54 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2010.10.07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\mcafee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2010.06.09 15:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2010.06.08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.06.06 22:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010.05.31 18:25:48 | 001,250,160 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2010.05.25 05:23:52 | 000,252,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010.03.10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2010.10.28 11:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.10.16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.10.13 22:28:54 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Programme\Common Files\mcafee\systemcore\mfevtps.exe -- (mfevtp)
SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.03.25 14:39:22 | 000,490,280 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.05 10:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV - [2010.03.05 10:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV - [2010.03.04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.11.27 21:01:33 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.10.13 22:28:54 | 000,529,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2010.10.13 22:28:54 | 000,441,328 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2010.10.13 22:28:54 | 000,283,360 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2010.10.13 22:28:54 | 000,190,136 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2010.10.13 22:28:54 | 000,121,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2010.10.13 22:28:54 | 000,094,864 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2010.10.13 22:28:54 | 000,075,032 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2010.10.13 22:28:54 | 000,062,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010.08.24 18:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.08.24 18:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.07.29 10:22:07 | 000,086,120 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.07.16 08:40:12 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.06.23 10:55:52 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2010.06.23 10:55:44 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2010.06.23 10:55:40 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2010.06.21 21:40:29 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.21 21:40:28 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.21 21:40:28 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.21 21:40:28 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.06.21 21:39:52 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.05.31 12:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2010.05.16 08:02:30 | 002,203,136 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.14 21:02:41 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.04.27 17:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.04.27 17:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.04.26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2010.03.04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.10.10 03:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010.11.29 17:41:53 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2010.11.30 16:51:07 | 000,000,030 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.virustotal.com
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20101127212734.dll (McAfee, Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20101127212734.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Audio HD Driver] C:\Users\Foen69\AppData\Local\Temp\winlogon.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [Windows Audio HDi Driver] C:\Windows\SysWow64\audiohd.exe ()
O4 - HKCU..\Run: [Audio HD Driver] C:\Users\Foen69\AppData\Local\Temp\winlogon.exe ()
O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)
O4 - HKCU..\Run: [Miranda Fusion] C:\Program Files (x86)\MirandaFusion\mfstart.exe (Miranda Fusion Team)
O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation)
O4 - Startup: C:\Users\Foen69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Audio HD Driver = C:\Users\Foen69\AppData\Roaming\winlogon.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.30 16:53:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Foen69\Desktop\OTL.exe
[2010.11.30 14:51:10 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Malwarebytes
[2010.11.30 14:51:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.30 14:51:00 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.30 14:51:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.30 14:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.30 14:50:33 | 006,153,648 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Foen69\Desktop\mbam-setup.exe
[2010.11.30 00:09:38 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Adobe
[2010.11.28 12:43:54 | 000,000,000 | ---D | C] -- C:\Users\Foen69\Documents\Sony PMB
[2010.11.28 12:40:11 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Programs
[2010.11.28 12:39:35 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\ArcSoft
[2010.11.28 12:39:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\ArcSoft
[2010.11.28 12:39:30 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\ArcSoft
[2010.11.28 12:38:07 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\NVIDIA
[2010.11.28 12:38:00 | 000,000,000 | ---D | C] -- C:\VAIO Entertainment
[2010.11.28 12:36:51 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Sony Corporation
[2010.11.28 12:34:12 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Corel
[2010.11.28 12:33:55 | 000,000,000 | ---D | C] -- C:\Users\Foen69\Corel
[2010.11.28 00:34:08 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Nero
[2010.11.28 00:23:54 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\WinRAR
[2010.11.28 00:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Azureus
[2010.11.28 00:09:39 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Azureus
[2010.11.28 00:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010.11.28 00:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.11.28 00:07:06 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.11.28 00:07:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.11.28 00:07:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.11.27 23:57:11 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.11.27 23:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.11.27 23:27:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.11.27 23:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.11.27 23:23:13 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.11.27 23:22:54 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.11.27 22:14:41 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2010.11.27 22:14:41 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2010.11.27 22:14:41 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2010.11.27 22:14:41 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2010.11.27 22:14:41 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2010.11.27 22:14:41 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2010.11.27 22:14:41 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2010.11.27 22:14:41 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.11.27 22:14:28 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.11.27 22:06:38 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.11.27 22:06:38 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.11.27 22:06:37 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.11.27 22:06:36 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.11.27 22:06:36 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.11.27 22:06:35 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.11.27 22:06:35 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.11.27 22:06:35 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.11.27 22:06:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.11.27 22:06:35 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.11.27 22:06:34 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.11.27 22:06:34 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.11.27 22:06:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.11.27 22:06:33 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.11.27 22:06:12 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.11.27 22:06:08 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.11.27 22:05:45 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.11.27 22:05:45 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.11.27 22:05:45 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.11.27 22:05:44 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.11.27 22:05:44 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.11.27 22:05:44 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.11.27 22:05:44 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.11.27 22:05:40 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.11.27 22:04:47 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.11.27 22:04:47 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.11.27 22:04:36 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.11.27 22:04:34 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.11.27 22:04:33 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.11.27 22:04:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.11.27 22:04:30 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.11.27 22:04:29 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.11.27 22:04:24 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010.11.27 22:04:22 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.11.27 22:04:22 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.11.27 22:04:19 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.11.27 22:04:14 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.11.27 21:59:41 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Apple Computer
[2010.11.27 21:59:41 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Apple Computer
[2010.11.27 21:59:11 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010.11.27 21:59:11 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.11.27 21:59:10 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.11.27 21:59:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.11.27 21:58:19 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.11.27 21:58:18 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.11.27 21:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.11.27 21:58:18 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.11.27 21:57:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSPad editor
[2010.11.27 21:55:59 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2010.11.27 21:55:58 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2010.11.27 21:55:54 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2010.11.27 21:55:54 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2010.11.27 21:55:54 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2010.11.27 21:55:53 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2010.11.27 21:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2010.11.27 21:55:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.11.27 21:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.11.27 21:55:27 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Apple
[2010.11.27 21:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.11.27 21:54:59 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.11.27 21:54:36 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.11.27 21:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.11.27 21:54:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.11.27 21:54:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.11.27 21:53:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2010.11.27 21:52:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Amazon
[2010.11.27 21:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010.11.27 21:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.11.27 21:38:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.11.27 21:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.11.27 21:37:21 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.11.27 21:37:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.11.27 21:36:50 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Miranda Fusion
[2010.11.27 21:36:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MirandaFusion
[2010.11.27 21:36:13 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Microsoft Help
[2010.11.27 21:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.11.27 21:35:49 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.11.27 21:19:52 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Intel
[2010.11.27 21:06:00 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Opera
[2010.11.27 21:06:00 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Opera
[2010.11.27 21:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.11.27 21:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.11.27 21:01:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.11.27 21:01:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.11.27 21:00:51 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Leadertech
[2010.11.27 21:00:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2010.11.27 21:00:28 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2010.11.27 21:00:23 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\DAEMON Tools Lite
[2010.11.27 21:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.11.27 21:00:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2010.11.27 21:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2010.11.27 21:00:01 | 000,000,000 | ---D | C] -- C:\Programme\Logitech
[2010.11.27 20:59:20 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LogiShrd
[2010.11.27 20:59:15 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Logitech
[2010.11.27 20:59:15 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Logishrd
[2010.11.27 20:51:19 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Adobe
[2010.11.27 20:32:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.11.27 20:25:04 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Intel Corporation
[2010.11.27 20:24:59 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Broadcom
[2010.11.27 20:24:59 | 000,000,000 | ---D | C] -- C:\Users\Foen69\Documents\Bluetooth-Exchange-Ordner
[2010.11.27 20:24:39 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Searches
[2010.11.27 20:24:31 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Identities
[2010.11.27 20:24:29 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Contacts
[2010.11.27 20:24:20 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010.11.27 20:23:30 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\VirtualStore
[2010.11.27 20:23:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\VAIO Startup Setting Tool
[2010.11.27 20:23:03 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.11.27 20:22:42 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Sony Corporation
[2010.11.27 20:22:37 | 000,000,000 | --SD | C] -- C:\Users\Foen69\AppData\Roaming\Microsoft
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Videos
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Saved Games
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Pictures
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Music
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Links
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Favorites
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Downloads
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Documents
[2010.11.27 20:22:37 | 000,000,000 | R--D | C] -- C:\Users\Foen69\Desktop
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Vorlagen
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\AppData\Local\Verlauf
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\AppData\Local\Temporary Internet Files
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Startmenü
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\SendTo
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Recent
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Netzwerkumgebung
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Lokale Einstellungen
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Documents\Eigene Videos
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Documents\Eigene Musik
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Eigene Dateien
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Documents\Eigene Bilder
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Druckumgebung
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Cookies
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\AppData\Local\Anwendungsdaten
[2010.11.27 20:22:37 | 000,000,000 | -HSD | C] -- C:\Users\Foen69\Anwendungsdaten
[2010.11.27 20:22:37 | 000,000,000 | -H-D | C] -- C:\Users\Foen69\AppData
[2010.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Temp
[2010.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Local\Microsoft
[2010.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Media Center Programs
[2010.11.27 20:22:37 | 000,000,000 | ---D | C] -- C:\Users\Foen69\AppData\Roaming\Macromedia
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.11.27 20:22:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.11.27 20:15:09 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.11.27 20:14:44 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.11.27 20:14:44 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.11.27 20:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.11.27 20:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.11.27 20:13:54 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.11.27 20:13:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.11.27 20:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.11.27 20:13:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.11.27 20:12:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.11.27 20:11:56 | 000,000,000 | ---D | C] -- C:\VAIO Sample Contents
[2010.11.27 20:10:05 | 000,000,000 | ---D | C] -- C:\Temp
[2010.11.27 20:08:44 | 000,455,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010.11.27 20:08:44 | 000,182,784 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010.11.27 20:08:44 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010.11.27 20:08:44 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010.11.27 20:08:41 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2010.11.27 20:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.11.27 20:08:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.11.27 20:08:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.11.27 20:08:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.11.27 20:08:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.11.27 20:08:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.11.27 20:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VAIO screensavers
[2010.11.27 20:04:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.11.27 20:04:47 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.11.27 20:04:46 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.11.27 20:04:46 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.11.27 20:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.11.27 20:01:56 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.11.27 20:01:56 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.11.27 20:01:56 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.11.27 20:01:56 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.11.27 20:01:56 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.11.27 20:01:56 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.11.27 20:01:56 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.11.27 20:01:56 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.11.27 20:01:55 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.11.27 20:01:55 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.11.27 20:01:55 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.11.27 20:01:55 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.11.27 20:01:55 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.11.27 20:01:55 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.11.27 20:01:55 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.11.27 20:01:55 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.11.27 20:00:26 | 000,499,712 | R--- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.11.27 20:00:26 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.11.27 20:00:26 | 000,245,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unicows.dll
[2010.11.27 20:00:26 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\SysWow64\PCDLIB32.DLL
[2010.11.27 20:00:25 | 000,055,808 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\System\ArcSoftKsUFilter.dll
[2010.11.27 20:00:25 | 000,019,968 | ---- | C] (ArcSoft, Inc.) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys
[2010.11.27 20:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2010.11.27 20:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2010.11.27 20:00:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Partner
[2010.11.27 20:00:18 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.11.27 20:00:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.11.27 20:00:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.11.27 19:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2010.11.27 19:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Evernote
[2010.11.27 19:59:40 | 000,014,112 | ---- | C] (InterVideo) -- C:\Windows\SysNative\drivers\regi.sys
[2010.11.27 19:59:26 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.11.27 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.11.27 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.11.27 19:58:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.11.27 19:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.11.27 19:58:36 | 000,000,000 | ---D | C] -- C:\_FS_SWRINFO
[2010.11.27 19:58:34 | 000,000,000 | ---D | C] -- C:\Documentation
[2010.11.27 19:58:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2010.11.27 19:58:02 | 000,000,000 | ---D | C] -- C:\Windows\Sonysys
[2010.11.27 19:57:05 | 000,009,984 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\mfeclnk.sys
[2010.11.27 19:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mcafee.com
[2010.11.27 19:56:55 | 000,000,000 | ---D | C] -- C:\Programme\mcafee.com
[2010.11.27 19:56:55 | 000,000,000 | ---D | C] -- C:\Programme\mcafee
[2010.11.27 19:56:55 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\mcafee
[2010.11.27 19:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2010.11.27 19:56:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\mcafee
[2010.11.27 19:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.11.27 19:56:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Sony Shared
[2010.11.27 19:56:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2010.11.27 19:53:00 | 000,000,000 | ---D | C] -- C:\Programme\Intel
[2010.11.27 19:53:00 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Intel
[2010.11.27 19:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2010.11.27 19:53:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2010.11.27 19:52:50 | 000,000,000 | ---D | C] -- C:\Programme\Apoint
[2010.11.27 19:52:05 | 000,342,056 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys
[2010.11.27 19:52:05 | 000,135,720 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys
[2010.11.27 19:52:05 | 000,102,952 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys
[2010.11.27 19:52:05 | 000,039,464 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys
[2010.11.27 19:52:05 | 000,021,544 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys
[2010.11.27 19:51:34 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM
[2010.11.27 19:51:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.11.27 19:51:16 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.11.27 19:51:07 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2010.11.27 19:51:07 | 002,602,016 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.11.27 19:51:07 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2010.11.27 19:51:07 | 001,958,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.11.27 19:51:07 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2010.11.27 19:51:07 | 001,210,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.11.27 19:51:07 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2010.11.27 19:51:07 | 001,146,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.11.27 19:51:07 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010.11.27 19:51:07 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2010.11.27 19:51:07 | 000,476,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.11.27 19:51:07 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2010.11.27 19:51:07 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010.11.27 19:51:07 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.11.27 19:51:07 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.11.27 19:51:07 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010.11.27 19:51:07 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2010.11.27 19:51:07 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.11.27 19:51:07 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.11.27 19:51:07 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2010.11.27 19:51:07 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010.11.27 19:51:07 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010.11.27 19:51:07 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010.11.27 19:51:07 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010.11.27 19:51:07 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.11.27 19:51:07 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2010.11.27 19:51:07 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2010.11.27 19:51:07 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2010.11.27 19:51:07 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010.11.27 19:51:07 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010.11.27 19:51:07 | 000,070,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.11.27 19:51:06 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.27 19:51:06 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2010.11.27 19:51:06 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2010.11.27 19:51:06 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2010.11.27 19:51:06 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010.11.27 19:51:06 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010.11.27 19:51:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.11.27 19:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.11.27 19:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.11.27 19:50:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.11.27 19:46:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.11.27 19:45:57 | 000,000,000 | ---D | C] -- C:\Programme\Sony
[2010.11.27 19:44:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\winrm
[2010.11.27 19:44:48 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\winrm
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WCN
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sysprep
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\slmgr
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Printing_Admin_Scripts
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\UMDF\de-DE
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2010.11.27 19:44:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\WCN
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\slmgr
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Printing_Admin_Scripts
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2010.11.27 19:44:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2010.11.27 19:44:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2010.11.27 19:44:20 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2010.11.27 19:44:12 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2010.11.27 19:44:11 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2010.11.27 19:44:11 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2010.11.27 19:44:09 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.11.27 19:44:09 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.11.27 19:44:09 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2010.11.27 19:44:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2010.11.27 19:44:08 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2010.11.27 19:44:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2010.11.27 19:44:08 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2010.11.27 19:44:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2010.11.27 19:44:08 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2010.11.27 19:44:08 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2010.11.27 19:44:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2010.11.27 19:44:08 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2010.11.27 19:44:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2010.11.27 19:44:08 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2010.11.27 19:44:08 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2010.11.27 19:44:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2010.11.27 19:44:06 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2010.11.27 19:44:04 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2010.11.27 19:44:04 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2010.11.27 19:44:02 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2010.11.27 19:44:02 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2010.11.27 19:44:02 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2010.11.27 19:44:01 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2010.11.27 19:44:01 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2010.11.27 19:44:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2010.11.27 19:44:01 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2010.11.27 19:44:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2010.11.27 19:44:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2010.11.27 19:44:01 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2010.11.27 19:44:00 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2010.11.27 19:44:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2010.11.27 19:44:00 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2010.11.27 19:43:58 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2010.11.27 19:43:58 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2010.11.27 19:43:58 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2010.11.27 19:43:58 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2010.11.27 19:43:57 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2010.11.27 19:43:57 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2010.11.27 19:43:57 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2010.11.27 19:43:56 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2010.11.27 19:43:56 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2010.11.27 19:43:56 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2010.11.27 19:43:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.30 16:53:35 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Foen69\Desktop\OTL.exe
[2010.11.30 16:50:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.30 16:50:07 | 521,895,935 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.30 14:54:38 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.30 14:54:38 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.30 14:51:04 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.30 14:50:34 | 006,153,648 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Foen69\Desktop\mbam-setup.exe
[2010.11.30 00:10:18 | 000,025,088 | ---- | M] () -- C:\Users\Public\Documents\Rück_Jenny.xls
[2010.11.29 22:49:37 | 001,507,170 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.29 22:49:37 | 000,657,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.29 22:49:37 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.29 22:49:37 | 000,131,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.29 22:49:37 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.29 22:45:32 | 000,010,673 | ---- | M] () -- C:\Users\Public\Documents\Ausgaben.xlsx
[2010.11.29 17:42:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.28 13:00:11 | 000,434,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.11.28 12:34:12 | 000,000,952 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2010.11.28 00:24:23 | 079,187,968 | -H-- | M] () -- C:\Users\Foen69\AppData\Roaming\SystemDriver.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Program Files (x86)\Common Files\WUAuthHost.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Users\Foen69\AppData\Roaming\winlogon.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Windows\SysWow64\audiohd.exe
[2010.11.27 22:59:10 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2010.11.27 22:59:10 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2010.11.27 21:47:07 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.27 21:05:54 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.11.27 21:01:33 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.11.27 21:01:29 | 000,001,358 | ---- | M] () -- C:\Users\Foen69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.11.27 21:00:28 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\drivers\LNonPnP.sys
[2010.11.27 20:24:24 | 000,000,000 | RH-- | M] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCF13C5E.mrk
[2010.11.27 20:24:24 | 000,000,000 | RH-- | M] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCF13C5E.mrk
[2010.11.27 20:20:41 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.11.27 20:20:41 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.11.27 20:12:24 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2010.11.27 20:08:41 | 000,455,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010.11.27 20:08:41 | 000,182,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010.11.27 20:08:41 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010.11.27 20:08:41 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010.11.27 19:59:59 | 000,000,040 | -H-- | M] () -- C:\Windows\SysNative\ivireg.ivr
[2010.11.27 19:52:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2010.11.27 19:52:10 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2010.11.27 19:44:40 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2010.11.27 19:44:40 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2010.11.27 19:44:24 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbrpm.sys.mui
[2010.11.27 19:44:20 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fvevol.sys.mui
[2010.11.27 19:44:17 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WpdMtpDr.dll.mui
[2010.11.27 19:44:12 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\qwavedrv.sys.mui
[2010.11.27 19:44:11 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\nwifi.sys.mui
[2010.11.27 19:44:11 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\qwavedrv.sys.mui
[2010.11.27 19:44:09 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2010.11.27 19:44:09 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2010.11.27 19:44:09 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\MTConfig.sys.mui
[2010.11.27 19:44:08 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tcpip.sys.mui
[2010.11.27 19:44:08 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mpio.sys.mui
[2010.11.27 19:44:08 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volsnap.sys.mui
[2010.11.27 19:44:08 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbport.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\processr.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\intelppm.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdppm.sys.mui
[2010.11.27 19:44:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdk8.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\usbhub.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serial.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ohci1394.sys.mui
[2010.11.27 19:44:08 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\1394ohci.sys.mui
[2010.11.27 19:44:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\i8042prt.sys.mui
[2010.11.27 19:44:08 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\acpi.sys.mui
[2010.11.27 19:44:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\battc.sys.mui
[2010.11.27 19:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pci.sys.mui
[2010.11.27 19:44:08 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthport.sys.mui
[2010.11.27 19:44:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UMDF\de-DE\WUDFUsbccidDriver.dll.mui
[2010.11.27 19:44:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\msdsm.sys.mui
[2010.11.27 19:44:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\IPMIDrv.sys.mui
[2010.11.27 19:44:08 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\sermouse.sys.mui
[2010.11.27 19:44:08 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdclass.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pcmcia.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouclass.sys.mui
[2010.11.27 19:44:08 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthpan.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wacompen.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vhdmp.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vdrvroot.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tpm.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\isapnp.sys.mui
[2010.11.27 19:44:08 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hdaudbus.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\portcls.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\parport.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\HdAudio.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ataport.sys.mui
[2010.11.27 19:44:08 | 000,003,584 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\de-DE\atikmdag.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\umbus.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\serscan.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismpx.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rndismp6.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mssmbios.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mouhid.sys.mui
[2010.11.27 19:44:08 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\hidbth.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\vwifibus.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ULIAGPKX.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\UAGP35.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pnpmem.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\NV_AGP.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\kbdhid.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\GAGP30KX.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\Dot4usb.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\BTHUSB.SYS.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\AGP440.sys.mui
[2010.11.27 19:44:08 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ws2ifsl.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wd.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\disk.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\cdrom.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bthenum.sys.mui
[2010.11.27 19:44:08 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\amdide.sys.mui
[2010.11.27 19:44:06 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\pacer.sys.mui
[2010.11.27 19:44:04 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\bfe.dll.mui
[2010.11.27 19:44:04 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\modem.sys.mui
[2010.11.27 19:44:02 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\afd.sys.mui
[2010.11.27 19:44:02 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ipnat.sys.mui
[2010.11.27 19:44:02 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\volmgrx.sys.mui
[2010.11.27 19:44:01 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ntfs.sys.mui
[2010.11.27 19:44:01 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\tunnel.sys.mui
[2010.11.27 19:44:01 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\luafv.sys.mui
[2010.11.27 19:44:01 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\ndiscap.sys.mui
[2010.11.27 19:44:01 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\rdbss.sys.mui
[2010.11.27 19:44:01 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\srv.sys.mui
[2010.11.27 19:44:01 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\scfilter.sys.mui
[2010.11.27 19:44:00 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndisuio.sys.mui
[2010.11.27 19:44:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\partmgr.sys.mui
[2010.11.27 19:44:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\mountmgr.sys.mui
[2010.11.27 19:43:58 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\tcpip.sys.mui
[2010.11.27 19:43:58 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndiscap.sys.mui
[2010.11.27 19:43:58 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\RNDISMP.sys.mui
[2010.11.27 19:43:58 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scfilter.sys.mui
[2010.11.27 19:43:57 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\ndis.sys.mui
[2010.11.27 19:43:57 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\fltmgr.sys.mui
[2010.11.27 19:43:57 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\wdf01000.sys.mui
[2010.11.27 19:43:56 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\http.sys.mui
[2010.11.27 19:43:56 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\bfe.dll.mui
[2010.11.27 19:43:56 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\drivers\de-DE\pacer.sys.mui
[2010.11.27 19:43:56 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\de-DE\scsiport.sys.mui
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.30 14:51:04 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.29 22:50:17 | 000,025,088 | ---- | C] () -- C:\Users\Public\Documents\Rück_Jenny.xls
[2010.11.29 22:42:45 | 000,010,673 | ---- | C] () -- C:\Users\Public\Documents\Ausgaben.xlsx
[2010.11.29 17:42:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.11.28 12:34:12 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.11.28 00:24:22 | 000,057,344 | -H-- | C] () -- C:\Program Files (x86)\Common Files\WUAuthHost.exe
[2010.11.28 00:24:22 | 000,057,344 | -H-- | C] () -- C:\Windows\SysWow64\audiohd.exe
[2010.11.28 00:24:21 | 079,187,968 | -H-- | C] () -- C:\Users\Foen69\AppData\Roaming\SystemDriver.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | C] () -- C:\Users\Foen69\AppData\Roaming\winlogon.exe
[2010.11.27 22:56:33 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.11.27 22:56:33 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.11.27 21:55:56 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2010.11.27 21:47:07 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.27 21:05:54 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.11.27 21:01:33 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.11.27 21:01:29 | 000,001,358 | ---- | C] () -- C:\Users\Foen69\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2010.11.27 20:24:24 | 000,000,000 | RH-- | C] () -- C:\Windows\SysWow64\drivers\104D_Sony_VPCF13C5E.mrk
[2010.11.27 20:24:24 | 000,000,000 | RH-- | C] () -- C:\Windows\SysNative\drivers\104D_Sony_VPCF13C5E.mrk
[2010.11.27 20:15:32 | 521,895,935 | -HS- | C] () -- C:\hiberfil.sys
[2010.11.27 20:12:11 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_install_OEMHelpCustomization.etl
[2010.11.27 19:59:40 | 000,000,040 | -H-- | C] () -- C:\Windows\SysNative\ivireg.ivr
[2010.11.27 19:52:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2010.11.27 19:51:40 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
[2010.11.27 19:45:08 | 000,657,676 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.27 19:45:08 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2010.11.27 19:45:08 | 000,131,016 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.27 19:45:08 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.11.30 00:21:19 | 000,000,000 | ---D | M] -- C:\Users\Foen69\AppData\Roaming\Azureus
[2010.11.27 21:34:48 | 000,000,000 | ---D | M] -- C:\Users\Foen69\AppData\Roaming\DAEMON Tools Lite
[2010.11.27 21:00:51 | 000,000,000 | ---D | M] -- C:\Users\Foen69\AppData\Roaming\Leadertech
[2010.11.27 21:36:50 | 000,000,000 | ---D | M] -- C:\Users\Foen69\AppData\Roaming\Miranda Fusion
[2010.11.27 21:29:22 | 000,000,000 | ---D | M] -- C:\Users\Foen69\AppData\Roaming\Opera
[2009.07.14 06:08:49 | 000,009,208 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >


Vielen Dank im Voraus

markusg 30.11.2010 17:56
• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

:OTL
O4 - HKLM..\Run: [Audio HD Driver] C:\Users\Foen69\AppData\Local\Temp\winlogon.exe ()
O4 - HKLM..\Run: [Windows Audio HDi Driver] C:\Windows\SysWow64\audiohd.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: Audio HD Driver = C:\Users\Foen69\AppData\Roaming\winlogon.exe ()
[2010.11.28 00:24:23 | 079,187,968 | -H-- | M] () -- C:\Users\Foen69\AppData\Roaming\SystemDriver.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Program Files (x86)\Common Files\WUAuthHost.exe
[2010.11.28 00:24:19 | 000,057,344 | -H-- | M] () -- C:\Users\Foen69\AppData\Roaming\winlogon.exe

:Files
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort posten.


öffne mein computer, c: dann _OTL
dort rechtsklick auf moved files
wähle zu moved files.rar oder zip hinzufügen.

lade das archiv in unserem upload channel hoch.
http://www.trojaner-board.de/54791-a...ner-board.html

Foen69 30.11.2010 18:36
Hi, danke für die schnelle Hilfe. Ich habe jetzt alles nach deiner Anleitung ausgeführt. Aber den Taskmanager kann ich leider immer noch nicht öffnen.

hier der log:

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Audio HD Driver deleted successfully.
C:\Users\Foen69\AppData\Local\Temp\winlogon.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Windows Audio HDi Driver deleted successfully.
C:\Windows\SysWOW64\audiohd.exe moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\Audio HD Driver deleted successfully.
C:\Users\Foen69\AppData\Roaming\winlogon.exe moved successfully.
C:\Users\Foen69\AppData\Roaming\SystemDriver.exe moved successfully.
C:\Program Files (x86)\Common Files\WUAuthHost.exe moved successfully.
File C:\Users\Foen69\AppData\Roaming\winlogon.exe not found.
========== FILES ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 41620 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Foen69
->Flash cache emptied: 43047 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Foen69
->Temp folder emptied: 2220372557 bytes
->Temporary Internet Files folder emptied: 8806822 bytes
->Java cache emptied: 0 bytes
->Opera cache emptied: 15838013 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2956260 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 89554 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 2.144,00 mb


OTL by OldTimer - Version 3.2.17.3 log created on 11302010_182944

Files\Folders moved on Reboot...
C:\Users\Foen69\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF128356A455FA3AC4.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF16E3DFDBAFF59A86.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF190ABFF8B5681440.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF239827428C06C04C.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF299AD9C0FDD91B7B.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF2AEC96DF5C6016E1.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF3A7954FB1B9651F7.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF45CE477DA70D9F67.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF55EDF1BBA181FF4A.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF5C11F7C481D08EB9.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DF7C7309C8C4D082E2.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DFD0D92DA8C917F2AF.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DFDBA92DAA3581B609.TMP not found!
File\Folder C:\Users\Foen69\AppData\Local\Temp\~DFF20B548677666E42.TMP not found!

Registry entries deleted on Reboot...

markusg 30.11.2010 19:01
wo ist die hochgeladene datei?

Foen69 30.11.2010 19:24
versuche es die ganze Zeit, aber irgendwie passiert nix, sind ca. 75MB. habe sie vom auch schon von einem macbook hochgeladen, da passiert leider auch nix. probiere es weiter...

markusg 30.11.2010 19:36
aha 75 mb geht ja auch net.
File-Upload.net
sende mir, nach dem du die datei dort hochgeladen hast, den download link als private nachicht.

Foen69 30.11.2010 20:50
Hi, hat das geklappt?

markusg 30.11.2010 20:51
ja, bitte malwarebytes updaten, kompletten scan, funde löschen, log posten

Foen69 30.11.2010 21:41
Hallo nochmal!

hier der log von malwarebyte:

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Datenbank Version: 5221

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30.11.2010 21:39:27
mbam-log-2010-11-30 (21-39-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 256575
Laufzeit: 34 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Audio HD Driver (Trojan.Downloader) -> Value: Audio HD Driver -> No action taken.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

markusg 01.12.2010 12:31
hast du gefundenes entfernen lassen? wenn nein, gleich noch mal.

Foen69 01.12.2010 14:55
Hi, nochmal mit malwarebyte suchen und dann damit entfernen?

markusg 01.12.2010 15:36
wenn du die funde nicht hast entfernen lassen, dann ja, es steht zu mindest "no action taken" dort

Foen69 01.12.2010 16:37
Vielen Dank für deine ausgezeichnete Hilfe!!! Taskmanager und regedit laufen wieder. Malwarebytes findet auch keine Trojaner oder ähnlichrs mehr.
:dankeschoen::dankeschoen:

:applaus:

markusg 01.12.2010 16:45
ok pc absichern /aufräumen.
lade den ccleaner slim:
Piriform - Builds
falls der ccleaner bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Foen69 01.12.2010 18:22
Hallo, die installierten Programme sind alle notwendig. Habe mein Notebook erst seit einer woche, von daher ist auch noch nicht alles installiert.

Hier die Liste:


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:15 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129