OTL Logfile:
OTL Logfile: Code:
OTL logfile created on: 02.06.2011 19:15:00 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\dani\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 57,52% Memory free
6,19 Gb Paging File | 5,08 Gb Available in Paging File | 82,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 10,48 Gb Free Space | 7,03% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 6,06 Gb Free Space | 4,35% Space Free | Partition Type: NTFS
Computer Name: DANI-PC | User Name: dani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.02 14:36:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2011.05.10 14:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011.05.05 20:43:42 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010.12.02 20:48:28 | 000,462,848 | ---- | M] (ageye GbR) -- C:\Program Files\ageye\VLC play! Server\VLCplayServer.exe
PRC - [2010.11.11 14:55:46 | 000,159,472 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.06.18 08:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.07 10:25:13 | 004,853,760 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.10.12 07:44:28 | 000,106,496 | ---- | M] (ASUS) -- C:\Windows\System32\ASUSTPE.exe
========== Modules (SafeList) ==========
MOD - [2011.06.02 14:36:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\dani\Desktop\OTL.exe
MOD - [2011.05.10 14:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010.08.31 17:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- -- (ACDaemon)
SRV - [2011.05.10 14:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.02.28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.12.25 01:31:16 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.11.11 14:57:04 | 000,268,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2010.11.11 14:57:02 | 000,444,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2010.11.11 14:55:56 | 006,351,600 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2010.04.24 01:10:54 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.04.24 01:10:44 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.01.30 12:19:23 | 000,604,488 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2010.01.30 12:19:18 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Windows\System32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.11.16 13:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2009.08.10 13:34:40 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.05.18 12:31:16 | 000,073,728 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2007.02.06 04:13:14 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
========== Driver Services (SafeList) ==========
DRV - [2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.05.10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.01.01 13:46:08 | 000,436,792 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.04.24 01:10:54 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2010.04.24 01:10:52 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2010.04.24 01:10:50 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2010.04.24 01:10:44 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009.09.05 15:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.11 20:14:29 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.04.28 21:53:57 | 000,271,360 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.04.28 21:53:56 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.06.03 08:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 20:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2008.03.09 16:58:41 | 003,533,824 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.10.01 08:59:45 | 001,769,984 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007.08.11 06:19:26 | 000,029,752 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2007.07.24 21:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.20 05:12:17 | 000,047,616 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.10.01 14:37:02 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0801.sys -- (tap0801)
DRV - [2005.03.03 19:53:57 | 000,048,640 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2005.02.23 17:59:54 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel.de/"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q="
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.05.05 20:43:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.05 20:43:48 | 000,000,000 | ---D | M]
[2009.08.28 03:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dani\AppData\Roaming\mozilla\Extensions
[2009.08.28 03:12:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dani\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011.06.02 14:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions
[2010.05.20 22:12:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.25 22:49:39 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.03.25 21:09:13 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.12.06 18:50:10 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.05 14:37:22 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\dani\AppData\Roaming\mozilla\Firefox\Profiles\r40js1v1.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(38)
[2011.05.30 20:33:57 | 000,001,056 | ---- | M] () -- C:\Users\dani\AppData\Roaming\Mozilla\Firefox\Profiles\r40js1v1.default\searchplugins\icqplugin.xml
[2011.02.06 21:43:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009.09.19 11:23:32 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.12.06 18:55:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.06 21:43:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2009.03.31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011.01.11 13:22:42 | 000,167,704 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
[2011.05.05 20:43:45 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011.05.05 20:43:45 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2011.05.05 20:43:45 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011.05.05 20:43:45 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011.05.05 20:43:45 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [ASUSTPE] C:\Windows\System32\ASUSTPE.exe (ASUS)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AlcoholAutomount] C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - Startup: C:\Users\dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VLC play! Server.lnk = C:\Program Files\ageye\VLC play! Server\VLCplayServer.exe (ageye GbR)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\dani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\dani\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\dani\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0f38fdde-3e41-11df-8126-002354623135}\Shell\AutoRun\command - "" = H:\Menu.exe
O33 - MountPoints2\{11468d40-159d-11e0-8820-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{11468d40-159d-11e0-8820-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\{295c0b7d-539d-11de-9038-002354623135}\Shell - "" = AutoRun
O33 - MountPoints2\{295c0b7d-539d-11de-9038-002354623135}\Shell\AutoRun\command - "" = G:\autoplay.exe
O33 - MountPoints2\{47a1c498-144c-11e0-8f15-002354623135}\Shell - "" = AutoRun
O33 - MountPoints2\{47a1c498-144c-11e0-8f15-002354623135}\Shell\AutoRun\command - "" = I:\setup.exe
O33 - MountPoints2\{e331fcbe-1440-11e0-8ce2-002354623135}\Shell - "" = AutoRun
O33 - MountPoints2\{e331fcbe-1440-11e0-8ce2-002354623135}\Shell\AutoRun\command - "" = F:\autorunmenu.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {59DC1004-42BC-4C4A-590E-815A06EC7313} - Browser Customizations
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yv12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.06.02 14:36:34 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\dani\Desktop\OTL.exe
[2011.05.31 19:15:13 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Users\dani\Desktop\OTS.exe
[2011.05.31 18:49:21 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.31 18:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.31 18:49:18 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.31 18:46:35 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\dani\Desktop\mbam-setup-1.50.1.1100.exe
[2011.05.24 18:52:07 | 000,441,176 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011.05.18 19:56:41 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Procter_gamble
[2011.05.17 20:57:27 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{2F32CDF7-00A6-4397-864A-096C3466C5DA}
[2011.05.16 09:05:26 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Hotmail
[2011.05.14 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{B7858982-E89F-4FED-84EF-A2FB1D0CA99E}
[2011.05.12 20:33:13 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{ECAC77A5-0E60-4BC1-81A7-3689B4D7C654}
[2011.05.11 16:17:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{B6AD6F74-9D01-432D-8CD7-5DCFA4AC0300}
[2011.05.09 19:07:39 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{66116B64-24A0-43D9-B582-2D3BF857AE50}
[2011.05.07 21:03:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{B7B624D3-618B-4C42-B0D7-A7BAF63CEBB8}
[2011.05.07 10:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.05 23:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ageye
[2011.05.05 23:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\ageye
[2011.05.05 23:39:21 | 000,724,935 | ---- | C] (ageye GbR ) -- C:\Users\***\Desktop\vlcplayserver_1.1.exe
[2011.05.04 20:06:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{17724F29-BEFF-4C9D-923C-C8ADBB6ACF1C}
[2008.06.03 08:41:51 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.02 19:21:25 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.06.02 19:09:49 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\1-Klick-Wartung.job
[2011.06.02 19:09:31 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.06.02 19:05:31 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.02 19:05:31 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.02 19:05:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.02 14:36:38 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.06.02 14:15:08 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3CDFAA12-AB5C-4A00-A36F-295ADAD51018}.job
[2011.06.01 18:28:02 | 000,027,190 | ---- | M] () -- C:\Users\***\Desktop\Frequently asked questions.odt
[2011.06.01 18:27:27 | 000,053,897 | ---- | M] () -- C:\Users\***\Desktop\Kalkulation_Runde5.ods
[2011.06.01 13:20:45 | 000,037,845 | ---- | M] () -- C:\Users\***\Desktop\2.jpg
[2011.06.01 13:19:29 | 000,032,390 | ---- | M] () -- C:\Users\***\Desktop\1.jpg
[2011.06.01 13:16:05 | 000,025,149 | ---- | M] () -- C:\Users\***\Desktop\3.jpg
[2011.06.01 13:15:36 | 000,059,600 | ---- | M] () -- C:\Users\***\Desktop\4.jpg
[2011.05.31 19:15:22 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Users\dani\Desktop\OTS.exe
[2011.05.31 18:46:49 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\dani\Desktop\mbam-setup-1.50.1.1100.exe
[2011.05.30 17:59:41 | 000,629,186 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.05.30 17:59:41 | 000,596,440 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.30 17:59:41 | 000,126,640 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.05.30 17:59:41 | 000,104,256 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.30 17:58:38 | 000,316,956 | ---- | M] () -- C:\Users\***\Desktop\Mibi Kurs.pdf
[2011.05.30 17:57:27 | 000,245,663 | ---- | M] () -- C:\Users\***\Desktop\Mibi Kurs.odt
[2011.05.30 00:57:29 | 000,041,984 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.26 17:25:12 | 000,046,130 | ---- | M] () -- C:\Users\***\Desktop\Calculation_Green_SieheTotaleNachfrage2.ods
[2011.05.26 16:50:00 | 000,039,576 | ---- | M] () -- C:\Users\***\Desktop\Calculation_Green2.ods
[2011.05.24 18:52:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.05.20 23:48:10 | 016,111,389 | ---- | M] () -- C:\Users\***\Desktop\Italien_1940_Mai_30.eug
[2011.05.19 12:48:55 | 000,028,386 | ---- | M] () -- C:\Users\***\Desktop\Optionen Runde 4.odt
[2011.05.18 22:30:37 | 016,130,101 | ---- | M] () -- C:\Users\***\Desktop\Italien_1940_Mai_7 xxx.eug
[2011.05.18 19:49:53 | 013,304,806 | ---- | M] () -- C:\Users\***\Desktop\Procter_gamble.zip
[2011.05.16 09:05:20 | 001,404,234 | ---- | M] () -- C:\Users\***\Desktop\Hotmail.zip
[2011.05.10 14:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.05.10 14:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.05.10 14:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011.05.10 14:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.05.10 14:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.05.10 13:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.05.10 13:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.05.10 13:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.05.09 20:29:27 | 000,079,849 | ---- | M] () -- C:\Users\***\Desktop\216443_212684722094298_100000583148127_749754_2942354_n.jpg
[2011.05.07 10:20:41 | 000,076,570 | ---- | M] () -- C:\Users\***\Desktop\PdfPrint.pdf
[2011.05.07 10:14:09 | 000,044,567 | ---- | M] () -- C:\Users\***\Desktop\B10419-2660_54877939_8MWBL3_145469-20110508-PDFTICKET 19 .pdf
[2011.05.07 01:49:35 | 000,007,846 | ---- | M] () -- C:\Users\***\Desktop\OpenDocument Text (neu).odt
[2011.05.06 12:35:05 | 000,733,188 | ---- | M] () -- C:\Users\***\Desktop\tox 3.pdf
[2011.05.06 12:33:59 | 002,216,156 | ---- | M] () -- C:\Users\***\Desktop\tox 2.pdf
[2011.05.06 12:32:15 | 003,270,670 | ---- | M] () -- C:\Users\***\Desktop\tox 1.pdf
[2011.05.05 23:40:41 | 000,001,876 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VLC play! Server.lnk
[2011.05.05 23:39:30 | 000,724,935 | ---- | M] (ageye GbR ) -- C:\Users\***\Desktop\vlcplayserver_1.1.exe
[2011.05.05 12:47:50 | 000,029,177 | ---- | M] () -- C:\Users\***\Desktop\Strategie_Green_AOI.odt
[2011.05.04 22:33:45 | 000,767,892 | ---- | M] () -- C:\Users\***\Desktop\Vorlesung Grundlagenmodul Slide Selection 1104.pdf
[2011.05.04 19:26:22 | 000,047,810 | ---- | M] () -- C:\Users\***\Desktop\***.jpg
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.01 18:28:01 | 000,027,190 | ---- | C] () -- C:\Users\***\Desktop\Frequently asked questions.odt
[2011.06.01 17:41:27 | 000,053,897 | ---- | C] () -- C:\Users\***\Desktop\Kalkulation_Runde5.ods
[2011.06.01 13:16:05 | 000,037,845 | ---- | C] () -- C:\Users\***\Desktop\2.jpg
[2011.06.01 13:16:05 | 000,025,149 | ---- | C] () -- C:\Users\***\Desktop\3.jpg
[2011.06.01 13:15:36 | 000,059,600 | ---- | C] () -- C:\Users\***\Desktop\4.jpg
[2011.06.01 13:15:36 | 000,032,390 | ---- | C] () -- C:\Users\***\Desktop\1.jpg
[2011.05.30 17:58:36 | 000,316,956 | ---- | C] () -- C:\Users\***\Desktop\Mibi Kurs.pdf
[2011.05.30 17:57:26 | 000,245,663 | ---- | C] () -- C:\Users\***\Desktop\Mibi Kurs.odt
[2011.05.26 16:58:04 | 000,046,130 | ---- | C] () -- C:\Users\***\Desktop\Calculation_Green_SieheTotaleNachfrage2.ods
[2011.05.23 10:15:42 | 016,111,389 | ---- | C] () -- C:\Users\***\Desktop\Italien_1940_Mai_30.eug
[2011.05.20 18:19:00 | 016,130,101 | ---- | C] () -- C:\Users\***\Desktop\Italien_1940_Mai_7 xxx.eug
[2011.05.18 19:49:34 | 013,304,806 | ---- | C] () -- C:\Users\***\Desktop\Procter_gamble.zip
[2011.05.18 09:07:05 | 000,028,386 | ---- | C] () -- C:\Users\***\Desktop\Optionen Runde 4.odt
[2011.05.17 10:05:58 | 000,039,576 | ---- | C] () -- C:\Users\***\Desktop\Calculation_Green2.ods
[2011.05.16 09:05:16 | 001,404,234 | ---- | C] () -- C:\Users\***\Desktop\Hotmail.zip
[2011.05.09 20:29:26 | 000,079,849 | ---- | C] () -- C:\Users\***\Desktop\216443_212684722094298_100000583148127_749754_2942354_n.jpg
[2011.05.07 10:20:40 | 000,076,570 | ---- | C] () -- C:\Users\***\Desktop\PdfPrint.pdf
[2011.05.07 10:14:07 | 000,044,567 | ---- | C] () -- C:\Users\***\Desktop\B10419-2660_54877939_8MWBL3_145469-20110508-PDFTICKET 19 .pdf
[2011.05.07 01:09:46 | 000,007,846 | ---- | C] () -- C:\Users\***\Desktop\OpenDocument Text (neu).odt
[2011.05.06 12:35:05 | 000,733,188 | ---- | C] () -- C:\Users\dani\Desktop\tox 3.pdf
[2011.05.06 12:33:59 | 002,216,156 | ---- | C] () -- C:\Users\dani\Desktop\tox 2.pdf
[2011.05.06 12:32:14 | 003,270,670 | ---- | C] () -- C:\Users\dani\Desktop\tox 1.pdf
[2011.05.05 23:40:41 | 000,001,876 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VLC play! Server.lnk
[2011.05.05 12:47:49 | 000,029,177 | ---- | C] () -- C:\Users\***\Desktop\Strategie_Green_AOI.odt
[2011.05.04 19:26:20 | 000,047,810 | ---- | C] () -- C:\Users\***\Desktop\anna.jpg
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.01.13 10:14:46 | 000,000,983 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.12.05 19:22:45 | 000,000,036 | ---- | C] () -- C:\Users\dani\AppData\Local\housecall.guid.cache
[2010.09.06 20:52:13 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.10 13:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\System32\0.17074596067894565.exe
[2010.05.20 18:42:02 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2010.04.29 21:39:24 | 000,000,600 | ---- | C] () -- C:\Users\dani\AppData\Local\PUTTY.RND
[2010.04.11 20:54:53 | 000,167,936 | ---- | C] () -- C:\Windows\A4.dll
[2010.04.11 20:54:53 | 000,045,056 | ---- | C] () -- C:\Windows\GetKey.dll
[2010.04.11 20:44:39 | 000,001,841 | ---- | C] () -- C:\ProgramData\HijackThis.lnk
[2010.03.14 13:39:56 | 000,008,385 | ---- | C] () -- C:\Windows\System32\SETUP.INI
[2010.03.10 18:30:32 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.10.15 18:24:01 | 000,000,604 | ---- | C] () -- C:\Windows\Edofma.INI
[2009.08.16 16:29:18 | 000,438,272 | ---- | C] () -- C:\Windows\System32\PaintX.dll
[2009.06.05 21:30:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.05 21:30:27 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.05.03 20:39:16 | 000,041,984 | ---- | C] () -- C:\Users\dani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.28 21:53:57 | 000,271,360 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.04.28 21:53:56 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.04.28 21:15:47 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2009.04.28 21:15:47 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2009.04.13 21:54:46 | 000,000,680 | ---- | C] () -- C:\Users\dani\AppData\Local\d3d9caps.dat
[2009.04.13 21:21:51 | 000,179,179 | ---- | C] () -- C:\Windows\hphins27.dat
[2009.02.25 01:16:36 | 000,033,136 | ---- | C] () -- C:\Windows\ASScrPro.exe
[2009.02.25 01:16:26 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009.02.25 00:43:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.02.24 23:19:26 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.07.02 05:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 19:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2008.04.16 13:11:34 | 000,629,186 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.04.16 13:11:34 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.04.16 13:11:34 | 000,126,640 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.04.16 13:11:34 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.04.16 12:43:39 | 000,000,010 | ---- | C] () -- C:\Windows\System32\ABLKSR.ini
[2008.03.09 16:01:07 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.03.09 15:32:51 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.03.04 13:01:59 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008.02.28 04:14:03 | 000,168,886 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007.12.13 02:04:20 | 000,000,787 | ---- | C] () -- C:\Windows\hphmdl27.dat
[2007.10.01 08:59:45 | 001,769,984 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2007.08.06 19:18:31 | 000,081,920 | ---- | C] () -- C:\Windows\PGMonitor.exe
[2007.05.09 09:16:39 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 003,785,680 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,596,440 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,104,256 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.03.09 03:57:59 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2004.10.26 22:24:32 | 000,130,016 | ---- | C] () -- C:\Windows\System32\KM1630AQ.DRV
[2004.04.21 22:52:28 | 000,000,263 | ---- | C] () -- C:\Windows\System32\KCMV3D.INI
[2003.06.20 23:22:44 | 000,024,311 | ---- | C] () -- C:\Windows\System32\KM311910.DAT
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2010.12.23 21:02:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2011.01.22 22:55:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Apple Computer
[2009.05.10 23:14:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Arcsoft
[2009.08.22 21:14:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2009.03.31 21:23:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ATI
[2009.10.30 16:48:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Azureus
[2009.12.12 16:02:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CyberLink
[2009.06.07 23:17:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2009.09.20 12:28:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DivX
[2011.05.30 19:53:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss
[2010.12.05 00:10:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.03.10 20:25:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GetRightToGo
[2009.04.16 09:06:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Google
[2009.12.04 22:10:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hamachi
[2009.04.13 21:58:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\HP
[2011.04.06 20:41:35 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.03.31 21:22:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2009.05.03 14:54:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield
[2009.03.31 21:23:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2010.12.06 19:01:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011.05.09 15:16:20 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2009.04.24 15:42:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2009.05.12 17:39:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2009.04.25 08:37:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera
[2010.12.06 20:09:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\QuickScan
[2009.05.03 15:27:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Scilab
[2009.05.09 22:10:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skinux
[2011.05.17 20:02:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2011.05.17 18:13:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\skypePM
[2011.05.28 12:59:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2009.06.26 21:25:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Symantec
[2010.07.09 03:29:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2009.04.28 19:55:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2010.05.03 20:39:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unigraphics Solutions
[2010.06.12 03:25:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc
[2009.04.28 19:50:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2010.06.04 10:53:16 | 000,010,134 | R--- | M] () -- C:\Users\dani\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WININIT.EXE >
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\System32\wininit.exe
[2008.01.21 04:23:42 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:A9662AE0
@Alternate Data Stream - 101 bytes -> C:\ProgramData\Temp:010ADD2C
< End of report > --- --- ---
[/code] Code:
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6744
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048
01.06.2011 18:11:38
mbam-log-2011-06-01 (18-11-38).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Durchsuchte Objekte: 545123
Laufzeit: 1 Stunde(n), 59 Minute(n), 52 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden) |