| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win7 Security 2011 Center, Action CenterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.06.2011, 12:08
| #1 |
 |  Win7 Security 2011 Center, Action Center Hallo, erstmal vielen Dank für das Betreiben eines so hilfreichen Forums! Jetzt kurz zum Problem, das ich vielleicht beseitigt habe  System: Windows 7 Pro 64bit auf Dell Precision M90 Vorgestern gingen bei mir die in anderen Threads beschriebenen Warnmeldungen zu Windows 7 Security 2011 auf (Virenbefall, Software kaufen etc). Instinktiv habe ich den Mist als solchen erkannt und dann zunächst folgendes zur Entfernung probiert: Alle Dateien und Ordner (auch System) auf sichtbar. Manuell gesucht aber Anwendung nicht gefunden (Prozess xkx.exe - eventuell war es auch kxk oder so... hab ich leider vergessen mir zu notieren) Mit der Desinfect-CD von der ct unter Linux, allerdings erfolglos (bei allen 4 Scannern). Die CD startet ein Ubuntu mit 4 Scannern, war Anfang des Jahres im Heft. Erschien mir sclau, hat aber fast den ganzen Tag gedauert und eben nichts gebracht.... aber ich hatte das Teil und dachte... naja. Dann dieses Forum gefunden... ... und Malware Bites Anti-Malware in einem Durchlauf - mit anderem Rechner runtergeladen, über Stick aufgespielt ohne Netzwerkverbindung. Hier fündig geworden. Dann Neustart, Virendantenbank aktualisiert, erneuter Scan. Wieder 2 Funde. Alles zunächst in Quarantäne und dann entfernt. Mit CCleaner (Portable 64 vom Stick) mehrere Durchläufe und Registry etc bereinigt. MBAM erneut ausgeführt. MBAM deinstalliert, Security Essentials installiert (bzw die angegriffenen Reste zunächst deinstalliert und dann neu installiert, irgendwie hatten die jetzt ne Macke) Scan laufen lassen. Windows Sicherheitstools (Firewall und MSSE deaktiviert) CCleaner nochmal laufen lassen MBAM erneut installiert und scannen lassen.. ... wobei mir da grade einfällt ich meine es hätte eine Fehlermeldung gegeben, die ich aber ignoriert habe (Sorry, schlechtes Reporting meinerseits, wenn es wichtig ist installiere ich nochmal neu und scanne nochmals) Bis dahin alles sauber. Ach so.. ich hatte alles (?) im Autostart, ebenso - wie erwähnt - die beiden Windows Sicherheitstools deaktiviert (Firewall & Essentials) OTL auf den Desktop kopiert, gestartet und das kam dann dabei heraus. Alles sauber......?  Ich Depp war natürlich auch immer als Admin online (es ist ja sooo umständlcih den Benutzer zu wechseln wenn man was installieren will und dann auch beide Konten ordentlich zuhalten... das hat ein Ende  )Also schonmal  so weit, ihr habt echt Nerven den ellen Selber-Schuld-Idioten (wie mir) zu helfen. Ich hoffe ich habe jetzt wenigstens alles richtig gemacht, zumindest was die Infobereitstellung angeht.Anbei also hier noch das OTL-File PS Kann sein dass Unregelmäßigkeiten mit dem Grafikkartentreiber auftauchen, den musste ich modifizieren da sonst die aktuellen Adobe-Produkte nicht korrekt laufen, ist also ein Treiber der FX 1500 angepasst für die FX2500M - ich hoffe damit habe ich nicht gegen dei Regeln hier verstoßen und solche Notwendigkeiten mangels Support sind iO. ich sehe grade... im Autostart ist der Microsoft Security client jetzt doppelt. hm... was tun? |
|
10.06.2011, 10:16
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Win7 Security 2011 Center, Action Center Was wurde wo genau gefunden? Solche Angaben reichen nicht aus, bitte poste die Logs der Scanner (Malwarebytes und andere die du genutzt hast) vollständig!
__________________
__________________ |
|
10.06.2011, 12:29
| #3 |
| | Win7 Security 2011 Center, Action Center hm, sorry.
__________________Also Mawarbytes sagt mir jetzt nur noch dies hier: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org
Datenbank Version: 6823
Windows 6.1.7600
Internet Explorer 9.0.8112.16421
10.06.2011 13:15:51
mbam-log-2011-06-10 (13-15-51).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 172485
Laufzeit: 1 Minute(n), 41 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Von den MS Essentials wurde noch der Kollege hier gefunden, hxxp://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=TrojanDownloader%3aWin32%2fKaragany.A&threatid=2147638874 Da bin ich mir aber jetzt nicht sicher ob sich die MSE vielleicht mit MWB beissen. Funktioniert da eine parallele Installation? Wieso ist denn OTL nicht ausreichend? Ich hatte hier beim Lesen immer so dein Eindruck das wäre die ultimative Abschlusskontrolle. Danke schonmal und mein Unwissen ist mir hoffentlich verziehen. Ich bin gewillt allen Anleitung brav zu folgen. |
|
10.06.2011, 13:15
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Ja du sollst ja auch die alten Logs mit den Funden posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
10.06.2011, 13:18
| #5 |
| | Win7 Security 2011 Center, Action Center Ja Mist, die hab ich entsorgt. |
|
10.06.2011, 13:29
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Was heißt entsorgt? Du hast die doch nicht aus dem Reiter Logdateien geschmissen?
__________________ --> Win7 Security 2011 Center, Action Center |
|
10.06.2011, 13:40
| #7 |
| | Win7 Security 2011 Center, Action Center Ich hatte MWB wieder deinstalliert weil ich dachte es verträgt sich vielleicht nicht mit den MSE (tut aber wohl doch?). Das heißt also in der Installation die jetzt eben wieder vorgenommen habe ist abgesehen von den paar Zeilen, die ich hier gepostet habe, Leere. Das war wohl n Fehler. Und nu? |
|
10.06.2011, 13:43
| #8 |
| | Win7 Security 2011 Center, Action Center ach die MSE haben eben einen Karangy.A gefunden. Da sie aber neulich nach einem vollscan nichts gefunden haben, habe ich den Verdacht dass diese Meldung vielleicht doch vom MWB kommt? Oder es hat sich in der Zwischenzeit wieder etwas eingeschlichen, bzw ist jetzt erst duch die neusten Definitionen gefunden worden. gibts irgendwo ein log von den MSE der dir weiterhelfen könnte? |
|
10.06.2011, 14:11
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Weißt du den noch was Malwarebytes gefunden hat?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.06.2011, 14:19
| #10 |
| | Win7 Security 2011 Center, Action Center nein. ich weiß nur dass ich eine xkx.exe (oder so ähnlich hatte) und eben dieses blöde Security-Ding, das alles sperrt. |
|
10.06.2011, 14:43
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..network.proxy.ftp_port: 2
FF - prefs.js..network.proxy.gopher: ""
FF - prefs.js..network.proxy.gopher_port: 2
FF - prefs.js..network.proxy.http_port: 2
FF - prefs.js..network.proxy.socks_port: 2
FF - prefs.js..network.proxy.ssl_port: 2
FF - prefs.js..network.proxy.type: 0
O4 - HKLM..\Run: [] File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\Shell\AutoRun\command - "" = E:\tools\shelexec.exe html\index.htm
[2011.06.07 06:25:39 | 000,000,000 | ---D | C] -- C:\.Trash-999
[2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\Users\***\AppData\Local\w750dc15gj4lahb7v3a
[2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\ProgramData\w750dc15gj4lahb7v3a
@Alternate Data Stream - 1344 bytes -> C:\Users\***\AppData\Local\Temp:nNF3EDZrQSPBkb9nzPZ4pM35Pd
@Alternate Data Stream - 1255 bytes -> C:\Users\***\AppData\Local\Temp:Ra1kaFVeGPUC0ldmyObOuy0P
:Commands
[purity]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.06.2011, 15:59
| #12 |
| | Win7 Security 2011 Center, Action Center ok. hoffe das war so richtig. Code:
ATTFilter OTL logfile created on: 10.06.2011 16:52:11 - Run 3 OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Surfer\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,17% Memory free 6,49 Gb Paging File | 5,01 Gb Available in Paging File | 77,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 195,21 Gb Total Space | 139,94 Gb Free Space | 71,69% Space Free | Partition Type: NTFS Drive D: | 503,32 Gb Total Space | 434,71 Gb Free Space | 86,37% Space Free | Partition Type: NTFS Drive H: | 972,39 Mb Total Space | 938,31 Mb Free Space | 96,50% Space Free | Partition Type: FAT Drive I: | 465,65 Gb Total Space | 9,53 Gb Free Space | 2,05% Space Free | Partition Type: FAT32 Drive K: | 149,01 Gb Total Space | 60,38 Gb Free Space | 40,52% Space Free | Partition Type: FAT32 Drive L: | 931,31 Gb Total Space | 664,50 Gb Free Space | 71,35% Space Free | Partition Type: NTFS Drive M: | 465,65 Gb Total Space | 26,00 Gb Free Space | 5,58% Space Free | Partition Type: FAT32 Computer Name: *** | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Surfer\Desktop\OTL.exe PRC - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe ========== Modules (SafeList) ========== MOD - [2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Surfer\Desktop\OTL.exe MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2007.09.13 14:45:42 | 000,119,296 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\stacsv64.exe -- (STacSV) SRV - [2011.05.29 09:11:28 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.05.17 17:32:22 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.05.18 13:04:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2010.07.30 14:18:04 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2010.07.30 14:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2010.07.30 14:18:00 | 000,026,624 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2010.07.30 14:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010.03.30 22:27:42 | 000,015,360 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Spyder3.sys -- (Spyder3) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:06:32 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.01 00:55:56 | 002,755,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI) DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2007.09.13 14:46:06 | 000,392,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2007.03.26 19:48:24 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp) DRV:64bit: - [2007.03.19 12:09:36 | 000,055,808 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk) DRV:64bit: - [2007.02.27 16:10:38 | 000,053,760 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk) DRV:64bit: - [2006.11.01 07:33:34 | 000,022,832 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiWinAcc.sys -- (SiFilter) DRV:64bit: - [2006.11.01 07:33:24 | 000,017,200 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SiRemFil.sys -- (SiRemFil) DRV:64bit: - [2006.11.01 07:33:00 | 000,109,872 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SI3132.sys -- (SI3132) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.05.17 16:05:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.05.18 09:58:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.05.18 09:58:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.18 08:05:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.18 15:53:27 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.05.18 08:05:05 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.05.18 09:58:17 | 000,000,000 | ---D | M] [2011.06.10 16:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Surfer\AppData\Roaming\mozilla\Extensions [2011.06.10 16:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Surfer\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.05.24 15:39:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.05.18 15:53:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} File not found (No name found) -- [2011.05.17 16:05:27 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9} [2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.05.18 15:53:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4:64bit: - HKLM..\Run: [SigmatelSysTrayApp] C:\Programme\SigmaTel\C-Major Audio\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.06.10 16:48:43 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Thunderbird [2011.06.10 16:48:43 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\Thunderbird [2011.06.10 16:48:33 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Mozilla [2011.06.10 16:48:33 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\Mozilla [2011.06.10 16:47:50 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Surfer\Desktop\OTL.exe [2011.06.10 12:21:30 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Malwarebytes [2011.06.10 12:21:13 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.06.10 12:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.06.08 16:21:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrossFont [2011.06.08 16:21:24 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\CrossFnt [2011.06.08 16:21:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrossFnt [2011.06.08 14:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainbow Folders [2011.06.08 14:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rainbow Folders [2011.06.08 08:51:48 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.06.07 14:37:01 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\Datacolor [2011.06.07 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Duplicati [2011.06.07 14:36:59 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Adobe [2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Searches [2011.06.07 14:36:47 | 000,000,000 | R--D | C] -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.06.07 14:36:39 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Identities [2011.06.07 14:36:37 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Contacts [2011.06.07 14:36:23 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\VirtualStore [2011.06.07 14:36:18 | 000,000,000 | --SD | C] -- C:\Users\Surfer\AppData\Roaming\Microsoft [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Music [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Links [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Favorites [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Downloads [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Documents [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Desktop [2011.06.07 14:36:18 | 000,000,000 | R--D | C] -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Vorlagen [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\AppData\Local\Verlauf [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\AppData\Local\Temporary Internet Files [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Startmenü [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\SendTo [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Recent [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Netzwerkumgebung [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Lokale Einstellungen [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Documents\Eigene Videos [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Documents\Eigene Musik [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Eigene Dateien [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Documents\Eigene Bilder [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Druckumgebung [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Cookies [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\AppData\Local\Anwendungsdaten [2011.06.07 14:36:18 | 000,000,000 | -HSD | C] -- C:\Users\Surfer\Anwendungsdaten [2011.06.07 14:36:18 | 000,000,000 | -H-D | C] -- C:\Users\Surfer\AppData [2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\Temp [2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Local\Microsoft [2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Media Center Programs [2011.06.07 14:36:18 | 000,000,000 | ---D | C] -- C:\Users\Surfer\AppData\Roaming\Macromedia [2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Videos [2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Saved Games [2011.06.07 14:36:17 | 000,000,000 | R--D | C] -- C:\Users\Surfer\Pictures [2011.06.07 11:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.06.07 09:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2011.06.07 09:46:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client [2011.06.07 07:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.06.07 07:54:15 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.06.07 06:25:39 | 000,000,000 | ---D | C] -- C:\.Trash-999 [2011.06.01 12:58:47 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2011.06.01 12:58:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor [2011.06.01 12:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Datacolor [2011.05.31 19:40:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000 [2011.05.27 07:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.05.27 07:28:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2011.05.27 07:28:40 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.05.25 10:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7 [2011.05.25 10:26:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime [2011.05.25 10:26:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2011.05.25 10:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2011.05.25 10:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2011.05.25 07:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials TV [2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RapidSolution [2011.05.25 07:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 8 [2011.05.24 15:19:48 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2011.05.24 15:17:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2011.05.23 14:17:13 | 000,092,672 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpzpnp.dll [2011.05.23 14:17:11 | 000,056,320 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\HPBMINI.DLL [2011.05.23 13:49:06 | 000,000,000 | ---D | C] -- C:\Programme\Hewlett-Packard [2011.05.23 13:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard [2011.05.23 09:44:19 | 000,193,592 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppdcompio.dll [2011.05.23 09:44:19 | 000,167,480 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysWow64\hppccompio.dll [2011.05.23 09:44:19 | 000,022,016 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hppmopjl.dll [2011.05.23 09:44:18 | 000,384,000 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpmml112.dll [2011.05.23 09:44:18 | 000,352,256 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpmja112.dll [2011.05.23 09:44:18 | 000,309,760 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpmpm081.dll [2011.05.23 09:44:18 | 000,271,872 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpmtp112.dll [2011.05.23 09:44:18 | 000,218,112 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpmpw081.dll [2011.05.23 09:44:07 | 000,286,720 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpcpn112.dll [2011.05.23 09:44:06 | 000,507,904 | ---- | C] (HP) -- C:\Windows\SysWow64\hpcdmc32.dll [2011.05.23 09:44:06 | 000,321,536 | ---- | C] (Hewlett Packard Corporation) -- C:\Windows\SysWow64\hpcc3112.dll [2011.05.23 09:44:05 | 000,060,440 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\FxCompChannel_x64.dll [2011.05.23 07:20:12 | 000,000,000 | ---D | C] -- C:\Programme\Duplicati [2011.05.23 07:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicati [2011.05.21 08:02:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite [2011.05.21 07:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia [2011.05.21 07:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaMusic [2011.05.21 07:58:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia [2011.05.21 07:57:47 | 000,000,000 | ---D | C] -- C:\Programme\DIFX [2011.05.21 07:57:45 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys [2011.05.21 07:52:14 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll [2011.05.21 07:52:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia [2011.05.19 07:36:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation [2011.05.19 07:36:02 | 000,000,000 | ---D | C] -- C:\Programme\Blender Foundation [2011.05.18 19:50:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011.05.18 16:52:52 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWia09b.dll [2011.05.18 16:52:52 | 000,050,176 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrUsi09a.dll [2011.05.18 16:52:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother [2011.05.18 16:51:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2011.05.18 15:59:31 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.05.18 15:54:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2011.05.18 15:53:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.05.18 15:53:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.05.18 15:53:27 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.05.18 15:53:27 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.05.18 15:53:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.05.18 15:53:27 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.05.18 15:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.05.18 13:04:19 | 000,046,112 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2011.05.18 10:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras [2011.05.18 10:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.05.18 10:24:01 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\logishrd [2011.05.18 09:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.05.18 09:57:11 | 000,000,000 | ---D | C] -- C:\Programme\DivX [2011.05.18 09:57:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.05.18 09:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.05.18 09:47:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX [2011.05.18 09:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.05.18 09:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revolver [2011.05.18 09:41:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Revolver Solo [2011.05.18 08:18:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2011.05.18 08:18:23 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2011.05.18 08:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.05.18 08:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.05.18 08:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.05.18 08:03:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.05.18 08:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.05.18 07:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.05.18 07:41:46 | 020,699,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2011.05.18 07:41:46 | 015,223,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2011.05.18 07:41:46 | 012,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2011.05.18 07:41:46 | 010,073,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2011.05.18 07:41:45 | 002,273,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2011.05.18 07:41:45 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2011.05.18 07:19:46 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.05.18 06:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [2011.05.18 06:47:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client [2011.05.18 06:24:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.05.18 05:45:03 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011.05.18 05:45:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.05.18 05:45:03 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011.05.18 05:45:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011.05.18 05:45:03 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.05.18 05:45:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011.05.18 05:45:03 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.05.18 05:45:02 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011.05.18 05:45:02 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011.05.18 05:45:02 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.05.18 05:45:02 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011.05.18 05:45:02 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.05.18 05:45:02 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011.05.18 05:45:02 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.05.18 05:45:02 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011.05.18 05:45:02 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011.05.18 05:45:02 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011.05.18 05:45:02 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011.05.18 05:45:02 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011.05.18 05:45:02 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011.05.18 05:45:02 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011.05.18 05:45:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011.05.18 05:45:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011.05.18 05:45:01 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011.05.18 05:45:01 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.05.18 05:45:01 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011.05.18 05:45:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011.05.18 05:45:01 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011.05.18 05:45:01 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011.05.18 05:45:01 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011.05.18 05:45:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011.05.18 05:45:01 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011.05.18 05:45:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011.05.18 05:45:01 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.05.18 05:45:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011.05.18 05:45:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011.05.18 05:45:01 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.05.18 05:45:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011.05.18 05:45:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011.05.18 05:45:00 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011.05.18 05:45:00 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011.05.18 05:44:59 | 002,303,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.05.18 05:44:59 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.05.18 05:44:59 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011.05.18 05:44:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011.05.18 05:44:59 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011.05.18 05:44:59 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011.05.18 05:44:59 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.05.18 05:44:59 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011.05.18 05:44:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011.05.18 05:44:59 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011.05.18 05:44:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011.05.18 05:44:58 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.05.18 05:44:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011.05.18 05:44:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011.05.18 05:44:58 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011.05.18 05:44:58 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011.05.18 05:44:58 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011.05.18 05:44:58 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.05.18 05:44:57 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011.05.18 05:44:57 | 001,492,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011.05.18 05:44:57 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011.05.18 05:44:57 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011.05.18 05:44:57 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.05.18 05:44:57 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011.05.18 05:44:57 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.05.18 05:44:57 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011.05.18 05:44:57 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011.05.18 05:44:57 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011.05.18 05:44:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011.05.18 05:44:57 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011.05.18 05:44:57 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.05.18 05:44:56 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.05.18 05:44:56 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.05.18 05:44:56 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011.05.18 05:44:56 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011.05.18 05:44:56 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011.05.18 05:44:56 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.05.18 05:43:41 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.05.18 05:43:41 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.05.18 05:43:40 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.05.18 05:43:40 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.05.18 05:43:40 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.05.18 05:43:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.05.18 05:43:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.05.18 05:43:39 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.05.18 05:43:39 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.05.18 05:43:38 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.05.18 05:43:38 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.05.18 05:43:38 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.05.18 05:43:38 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.05.18 05:43:38 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.05.18 05:43:38 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.05.18 05:43:38 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.05.18 05:43:37 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.05.18 05:43:37 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.05.18 05:43:37 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.05.18 05:43:37 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.05.18 05:43:37 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.05.18 05:43:37 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.05.18 05:43:36 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.05.18 05:43:36 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.05.18 05:43:36 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.05.18 05:43:35 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.05.18 05:43:35 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.05.18 05:40:59 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2011.05.18 05:40:59 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2011.05.17 18:18:11 | 000,024,416 | R--- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll [2011.05.17 17:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011.05.17 17:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared [2011.05.17 17:28:07 | 000,052,568 | ---- | C] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll [2011.05.17 17:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.05.17 17:23:21 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.05.17 17:23:21 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.05.17 17:23:19 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642060.dll [2011.05.17 17:23:17 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2011.05.17 17:23:17 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2011.05.17 17:23:17 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll [2011.05.17 17:23:16 | 005,188,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2011.05.17 17:23:16 | 002,204,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2011.05.17 17:23:16 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2011.05.17 17:23:15 | 006,984,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2011.05.17 17:23:13 | 018,578,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2011.05.17 17:23:13 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2011.05.17 17:23:13 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2011.05.17 17:22:49 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2011.05.17 17:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2011.05.17 16:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2011.05.17 16:36:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2011.05.17 16:21:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Adobe [2011.05.17 15:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player [2011.05.17 15:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2011.05.17 15:46:58 | 000,055,856 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2011.05.17 15:46:58 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2011.05.17 15:46:58 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2011.05.17 15:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.05.17 15:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2011.05.17 15:46:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2011.05.17 15:43:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2011.05.17 15:43:17 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2011.05.17 15:42:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5 [2011.05.17 15:42:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.05.17 15:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2011.05.17 15:42:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.05.17 15:39:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.05.17 15:36:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.05.17 15:29:33 | 000,109,872 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SI3132.sys [2011.05.17 15:29:33 | 000,022,832 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SiWinAcc.sys [2011.05.17 15:29:33 | 000,017,200 | ---- | C] (Silicon Image, Inc.) -- C:\Windows\SysNative\drivers\SiRemFil.sys [2011.05.17 15:24:44 | 005,083,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stacui64.cpl [2011.05.17 15:24:44 | 001,603,584 | ---- | C] (SigmaTel, Inc.) -- C:\Windows\SysNative\stlang64.dll [2011.05.17 15:24:44 | 000,119,296 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stacsv64.exe [2011.05.17 15:24:19 | 000,000,000 | ---D | C] -- C:\Programme\SigmaTel [2011.05.17 15:24:18 | 000,654,848 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll [2011.05.17 15:24:18 | 000,392,192 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys [2011.05.17 15:24:18 | 000,365,056 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll [2011.05.17 15:24:18 | 000,347,648 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll [2011.05.17 15:24:18 | 000,177,664 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st645614.dll [2011.05.17 15:24:17 | 000,600,064 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\ctapo64.dll [2011.05.17 15:24:17 | 000,045,568 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\ctppld.dll [2011.05.17 15:24:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SigmaTel [2011.05.17 15:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2011.05.17 15:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.05.17 14:57:55 | 000,845,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe [2011.05.17 14:56:45 | 000,090,112 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\snymsico.dll [2011.05.17 14:56:45 | 000,055,808 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rixdpx64.sys [2011.05.17 14:56:45 | 000,055,808 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimmpx64.sys [2011.05.17 14:56:45 | 000,053,760 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\rimspx64.sys [2011.05.17 14:56:45 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011.05.17 14:56:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011.05.17 14:56:24 | 000,000,000 | ---D | C] -- C:\dell [2011.05.17 14:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.05.17 14:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird [2011.05.17 14:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2011.05.17 13:58:36 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2011.05.17 13:58:36 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2011.05.17 13:58:36 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2011.05.17 13:58:36 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2011.05.17 13:58:36 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2011.05.17 13:58:36 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2011.05.17 13:58:36 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2011.05.17 13:58:36 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2011.05.17 13:58:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2011.05.17 13:51:36 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2011.05.17 13:51:36 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2011.05.17 13:51:36 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2011.05.17 13:51:36 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2011.05.17 13:51:35 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2011.05.17 13:51:35 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2011.05.17 13:51:35 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2011.05.17 13:51:35 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2011.05.17 13:49:45 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2011.05.17 13:49:45 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2011.05.17 13:49:44 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2011.05.17 13:49:44 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2011.05.17 13:24:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.05.17 13:19:25 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll [2011.05.17 13:19:25 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll [2011.05.17 13:19:18 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2011.05.17 13:19:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2011.05.17 13:19:15 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2011.05.17 13:19:04 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2011.05.17 13:19:03 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2011.05.17 13:19:03 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2011.05.17 13:19:03 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2011.05.17 13:19:02 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2011.05.17 13:19:02 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2011.05.17 13:19:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2011.05.17 13:19:02 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2011.05.17 13:18:59 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2011.05.17 13:17:57 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2011.05.17 13:16:50 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2011.05.17 13:16:49 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2011.05.17 13:16:49 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2011.05.17 13:16:48 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2011.05.17 13:16:48 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2011.05.17 13:16:48 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2011.05.17 13:16:47 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2011.05.17 13:16:43 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2011.05.17 13:16:43 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2011.05.17 13:16:43 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2011.05.17 13:16:39 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2011.05.17 13:16:39 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2011.05.17 13:16:32 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2011.05.17 13:16:32 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2011.05.17 13:16:32 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2011.05.17 13:16:32 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2011.05.17 13:16:32 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2011.05.17 13:16:32 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2011.05.17 13:16:30 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2011.05.17 13:16:26 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2011.05.17 13:16:26 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2011.05.17 13:16:26 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2011.05.17 13:16:26 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2011.05.17 13:16:21 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2011.05.17 13:16:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2011.05.17 13:16:19 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2011.05.17 13:16:19 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2011.05.17 13:16:18 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2011.05.17 13:16:09 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2011.05.17 13:16:09 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2011.05.17 13:16:09 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2011.05.17 13:16:06 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2011.05.17 13:16:06 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2011.05.17 13:16:06 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2011.05.17 13:16:06 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2011.05.17 13:16:06 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2011.05.17 13:16:05 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2011.05.17 13:16:05 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2011.05.17 13:16:03 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2011.05.17 13:15:59 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2011.05.17 13:15:54 | 001,739,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2011.05.17 13:15:52 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2011.05.17 13:15:47 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2011.05.17 13:15:46 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2011.05.17 13:15:45 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2011.05.17 13:15:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2011.05.17 13:15:42 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2011.05.17 13:15:42 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2011.05.17 13:15:40 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll [2011.05.17 13:15:40 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll [2011.05.17 13:15:38 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2011.05.17 13:13:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.05.17 13:12:48 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2011.05.17 12:59:13 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2011.05.17 12:59:13 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2011.05.17 12:59:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2011.05.17 12:59:08 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Programme [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.05.17 12:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.05.17 12:28:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.05.17 12:25:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.05.17 12:25:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.10 16:43:27 | 001,502,580 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.06.10 16:43:27 | 000,654,292 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.06.10 16:43:27 | 000,617,616 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.06.10 16:43:27 | 000,130,784 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.06.10 16:43:27 | 000,107,958 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.06.10 12:21:14 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.10 07:57:25 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.06.10 07:57:25 | 000,014,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.06.10 07:50:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.06.10 07:50:04 | 2615,783,424 | -HS- | M] () -- C:\hiberfil.sys [2011.06.09 07:54:47 | 005,140,016 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.06.08 08:51:48 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011.06.07 09:47:11 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif [2011.06.07 09:46:50 | 001,524,494 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\ProgramData\w750dc15gj4lahb7v3a [2011.06.07 00:02:20 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Surfer\Desktop\OTL.exe [2011.06.01 13:03:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Spyder3_01001.Wdf [2011.06.01 12:58:42 | 000,001,353 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.05.23 13:48:58 | 000,000,000 | ---- | M] () -- C:\Windows\HPMProp.INI [2011.05.23 07:20:18 | 000,001,909 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2011.05.21 07:53:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.05.21 07:52:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2011.05.18 16:53:41 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bridf07a.dat [2011.05.18 16:53:39 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI [2011.05.18 16:53:39 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2011.05.18 15:53:14 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.05.18 15:53:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.05.18 15:53:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.05.18 15:53:13 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.05.18 13:04:19 | 000,046,112 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2011.05.18 10:39:58 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.05.18 05:45:03 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll [2011.05.18 05:45:03 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011.05.18 05:45:03 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2011.05.18 05:45:03 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msls31.dll [2011.05.18 05:45:03 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2011.05.18 05:45:03 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2011.05.18 05:45:03 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2011.05.18 05:45:03 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2011.05.18 05:45:02 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2011.05.18 05:45:02 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2011.05.18 05:45:02 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2011.05.18 05:45:02 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft.dll [2011.05.18 05:45:02 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011.05.18 05:45:02 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtrans.dll [2011.05.18 05:45:02 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011.05.18 05:45:02 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2011.05.18 05:45:02 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2011.05.18 05:45:02 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2011.05.18 05:45:02 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2011.05.18 05:45:02 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2011.05.18 05:45:02 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011.05.18 05:45:02 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2011.05.18 05:45:02 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2011.05.18 05:45:02 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2011.05.18 05:45:01 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2011.05.18 05:45:01 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2011.05.18 05:45:01 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2011.05.18 05:45:01 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2011.05.18 05:45:01 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2011.05.18 05:45:01 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2011.05.18 05:45:01 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2011.05.18 05:45:01 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2011.05.18 05:45:01 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2011.05.18 05:45:01 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2011.05.18 05:45:01 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011.05.18 05:45:01 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2011.05.18 05:45:01 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2011.05.18 05:45:01 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\imgutil.dll [2011.05.18 05:45:01 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2011.05.18 05:45:00 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2011.05.18 05:45:00 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2011.05.18 05:45:00 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2011.05.18 05:44:59 | 002,303,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011.05.18 05:44:59 | 000,818,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011.05.18 05:44:59 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2011.05.18 05:44:59 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2011.05.18 05:44:59 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2011.05.18 05:44:59 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2011.05.18 05:44:59 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2011.05.18 05:44:59 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2011.05.18 05:44:59 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2011.05.18 05:44:59 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2011.05.18 05:44:59 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2011.05.18 05:44:58 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011.05.18 05:44:58 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2011.05.18 05:44:58 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2011.05.18 05:44:58 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2011.05.18 05:44:58 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2011.05.18 05:44:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2011.05.18 05:44:58 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2011.05.18 05:44:57 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2011.05.18 05:44:57 | 001,492,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2011.05.18 05:44:57 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2011.05.18 05:44:57 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2011.05.18 05:44:57 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2011.05.18 05:44:57 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2011.05.18 05:44:57 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011.05.18 05:44:57 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2011.05.18 05:44:57 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2011.05.18 05:44:57 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2011.05.18 05:44:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2011.05.18 05:44:57 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011.05.18 05:44:57 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2011.05.18 05:44:57 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2011.05.18 05:44:56 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2011.05.18 05:44:56 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2011.05.18 05:44:56 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2011.05.18 05:44:56 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2011.05.18 05:44:56 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2011.05.18 05:44:56 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011.05.18 05:43:41 | 001,888,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2011.05.18 05:43:41 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2011.05.18 05:43:40 | 001,837,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2011.05.18 05:43:40 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2011.05.18 05:43:40 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2011.05.18 05:43:40 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2011.05.18 05:43:40 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2011.05.18 05:43:40 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2011.05.18 05:43:39 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll [2011.05.18 05:43:39 | 000,662,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2011.05.18 05:43:38 | 001,863,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll [2011.05.18 05:43:38 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2011.05.18 05:43:38 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll [2011.05.18 05:43:38 | 000,283,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2011.05.18 05:43:38 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll [2011.05.18 05:43:38 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll [2011.05.18 05:43:37 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2011.05.18 05:43:37 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2011.05.18 05:43:37 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll [2011.05.18 05:43:37 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll [2011.05.18 05:43:37 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2011.05.18 05:43:37 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll [2011.05.18 05:43:37 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll [2011.05.18 05:43:36 | 004,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2011.05.18 05:43:36 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2011.05.18 05:43:35 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2011.05.18 05:43:35 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2011.05.17 13:57:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.05.17 12:31:06 | 000,054,699 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.05.17 12:31:06 | 000,054,699 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.05.17 12:30:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf [2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.10 12:21:14 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.07 14:36:55 | 000,001,415 | ---- | C] () -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.06.07 14:36:48 | 000,001,449 | ---- | C] () -- C:\Users\Surfer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.06.07 14:12:38 | 000,001,909 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Duplicati.lnk [2011.06.07 14:12:38 | 000,001,353 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2011.06.07 09:46:38 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2011.06.06 08:00:31 | 000,012,122 | -HS- | C] () -- C:\ProgramData\w750dc15gj4lahb7v3a [2011.06.01 13:03:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Spyder3_01001.Wdf [2011.05.31 19:40:23 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk [2011.05.25 07:50:02 | 000,002,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\audials TV.lnk [2011.05.23 14:17:11 | 000,018,224 | ---- | C] () -- C:\Windows\SysNative\hpceac06.hpi [2011.05.23 13:48:58 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI [2011.05.21 07:53:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.05.21 07:52:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ccdcmbx64_01009.Wdf [2011.05.18 16:53:41 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bridf07a.dat [2011.05.18 16:53:39 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011.05.18 16:53:39 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011.05.18 10:39:58 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.05.18 07:59:51 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.05.18 05:45:02 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011.05.18 05:44:57 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011.05.17 17:31:24 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 9 Pro.lnk [2011.05.17 17:31:24 | 000,002,177 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle Designer ES 8.2.lnk [2011.05.17 17:31:23 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Distiller 9.lnk [2011.05.17 17:23:19 | 000,007,771 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011.05.17 15:42:12 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2011.05.17 14:56:45 | 000,016,480 | ---- | C] () -- C:\Windows\SysNative\rixdicon.dll [2011.05.17 14:31:13 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.05.17 13:57:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.05.17 13:13:47 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif [2011.05.17 13:13:22 | 001,524,494 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.05.17 12:30:56 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011.05.17 12:30:26 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011.05.17 12:30:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf [2011.05.17 12:25:14 | 2615,783,424 | -HS- | C] () -- C:\hiberfil.sys [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll ========== Custom Scans ========== < :OTL > < FF - prefs.js..network.proxy.ftp_port: 2 > < FF - prefs.js..network.proxy.gopher: "" > < FF - prefs.js..network.proxy.gopher_port: 2 > < FF - prefs.js..network.proxy.http_port: 2 > < FF - prefs.js..network.proxy.socks_port: 2 > < FF - prefs.js..network.proxy.ssl_port: 2 > < FF - prefs.js..network.proxy.type: 0 > < O4 - HKLM..\Run: [] File not found > < O32 - HKLM CDRom: AutoRun - 1 > < O33 - MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\Shell - "" = AutoRun > < O33 - MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\Shell\AutoRun\command - "" = E:\tools\shelexec.exe html\index.htm > < [2011.06.07 06:25:39 | 000,000,000 | ---D | C] -- C:\.Trash-999 > < [2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\Users\***\AppData\Local\w750dc15gj4lahb7v3a > < [2011.06.07 08:23:28 | 000,012,122 | -HS- | M] () -- C:\ProgramData\w750dc15gj4lahb7v3a > < @Alternate Data Stream - 1344 bytes -> C:\Users\***\AppData\Local\Temp:nNF3EDZrQSPBkb9nzPZ4pM35Pd > < @Alternate Data Stream - 1255 bytes -> C:\Users\***\AppData\Local\Temp:Ra1kaFVeGPUC0ldmyObOuy0P > < :Commands > < [purity] > < [resethosts] > < End of report > |
|
10.06.2011, 21:45
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Das ist ein neues OTL-Log, aber nicht das Fix-Log!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.06.2011, 06:21
| #14 |
| | Win7 Security 2011 Center, Action Center Sorry. Here we go. Code:
ATTFilter ========== OTL ==========
Prefs.js: 2 removed from network.proxy.ftp_port
Prefs.js: "" removed from network.proxy.gopher
Prefs.js: 2 removed from network.proxy.gopher_port
Prefs.js: 2 removed from network.proxy.http_port
Prefs.js: 2 removed from network.proxy.socks_port
Prefs.js: 2 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1427393-806f-11e0-9230-806e6f6e6963}\ not found.
File E:\tools\shelexec.exe html\index.htm not found.
Folder C:\.Trash-999\ not found.
File C:\Users\***\AppData\Local\w750dc15gj4lahb7v3a not found.
File C:\ProgramData\w750dc15gj4lahb7v3a not found.
Unable to delete ADS C:\Users\***\AppData\Local\Temp:nNF3EDZrQSPBkb9nzPZ4pM35Pd .
Unable to delete ADS C:\Users\***\AppData\Local\Temp:Ra1kaFVeGPUC0ldmyObOuy0P .
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.23.0 log created on 06142011_071622
|
|
14.06.2011, 09:27
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7 Security 2011 Center, Action Center Hast du die Sternchen vorher zurückeditiert? Wenn die Sternchen statt dem echten Namen da stehen, kann das Script nicht 100%ig durchlaufen wie gewollt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Win7 Security 2011 Center, Action Center |
| action center, anfang, autostart, befall, center, dateien, desktop, fehlermeldung, firewall, folge, grafikkarte, linux, malware, microsoft security, nerven, neustart, nicht gefunden, online, ordner, problem, prozess, registry, scan, security, software, stick, treiber, trojaner, warnmeldungen, was tun, win7, windows, windows 7, windows 7 security center |
Linear-Darstellung
