| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Umleitung von Google-Links über 100ksearchesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.07.2011, 11:13
| #1 |
 |  Umleitung von Google-Links über 100ksearches Guten Tag, seit einigen Tagen habe ich folgendes Problem: Ich suche bei Google einen beliebigen Begriff und klicke dann auf einen der gefunden Links. Dann sehe ich wie in der Adresszeile der gewünschte Link auftaucht während im Fenster eine Werbeseite erscheint (meist für einen tubedownloader). Bei diesem Vorgang kann man link unten folgendes lesen: Erst "Nachschlagen auf ..." (der eigentlich gewünschten Website) Dann "Warten auf 100ksearches.com" Dann wechselt diese Anzeige recht schnell aber man kann öfters "Warten auf 66.246.72.42" sehen, wobei die Zahlen wechseln. Am Ende lande ich dann auf der Werbeseite während in der Adresszeile immer noch der Link steht den ich eigenlich aufrufen wollte. Ich benutze Firefox, aber das Problem tritt auch beim Internet Explorer auf, dort allerdings nur unregelmäßig, während bei Firefox fast alle Google-Links umgeleitet werden. Bislang umgehe ich dieses Problem provisorisch indem ich nochmal auf den Orginallink in der Adresszeile klicke und bestätige, sodass die Website neugeladen wird. Ich habe eine Zip-Datei angehängt in der folgende Dateien enthalten sind: - defogger_disable.log - OTL.txt - Extras.txt Gruß Joker |
|
25.07.2011, 07:54
| #2 | ||
| /// Helfer-Team    | Umleitung von Google-Links über 100ksearches Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! 1. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
2. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - bei Win7 wähle Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. ** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten 3. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw grußkira
__________________ |
|
25.07.2011, 21:22
| #3 |
| | Umleitung von Google-Links über 100ksearches Hallo und erst mal vielen Dank für die schnelle Hilfe.
__________________Für Schritt 1 musste ich Zonealarm deinstallieren da es den Updatevorgang von Malwarebyte blockiert hatte. Ich hatte erst versucht Zonealarm nur zu beenden doch Zonealarm hat in keinster Weise mehr reagiert, daher habe ich es dann deinstalliert. Danach lief Malwarbyte problemlos und ich konnte den "Vollständigen Scan" starten ("Komplett Scan" gibt es nicht) Hier das Ergebnis von Malwarebyte: Code:
ATTFilter Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Schritt 2 und 3 werde ich morgen gegen 18 Uhr posten da ich zurzeit spät nach Hause komme und früh aufstehen. Gruß Joker |
|
26.07.2011, 16:22
| #4 |
| | Umleitung von Google-Links über 100ksearches Hallo, hier noch die Ergebnisse von Schritt 2 und 3: hjtscanlist.txt: Code:
ATTFilter
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7600]
C:
26.07.2011 16:30 C:\System Volume Information --------- 28672
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
25.07.2011 19:56 C:\ProgramData --------- 12288
25.07.2011 19:56 C:\Windows --------- 24576
25.07.2011 19:55 C:\Program Files (x86) --------- 28672
23.07.2011 22:27 C:\Program Files --------- 12288
19.07.2011 22:06 C:\Config.Msi --------- 0
21.05.2011 18:09 C:\Arbeit --------- 8192
21.05.2011 12:26 C:\Projekte --------- 0
21.05.2011 12:08 C:\Dev-Cpp --------- 0
02.05.2011 22:28 C:\Verschiebe-Bahnhof --------- 8192
28.01.2011 14:27 C:\test.jpeg --------- 1440054
15.01.2011 13:53 C:\Terzio --------- 0
19.12.2010 15:19 C:\AdobeDebug.txt --------- 0
19.11.2010 18:59 C:\Users --------- 4096
25.10.2010 23:11 C:\09097baaabc917932a50 --------- 0
13.09.2010 19:28 C:\file_list.txt --------- 270
07.08.2010 13:33 C:\Images --------- 0
08.07.2010 15:35 C:\$Recycle.Bin --------- 0
05.07.2010 18:41 C:\MSOCache --------- 0
03.07.2010 22:50 C:\found.001 --------- 0
01.07.2010 22:19 C:\ATI --------- 0
30.06.2010 21:03 C:\found.000 --------- 0
29.06.2010 18:03 C:\Recovery --------- 0
29.06.2010 18:03 C:\Dokumente und Einstellungen --------- 0
29.06.2010 18:03 C:\Programme --------- 0
03.04.2010 20:38 C:\VS_EXPBSLN_x64_deu.MSI --------- 556032
03.04.2010 20:35 C:\VS_EXPBSLN_x64_deu.CAB --------- 2089325
14.07.2009 07:08 C:\Documents and Settings --------- 0
14.07.2009 05:20 C:\PerfLogs --------- 0
14.07.2009 03:38 C:\bootmgr --------- 383562
01.12.2006 23:37 C:\msdia80.dll --------- 904704
03.01.2006 06:02 C:\BOOTSECT.BAK --------- 8192
03.01.2006 06:02 C:\Boot --------- 4096
----------------------------------------
C:\Windows
26.07.2011 17:10 C:\Windows\WindowsUpdate.log --------- 1618176
26.07.2011 16:23 C:\Windows\setupact.log --------- 122636
26.07.2011 16:23 C:\Windows\bootstat.dat --------- 67584
26.07.2011 16:23 C:\Windows\PFRO.log --------- 18952
13.07.2011 19:33 C:\Windows\MEMORY.DMP --------- 286490907
07.07.2011 17:32 C:\Windows\SMinstall.log --------- 85223
10.06.2011 13:42 C:\Windows\win.ini --------- 478
03.05.2011 16:36 C:\Windows\KB893803v2.log --------- 778
03.05.2011 16:35 C:\Windows\KB898715.log --------- 2210
02.05.2011 09:44 C:\Windows\IE9_main.log --------- 2525
26.02.2011 08:23 C:\Windows\explorer.exe --------- 2870272
21.11.2010 10:31 C:\Windows\_MSRSTRT.EXE --------- 2560
01.11.2010 15:00 C:\Windows\ODBCINST.INI --------- 209
01.11.2010 14:58 C:\Windows\CD_Start.INI --------- 32
21.10.2010 21:24 C:\Windows\DirectX.log --------- 335753
24.09.2010 17:49 C:\Windows\nsreg.dat --------- 0
09.09.2010 13:44 C:\Windows\Left 4 Dead Setup Log.txt --------- 4156628
06.08.2010 20:20 C:\Windows\game.ini --------- 331
24.11.2009 17:40 C:\Windows\RtlExUpd.dll --------- 838176
14.07.2009 06:54 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 06:51 C:\Windows\setuperr.log --------- 0
14.07.2009 03:39 C:\Windows\write.exe --------- 10240
14.07.2009 03:39 C:\Windows\splwow64.exe --------- 61952
14.07.2009 03:39 C:\Windows\regedit.exe --------- 427008
14.07.2009 03:39 C:\Windows\notepad.exe --------- 193536
14.07.2009 03:39 C:\Windows\HelpPane.exe --------- 733696
14.07.2009 03:39 C:\Windows\hh.exe --------- 16896
14.07.2009 03:39 C:\Windows\fveupdate.exe --------- 15360
14.07.2009 03:38 C:\Windows\bfsvc.exe --------- 71168
14.07.2009 03:16 C:\Windows\twain_32.dll --------- 51200
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 01:06 C:\Windows\mib.bin --------- 43131
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:08 C:\Windows\system.ini --------- 219
10.06.2009 22:52 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 22:36 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 22:31 C:\Windows\Starter.xml --------- 48201
10.06.2009 22:30 C:\Windows\Professional.xml --------- 53551
16.04.2009 18:19 C:\Windows\atiogl.xml --------- 15577
03.01.2006 06:06 C:\Windows\DtcInstall.log --------- 1774
03.01.2006 06:06 C:\Windows\TSSysprep.log --------- 1313
03.01.2006 06:05 C:\Windows\ativpsrm.bin --------- 0
17.12.1999 10:13 C:\Windows\unvise32.exe --------- 86016
09.10.1999 17:30 C:\Windows\IsUninst.exe --------- 305152
27.10.1998 21:31 C:\Windows\IsUn0407.exe --------- 305664
----------------------------------------
C:\Windows\System
----------------------------------------
C:\Windows\System32
26.07.2011 16:38 C:\Windows\system32\config --------- 40960
26.07.2011 16:30 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 15504
26.07.2011 16:30 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 15504
25.07.2011 19:54 C:\Windows\system32\drivers --------- 65536
25.07.2011 19:54 C:\Windows\system32\catroot --------- 4096
25.07.2011 19:54 C:\Windows\system32\DriverStore --------- 4096
24.07.2011 22:37 C:\Windows\system32\catroot2 --------- 32768
23.07.2011 22:26 C:\Windows\system32\Tasks --------- 4096
23.07.2011 21:54 C:\Windows\system32\perfh009.dat --------- 652708
23.07.2011 21:54 C:\Windows\system32\perfc009.dat --------- 121640
23.07.2011 21:54 C:\Windows\system32\perfh007.dat --------- 698726
23.07.2011 21:54 C:\Windows\system32\perfc007.dat --------- 148782
23.07.2011 21:54 C:\Windows\system32\PerfStringBackup.INI --------- 1613340
22.07.2011 13:42 C:\Windows\system32\SPReview --------- 0
20.07.2011 16:26 C:\Windows\system32\wdi --------- 4096
19.07.2011 21:08 C:\Windows\system32\GroupPolicy --------- 0
17.07.2011 15:12 C:\Windows\system32\NDF --------- 0
14.07.2011 16:11 C:\Windows\system32\FNTCACHE.DAT --------- 3022816
13.07.2011 22:28 C:\Windows\system32\MRT.exe --------- 50867144
03.07.2011 10:07 C:\Windows\system32\EventProviders --------- 0
16.06.2011 16:28 C:\Windows\system32\migration --------- 0
11.06.2011 04:56 C:\Windows\system32\win32k.sys --------- 3134464
02.06.2011 08:45 C:\Windows\system32\wow64win.dll --------- 362496
02.06.2011 08:45 C:\Windows\system32\wow64cpu.dll --------- 13312
02.06.2011 08:45 C:\Windows\system32\wow64.dll --------- 243200
02.06.2011 08:44 C:\Windows\system32\winsrv.dll --------- 214528
02.06.2011 08:42 C:\Windows\system32\ntvdm64.dll --------- 16384
02.06.2011 08:39 C:\Windows\system32\KernelBase.dll --------- 422400
02.06.2011 08:35 C:\Windows\system32\conhost.exe --------- 338944
02.06.2011 08:23 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll --------- 6144
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll --------- 4608
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll --------- 4096
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll --------- 4096
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll --------- 4608
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll --------- 4096
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll --------- 4096
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll --------- 3584
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll --------- 5120
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll --------- 3072
02.06.2011 08:23 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll --------- 3072
28.05.2011 07:22 C:\Windows\system32\mshtml.dll --------- 9316352
28.05.2011 05:25 C:\Windows\system32\mshtml.tlb --------- 1638912
25.05.2011 16:57 C:\Windows\system32\de-DE --------- 327680
24.05.2011 19:14 C:\Windows\system32\MpSigStub.exe --------- 270720
24.05.2011 13:21 C:\Windows\system32\umpnpmgr.dll --------- 404992
14.05.2011 09:36 C:\Windows\system32\kernel32.dll --------- 1162240
04.05.2011 07:30 C:\Windows\system32\tquery.dll --------- 2326016
04.05.2011 07:28 C:\Windows\system32\mssvp.dll --------- 779264
04.05.2011 07:28 C:\Windows\system32\mssrch.dll --------- 2228224
04.05.2011 07:28 C:\Windows\system32\mssphtb.dll --------- 288256
04.05.2011 07:28 C:\Windows\system32\mssph.dll --------- 491520
04.05.2011 07:28 C:\Windows\system32\msscntrs.dll --------- 75264
04.05.2011 07:24 C:\Windows\system32\SearchProtocolHost.exe --------- 249856
04.05.2011 07:24 C:\Windows\system32\SearchIndexer.exe --------- 593408
04.05.2011 07:24 C:\Windows\system32\SearchFilterHost.exe --------- 113664
03.05.2011 07:21 C:\Windows\system32\inetcomm.dll --------- 976896
23.04.2011 09:22 C:\Windows\system32\Boot --------- 0
22.04.2011 22:18 C:\Windows\system32\wininet.dll --------- 1197056
22.04.2011 22:18 C:\Windows\system32\urlmon.dll --------- 1500160
22.04.2011 22:15 C:\Windows\system32\mstime.dll --------- 1026560
22.04.2011 22:14 C:\Windows\system32\mshtmled.dll --------- 97280
22.04.2011 22:14 C:\Windows\system32\msfeedsbs.dll --------- 82944
22.04.2011 22:14 C:\Windows\system32\msfeeds.dll --------- 703488
22.04.2011 22:14 C:\Windows\system32\licmgr10.dll --------- 57856
22.04.2011 22:13 C:\Windows\system32\jsproxy.dll --------- 64512
22.04.2011 22:13 C:\Windows\system32\ieui.dll --------- 247808
22.04.2011 22:13 C:\Windows\system32\iertutil.dll --------- 2448896
22.04.2011 22:13 C:\Windows\system32\iepeers.dll --------- 256000
22.04.2011 22:13 C:\Windows\system32\ieframe.dll --------- 12372480
22.04.2011 22:13 C:\Windows\system32\iedkcs32.dll --------- 445952
22.04.2011 22:09 C:\Windows\system32\msfeedssync.exe --------- 12288
22.04.2011 20:49 C:\Windows\system32\html.iec --------- 482816
09.04.2011 08:58 C:\Windows\system32\poqexec.exe --------- 142336
09.04.2011 08:45 C:\Windows\system32\ntoskrnl.exe --------- 5509504
12.03.2011 14:03 C:\Windows\system32\XpsPrint.dll --------- 662528
11.03.2011 08:19 C:\Windows\system32\mfc42u.dll --------- 1359872
11.03.2011 08:19 C:\Windows\system32\mfc42.dll --------- 1395712
11.03.2011 08:18 C:\Windows\system32\esent.dll --------- 2566144
11.03.2011 08:15 C:\Windows\system32\fsutil.exe --------- 96768
06.03.2011 18:16 C:\Windows\system32\ZoneLabs --------- 0
03.03.2011 08:17 C:\Windows\system32\dnsrslvr.dll --------- 182272
03.03.2011 08:17 C:\Windows\system32\dnsapi.dll --------- 356352
03.03.2011 08:14 C:\Windows\system32\dnscacheugc.exe --------- 30208
----------------------------------------
C:\Windows\Prefetch
26.07.2011 17:12 C:\Windows\Prefetch\CONHOST.EXE-3218E401.pf --------- 71396
26.07.2011 17:11 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-AA7A1FDD.pf --------- 16706
26.07.2011 17:11 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf --------- 38222
26.07.2011 17:11 C:\Windows\Prefetch\DLLHOST.EXE-71214090.pf --------- 18512
26.07.2011 17:09 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2144232
26.07.2011 17:09 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 811238
26.07.2011 17:09 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 4170189
26.07.2011 17:09 C:\Windows\Prefetch\AgRobust.db --------- 331800
26.07.2011 17:07 C:\Windows\Prefetch\TASKHOST.EXE-437C05A8.pf --------- 303420
26.07.2011 17:06 C:\Windows\Prefetch\AVWSC.EXE-3F986FB6.pf --------- 44888
26.07.2011 16:47 C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-78000DE6.pf --------- 185158
26.07.2011 16:47 C:\Windows\Prefetch\FIREFOX.EXE-FBBD985A.pf --------- 1412168
26.07.2011 16:45 C:\Windows\Prefetch\RADS_USER_KERNEL.EXE-131C98A1.pf --------- 71896
26.07.2011 16:45 C:\Windows\Prefetch\PMB.EXE-C5A7F854.pf --------- 79728
26.07.2011 16:45 C:\Windows\Prefetch\DLLHOST.EXE-72B00420.pf --------- 75604
26.07.2011 16:44 C:\Windows\Prefetch\LOL.LAUNCHER.ADMIN.EXE-6728322C.pf --------- 25348
26.07.2011 16:44 C:\Windows\Prefetch\LOL.LAUNCHER.EXE-2BFDC731.pf --------- 22094
26.07.2011 16:44 C:\Windows\Prefetch\TS3CLIENT_WIN32.EXE-E1E86454.pf --------- 285464
26.07.2011 16:44 C:\Windows\Prefetch\WMPLAYER.EXE-61D40ED1.pf --------- 239450
26.07.2011 16:41 C:\Windows\Prefetch\AUDIODG.EXE-D0D776AC.pf --------- 173132
26.07.2011 16:40 C:\Windows\Prefetch\JAVA.EXE-E3C0BFD0.pf --------- 289388
26.07.2011 16:36 C:\Windows\Prefetch\WERMGR.EXE-2A1BCBC7.pf --------- 19772
26.07.2011 16:28 C:\Windows\Prefetch\MPAS-D_BD1.EXE-B82677C3.pf --------- 101030
26.07.2011 16:28 C:\Windows\Prefetch\MPSIGSTUB.EXE-7C60A359.pf --------- 130136
26.07.2011 16:27 C:\Windows\Prefetch\SVCHOST.EXE-8FD92526.pf --------- 19746
26.07.2011 16:27 C:\Windows\Prefetch\VSSVC.EXE-04D079CC.pf --------- 52902
26.07.2011 16:27 C:\Windows\Prefetch\WMIADAP.EXE-369DF1CD.pf --------- 19170
26.07.2011 16:27 C:\Windows\Prefetch\WUAUCLT.EXE-830BCC14.pf --------- 26566
26.07.2011 16:26 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-031B6478.pf --------- 46052
26.07.2011 16:26 C:\Windows\Prefetch\WMIPRVSE.EXE-43972D0F.pf --------- 201718
26.07.2011 16:26 C:\Windows\Prefetch\SPPSVC.EXE-CBE91656.pf --------- 12380
26.07.2011 16:25 C:\Windows\Prefetch\MSCORSVW.EXE-98F0699A.pf --------- 15934
26.07.2011 16:25 C:\Windows\Prefetch\MSCORSVW.EXE-FAA88858.pf --------- 26002
26.07.2011 16:24 C:\Windows\Prefetch\ReadyBoot --------- 4096
26.07.2011 16:24 C:\Windows\Prefetch\CCC.EXE-000FEDE2.pf --------- 316828
26.07.2011 16:24 C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-83C184C4.pf --------- 228570
26.07.2011 16:24 C:\Windows\Prefetch\SVCHOST.EXE-18D06B2E.pf --------- 158302
26.07.2011 16:24 C:\Windows\Prefetch\WMPNSCFG.EXE-DF1DD51A.pf --------- 37554
25.07.2011 22:25 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584
25.07.2011 22:24 C:\Windows\Prefetch\LOGONUI.EXE-1BEE4A84.pf --------- 57390
25.07.2011 22:24 C:\Windows\Prefetch\ONENOTE.EXE-56199EE5.pf --------- 135648
25.07.2011 22:17 C:\Windows\Prefetch\DLLHOST.EXE-896DB558.pf --------- 54484
25.07.2011 22:15 C:\Windows\Prefetch\NOTEPAD.EXE-EB1B961A.pf --------- 114400
25.07.2011 21:09 C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf --------- 8472
25.07.2011 21:09 C:\Windows\Prefetch\JAVAW.EXE-5D411E03.pf --------- 234778
25.07.2011 21:09 C:\Windows\Prefetch\JAVAWS.EXE-CF61F2AA.pf --------- 110846
25.07.2011 21:05 C:\Windows\Prefetch\MSFEEDSSYNC.EXE-1F01ED17.pf --------- 112440
25.07.2011 19:56 C:\Windows\Prefetch\CMD.EXE-EABFE48B.pf --------- 313324
25.07.2011 19:54 C:\Windows\Prefetch\DLLHOST.EXE-BA1A004E.pf --------- 26274
25.07.2011 19:49 C:\Windows\Prefetch\DLLHOST.EXE-FF915DF9.pf --------- 57314
25.07.2011 19:42 C:\Windows\Prefetch\MSPAINT.EXE-89BB51A7.pf --------- 77764
25.07.2011 19:38 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-3254269927-3094842787-768766786-1000.db --------- 1045454
25.07.2011 19:38 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-3254269927-3094842787-768766786-1000.db --------- 1963860
25.07.2011 16:29 C:\Windows\Prefetch\AVNOTIFY.EXE-FF6BC992.pf --------- 85084
25.07.2011 16:29 C:\Windows\Prefetch\UPDATE.EXE-BE1C11C1.pf --------- 328036
24.07.2011 19:16 C:\Windows\Prefetch\JP2LAUNCHER.EXE-713231C9.pf --------- 27070
24.07.2011 13:57 C:\Windows\Prefetch\SC.EXE-BC6DAF49.pf --------- 10064
24.07.2011 13:54 C:\Windows\Prefetch\ADOBEARM.EXE-E8E973DD.pf --------- 75340
24.07.2011 13:54 C:\Windows\Prefetch\SEARCHINDEXER.EXE-77D27BAC.pf --------- 258220
24.07.2011 13:00 C:\Windows\Prefetch\WSQMCONS.EXE-E2CE6542.pf --------- 5918
24.07.2011 11:48 C:\Windows\Prefetch\WERFAULT.EXE-0897AE09.pf --------- 43730
24.07.2011 11:14 C:\Windows\Prefetch\THUNDERBIRD.EXE-D7BDD9EA.pf --------- 225468
23.07.2011 21:37 C:\Windows\Prefetch\OIS.EXE-9A00A52B.pf --------- 108828
23.07.2011 10:45 C:\Windows\Prefetch\AgCx_SC1.db --------- 793952
23.07.2011 10:45 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 294280
23.07.2011 00:25 C:\Windows\Prefetch\MAKECAB.EXE-21F14B27.pf --------- 35704
22.07.2011 14:41 C:\Windows\Prefetch\DLLHOST.EXE-53B78AD0.pf --------- 19988
22.07.2011 13:25 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 3494158
21.07.2011 17:12 C:\Windows\Prefetch\SDCLT.EXE-2D2C4DDD.pf --------- 31976
19.07.2011 22:01 C:\Windows\Prefetch\MSIEXEC.EXE-F3744DFD.pf --------- 36346
19.07.2011 21:59 C:\Windows\Prefetch\MSIEXEC.EXE-B5AFA339.pf --------- 181518
19.07.2011 20:23 C:\Windows\Prefetch\VLC.EXE-39B02EDC.pf --------- 225732
17.07.2011 19:23 C:\Windows\Prefetch\FRAPS.EXE-7AF95079.pf --------- 75490
17.07.2011 19:19 C:\Windows\Prefetch\FRAPS64.DAT-24AC6B46.pf --------- 28258
15.07.2011 18:38 C:\Windows\Prefetch\RUNDLL32.EXE-125D4518.pf --------- 321826
15.07.2011 18:35 C:\Windows\Prefetch\SVCHOST.EXE-8DA0BAAD.pf --------- 16962
15.07.2011 18:35 C:\Windows\Prefetch\DEFRAG.EXE-738093E8.pf --------- 80358
15.07.2011 18:35 C:\Windows\Prefetch\Layout.ini --------- 1494674
15.07.2011 16:51 C:\Windows\Prefetch\ACRORD32.EXE-E41408AF.pf --------- 134106
15.07.2011 13:38 C:\Windows\Prefetch\ICQ.EXE-2418C290.pf --------- 593560
14.07.2011 16:13 C:\Windows\Prefetch\LOLLAUNCHER.EXE-2CFBACA9.pf --------- 66864
14.07.2011 16:12 C:\Windows\Prefetch\VSMON.EXE-8BF28A18.pf --------- 189982
14.07.2011 16:12 C:\Windows\Prefetch\SVCHOST.EXE-7643E300.pf --------- 19006
14.07.2011 16:12 C:\Windows\Prefetch\SVCHOST.EXE-2A6E95B3.pf --------- 26444
13.07.2011 22:28 C:\Windows\Prefetch\MRT.EXE-C3C3D3DA.pf --------- 64658
13.07.2011 22:00 C:\Windows\Prefetch\JAUCHECK.EXE-9BCB76B9.pf --------- 36322
01.07.2011 21:23 C:\Windows\Prefetch\CLIENTUPDATE.EXE-0CBAE19E.pf --------- 30734
01.07.2011 21:23 C:\Windows\Prefetch\LAUNCHER.EXE-990A5D9E.pf --------- 53092
01.07.2011 21:23 C:\Windows\Prefetch\CLIENT.EXE-BB9F21F7.pf --------- 87968
01.07.2011 21:23 C:\Windows\Prefetch\RUNES OF MAGIC.EXE-1B6D1F5B.pf --------- 9474
01.07.2011 14:18 C:\Windows\Prefetch\OTHER.EXE-5824D10E.pf --------- 34158
30.06.2011 16:13 C:\Windows\Prefetch\SPOOLSV.EXE-E4D0FF39.pf --------- 50556
28.06.2011 22:19 C:\Windows\Prefetch\TBOFFER.EXE-4120A6B3.pf --------- 26920
28.06.2011 22:18 C:\Windows\Prefetch\FFMPEG.EXE-C2CD1F2A.pf --------- 138966
28.06.2011 22:18 C:\Windows\Prefetch\LAME.EXE-0F4EE004.pf --------- 105946
28.06.2011 22:15 C:\Windows\Prefetch\FREEYOUTUBETOMP3CONVERTER.EXE-2DC0EF49.pf --------- 90130
27.06.2011 19:06 C:\Windows\Prefetch\OIS.EXE-D42C8F6C.pf --------- 74976
23.06.2011 18:31 C:\Windows\Prefetch\LOLCLIENT.EXE-887BD0D2.pf --------- 215928
22.06.2011 23:00 C:\Windows\Prefetch\LEAGUE OF LEGENDS.EXE-9B234637.pf --------- 215544
18.06.2011 21:33 C:\Windows\Prefetch\PATCH_4.0.0.2407.EN_4.0.0.241-C57B06C4.pf --------- 55762
18.06.2011 21:31 C:\Windows\Prefetch\WDB$WORLD$WORLD_3.WDB.EXE-014B0F3E.pf --------- 286038
18.06.2011 21:30 C:\Windows\Prefetch\WDB$WORLD$WORLD.WDB.EXE-088BE0AC.pf --------- 213940
18.06.2011 21:26 C:\Windows\Prefetch\PATCH_4.0.0.2398.EN_4.0.0.240-73F66407.pf --------- 21884
18.06.2011 21:22 C:\Windows\Prefetch\IEXPLORE.EXE-F6A52C86.pf --------- 205636
18.06.2011 21:22 C:\Windows\Prefetch\DVDVIDEOSOFTTBTOOLBARHELPER.E-5A146739.pf --------- 23916
18.06.2011 21:16 C:\Windows\Prefetch\CHESS.EXE-EE3048B8.pf --------- 155302
18.06.2011 21:09 C:\Windows\Prefetch\WDB$WORLD$WORLD_2.WDB.EXE-29E1C659.pf --------- 121114
18.06.2011 21:08 C:\Windows\Prefetch\WDB$DUNGEON$INST_FIREBOOT_FOR-F991666A.pf --------- 66662
18.06.2011 21:08 C:\Windows\Prefetch\WDB$DUNGEON$DGN_SARDO_BASTILL-1372721C.pf --------- 94958
18.06.2011 21:08 C:\Windows\Prefetch\WDB$DUNGEON$DGN_GRAF_CASTLE.W-3FFB98E3.pf --------- 32250
18.06.2011 21:03 C:\Windows\Prefetch\PATCH_4.0.0.2360.EN_4.0.0.239-D19845DD.pf --------- 22322
18.06.2011 10:17 C:\Windows\Prefetch\LOLCLIENT.EXE-2CC58358.pf --------- 244226
17.06.2011 20:26 C:\Windows\Prefetch\LEAGUE OF LEGENDS.EXE-C0D7D33D.pf --------- 209014
17.06.2011 20:07 C:\Windows\Prefetch\RUNDLL32.EXE-F452D79D.pf --------- 7254
17.06.2011 16:49 C:\Windows\Prefetch\WDB$LOGIN$LOGIN_CH4.WDB.EXE-42411994.pf --------- 98738
17.06.2011 16:49 C:\Windows\Prefetch\WDB$HOUSE$HOUSE_PLAYER.WDB.EX-152B7E38.pf --------- 24058
17.06.2011 16:49 C:\Windows\Prefetch\WDB$DUNGEON$DGN_TOMB_OF_SEVEN-CB7B48BB.pf --------- 77606
17.06.2011 16:49 C:\Windows\Prefetch\WDB$DUNGEON$DGN_ENCHANTED_ENT-32D0BB11.pf --------- 78482
17.06.2011 16:49 C:\Windows\Prefetch\WDB$BATTLEGROUND$BG_WORLD_BAT-B4A51EAF.pf --------- 65474
17.06.2011 16:48 C:\Windows\Prefetch\WDB$BATTLEGROUND$BG_WORLD_BAT-DD3BD5CA.pf --------- 197096
17.06.2011 16:34 C:\Windows\Prefetch\PATCH_3.0.11.2393.EN_4.0.0.23-60884769.pf --------- 23338
17.06.2011 13:45 C:\Windows\Prefetch\MPMINISIGSTUB.EXE-133F43A8.pf --------- 6420
17.06.2011 13:42 C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-A1AC318C.pf --------- 24150
15.06.2011 23:01 C:\Windows\Prefetch\WINDOWS-KB890830-X64-V3.20-DE-0D9C677C.pf --------- 30676
15.06.2011 23:01 C:\Windows\Prefetch\MRTSTUB.EXE-BDB647FE.pf --------- 64454
15.06.2011 22:58 C:\Windows\Prefetch\LODCTR.EXE-57BF086F.pf --------- 19914
15.06.2011 22:58 C:\Windows\Prefetch\LODCTR.EXE-8DBE540B.pf --------- 28420
15.06.2011 22:52 C:\Windows\Prefetch\NGEN.EXE-8DF18334.pf --------- 65732
15.06.2011 22:51 C:\Windows\Prefetch\NGEN.EXE-E9662EB6.pf --------- 20542
15.06.2011 22:50 C:\Windows\Prefetch\MOFCOMP.EXE-3BA58127.pf --------- 23972
15.06.2011 22:50 C:\Windows\Prefetch\MOFCOMP.EXE-CDA1E783.pf --------- 26014
15.06.2011 22:50 C:\Windows\Prefetch\REGTLIBV12.EXE-F8E3DF6E.pf --------- 17006
15.06.2011 22:50 C:\Windows\Prefetch\REGTLIBV12.EXE-4B861E90.pf --------- 16990
15.06.2011 22:49 C:\Windows\Prefetch\UNLODCTR.EXE-7517F176.pf --------- 14612
15.06.2011 22:49 C:\Windows\Prefetch\UNLODCTR.EXE-2462BF52.pf --------- 11820
15.06.2011 22:49 C:\Windows\Prefetch\NDP40-KB2518870-X64.EXE-24F928A9.pf --------- 67444
15.06.2011 22:49 C:\Windows\Prefetch\SETUP.EXE-E3B68FBF.pf --------- 46264
15.06.2011 22:49 C:\Windows\Prefetch\MSIPATCHREGFIX-AMD64.EXE-703C579E.pf --------- 19124
15.06.2011 22:33 C:\Windows\Prefetch\SETUP.EXE-BCC93397.pf --------- 62634
15.06.2011 22:32 C:\Windows\Prefetch\NDP40-KB2478663-X64.EXE-B6F0A332.pf --------- 70508
11.05.2011 13:53 C:\Windows\Prefetch\AgCx_SC4.db --------- 357449
03.01.2006 06:04 C:\Windows\Prefetch\AgAppLaunch.db --------- 334168
----------------------------------------
C:\Windows\Tasks
26.07.2011 16:23 C:\Windows\Tasks\SA.DAT --------- 6
06.07.2011 17:00 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632
----------------------------------------
C:\Windows\Temp
26.07.2011 16:28 C:\Windows\Temp\MpSigStub.log --------- 3366
26.07.2011 16:23 C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596
26.07.2011 16:23 C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596
25.07.2011 19:54 C:\Windows\Temp\fwtsqmfile04.sqm --------- 608
24.07.2011 22:37 C:\Windows\Temp\fwtsqmfile03.sqm --------- 608
24.07.2011 13:53 C:\Windows\Temp\ZLT05f08.TMP --------- 256
24.07.2011 11:24 C:\Windows\Temp\ZLT06d01.TMP --------- 256
24.07.2011 01:57 C:\Windows\Temp\fwtsqmfile02.sqm --------- 608
23.07.2011 22:24 C:\Windows\Temp\ZLT017b9.TMP --------- 256
23.07.2011 22:22 C:\Windows\Temp\fwtsqmfile01.sqm --------- 608
23.07.2011 22:11 C:\Windows\Temp\ZLT00e31.TMP --------- 256
23.07.2011 21:50 C:\Windows\Temp\fwtsqmfile00.sqm --------- 608
23.07.2011 21:24 C:\Windows\Temp\SDIAG_ee5504c0-ac33-4531-b2fb-3af21e10553b --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_e3ccac88-913c-400d-8159-31507b6b5752 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_e26000a6-14af-4368-9bb0-061e8e1b12ff --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_c6f42b39-e056-4856-955b-889a2887e5cb --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_b40397a2-1502-4feb-9bbf-ced2e5e79963 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_99d87160-d589-489c-bfa3-9a1da5ef0142 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_7d1e21c5-313a-449f-8d8d-67b3fc22edc4 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_6b0f8c4e-ecec-4cd6-99eb-493442f5a73e --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_62ef14bd-c772-485a-bc3c-db18487cfaf4 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_56734469-e5fc-4adf-bb44-ad8668d5612f --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_54905cd5-1081-47c8-b9a7-bea9fa85cbed --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_43eec1c0-90f6-486a-9f5b-65740974eff5 --------- 0
23.07.2011 21:24 C:\Windows\Temp\SDIAG_40237d59-a1d4-4ffa-9529-cbe0c9c4ccdc --------- 0
23.07.2011 21:16 C:\Windows\Temp\ZLT0639a.TMP --------- 256
15.06.2011 22:49 C:\Windows\Temp\KB2518870_10.0.30319 --------- 0
15.06.2011 22:32 C:\Windows\Temp\KB2478663_10.0.30319 --------- 0
26.05.2011 21:47 C:\Windows\Temp\KB2416472_10.0.30319 --------- 0
26.05.2011 21:46 C:\Windows\Temp\KB2473228_10.0.30319 --------- 0
23.04.2011 00:04 C:\Windows\Temp\KB2446708_10.0.30319 --------- 0
21.11.2010 10:31 C:\Windows\Temp\IswTmp --------- 0
27.10.2010 14:00 C:\Windows\Temp\KB2160841_10.0.30319 --------- 0
25.10.2010 23:11 C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_4.0.30319 --------- 0
24.09.2010 17:23 C:\Windows\Temp\MPTelemetrySubmit --------- 0
11.06.2004 13:53 C:\Windows\Temp\UDD9E0B.tmp --------- 5120
11.06.2004 13:53 C:\Windows\Temp\UDDB02D.tmp --------- 5120
11.06.2004 13:53 C:\Windows\Temp\UDDC7A0.tmp --------- 5120
11.06.2004 13:53 C:\Windows\Temp\UDDB7FE.tmp --------- 5120
11.06.2004 13:53 C:\Windows\Temp\UDDBFCF.tmp --------- 5120
11.06.2004 13:53 C:\Windows\Temp\UDDA85C.tmp --------- 5120
----------------------------------------
C:\Users\Daniel\AppData\Local\Temp
26.07.2011 17:03 C:\Users\Daniel\AppData\Local\Temp\plugtmp-6 --------- 4096
26.07.2011 16:44 C:\Users\Daniel\AppData\Local\Temp\hsperfdata_Daniel --------- 0
26.07.2011 16:29 C:\Users\Daniel\AppData\Local\Temp\jusched.log --------- 7872
26.07.2011 16:27 C:\Users\Daniel\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596
26.07.2011 16:24 C:\Users\Daniel\AppData\Local\Temp\divC999.tmp --------- 0
26.07.2011 16:24 C:\Users\Daniel\AppData\Local\Temp\amt.log --------- 224147
26.07.2011 16:23 C:\Users\Daniel\AppData\Local\Temp\AdobeARM.log --------- 9473
26.07.2011 16:23 C:\Users\Daniel\AppData\Local\Temp\WPDNSE --------- 0
26.07.2011 16:23 C:\Users\Daniel\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596
25.07.2011 22:24 C:\Users\Daniel\AppData\Local\Temp\OneNoteRuntimeCache --------- 0
25.07.2011 19:56 C:\Users\Daniel\AppData\Local\Temp\cpes_clean_log_20110725195634.log --------- 1814
25.07.2011 19:56 C:\Users\Daniel\AppData\Local\Temp\div124A.tmp --------- 0
25.07.2011 19:54 C:\Users\Daniel\AppData\Local\Temp\cpes_clean_log_20110725195343.log --------- 20812
25.07.2011 18:57 C:\Users\Daniel\AppData\Local\Temp\~DF456C8D950B5799AC.TMP --------- 147456
25.07.2011 16:27 C:\Users\Daniel\AppData\Local\Temp\div19DC.tmp --------- 0
24.07.2011 19:35 C:\Users\Daniel\AppData\Local\Temp\scoped_dir25740 --------- 0
24.07.2011 19:35 C:\Users\Daniel\AppData\Local\Temp\scoped_dir32327 --------- 0
24.07.2011 19:35 C:\Users\Daniel\AppData\Local\Temp\scoped_dir25668 --------- 0
24.07.2011 17:24 C:\Users\Daniel\AppData\Local\Temp\div70F5.tmp --------- 0
24.07.2011 12:15 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5068 --------- 0
24.07.2011 12:15 C:\Users\Daniel\AppData\Local\Temp\scoped_dir21690 --------- 0
24.07.2011 12:15 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5025 --------- 0
24.07.2011 11:25 C:\Users\Daniel\AppData\Local\Temp\divEEF3.tmp --------- 0
24.07.2011 11:21 C:\Users\Daniel\AppData\Local\Temp\divC6.tmp --------- 0
24.07.2011 11:07 C:\Users\Daniel\AppData\Local\Temp\divAE09.tmp --------- 0
24.07.2011 11:01 C:\Users\Daniel\AppData\Local\Temp\is-QVVB0.tmp --------- 0
24.07.2011 10:55 C:\Users\Daniel\AppData\Local\Temp\~DF843F0EE19D4E7AD3.TMP --------- 147456
24.07.2011 10:54 C:\Users\Daniel\AppData\Local\Temp\divA7A0.tmp --------- 0
23.07.2011 22:38 C:\Users\Daniel\AppData\Local\Temp\StructuredQuery.log --------- 707
23.07.2011 22:31 C:\Users\Daniel\AppData\Local\Temp\{f1628eee-c82e-46f1-bccf-bda9f7dbd550} --------- 0
23.07.2011 22:27 C:\Users\Daniel\AppData\Local\Temp\~DF8C5F9712D541FAE5.TMP --------- 147456
23.07.2011 22:26 C:\Users\Daniel\AppData\Local\Temp\divBA9B.tmp --------- 0
23.07.2011 22:14 C:\Users\Daniel\AppData\Local\Temp\~DFD7ABF666BDE8697A.TMP --------- 147456
23.07.2011 22:12 C:\Users\Daniel\AppData\Local\Temp\div3718.tmp --------- 0
23.07.2011 22:02 C:\Users\Daniel\AppData\Local\Temp\~DF386870B2BB9987D3.TMP --------- 147456
23.07.2011 22:01 C:\Users\Daniel\AppData\Local\Temp\is-PT10S.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{E18510CF-3349-4DAE-84B8-0796D2CD13D1} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{D6EE87A9-D652-40FD-B6CC-DF90665DC48A} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{ACCA2BA3-460C-4ED2-B00F-B1B0D99E0CDC} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{A1C141FB-59EA-452B-809E-58948604A456} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{9F963711-2D8C-480B-9373-8461FD31FF6C} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{94AD3F40-F0DB-46E7-8652-83C87C878826} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{7859426C-E3EA-4285-AD7D-71B27E98C73E} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{70FF7DF1-E69E-47df-9AA6-F062FADD6146} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{492CBFCE-57F2-4561-8421-D287D007B5ED} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{46326487-2404-4118-8EDA-7220DCFBB715} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{426BBC8D-D2F1-4640-9C35-9383CB7DCFB9} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{3A8A8F75-0E4E-4CA0-9CD6-3305094B828E} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{31FD6497-3EE1-4EBA-A6FF-B7B6E20D32AE} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\{0A62AB30-7964-46FA-8E4C-EE9DB2BB5FC3} --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\_ir_sf_temp_0 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\Word8.0 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\plugtmp-1 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\pftFF4F~tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\ispF284.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\ispE927.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\ispB5F6.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp76ED.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp3F74.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp2D21.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp2070.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp15D7.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\isp15AA.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\fae5afe0-8df8-43f8-a96e-06ffeb3960d2 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\f3657546-d522-4e66-9e3d-c7f217be5d11 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\F117.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\divB531.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\div12EE.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\DED7.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\DDMCache --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\ct2613550 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\conduit --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\BFBC2Game_Data_DFE --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\CF37.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\B535.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\8d6af669-73c7-498e-b31c-d3939255d595 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\3985b6d8-d7ec-4585-b11e-129d35204167 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\2fe3980c-b315-4bec-a5f2-004813f807e3 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\21F.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\163D.tmp --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\112010103901 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\1043.dir --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\071610151216 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\071610151201 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\030611171352 --------- 0
23.07.2011 21:24 C:\Users\Daniel\AppData\Local\Temp\030511134528 --------- 0
23.07.2011 21:17 C:\Users\Daniel\AppData\Local\Temp\div1A3A.tmp --------- 0
23.07.2011 20:25 C:\Users\Daniel\AppData\Local\Temp\divF2BC.tmp --------- 0
23.07.2011 19:04 C:\Users\Daniel\AppData\Local\Temp\scoped_dir32366 --------- 0
23.07.2011 19:03 C:\Users\Daniel\AppData\Local\Temp\scoped_dir19421 --------- 0
23.07.2011 19:03 C:\Users\Daniel\AppData\Local\Temp\scoped_dir32213 --------- 0
23.07.2011 10:48 C:\Users\Daniel\AppData\Local\Temp\div4F73.tmp --------- 0
23.07.2011 10:38 C:\Users\Daniel\AppData\Local\Temp\divC3BD.tmp --------- 0
22.07.2011 14:02 C:\Users\Daniel\AppData\Local\Temp\div17B9.tmp --------- 0
22.07.2011 14:02 C:\Users\Daniel\AppData\Local\Temp\82c65cfb96192e1413efa0 --------- 0
22.07.2011 13:25 C:\Users\Daniel\AppData\Local\Temp\divE280.tmp --------- 0
21.07.2011 18:06 C:\Users\Daniel\AppData\Local\Temp\scoped_dir13769 --------- 0
21.07.2011 18:05 C:\Users\Daniel\AppData\Local\Temp\scoped_dir30747 --------- 0
21.07.2011 18:05 C:\Users\Daniel\AppData\Local\Temp\scoped_dir13681 --------- 0
21.07.2011 17:07 C:\Users\Daniel\AppData\Local\Temp\divDF44.tmp --------- 0
20.07.2011 16:29 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5669 --------- 0
20.07.2011 16:29 C:\Users\Daniel\AppData\Local\Temp\scoped_dir7559 --------- 0
20.07.2011 16:25 C:\Users\Daniel\AppData\Local\Temp\divE0AB.tmp --------- 0
19.07.2011 22:07 C:\Users\Daniel\AppData\Local\Temp\div2AA.tmp --------- 0
19.07.2011 21:30 C:\Users\Daniel\AppData\Local\Temp\LiveUpdate --------- 0
19.07.2011 21:14 C:\Users\Daniel\AppData\Local\Temp\divD050.tmp --------- 0
19.07.2011 21:07 C:\Users\Daniel\AppData\Local\Temp\divC870.tmp --------- 0
19.07.2011 21:05 C:\Users\Daniel\AppData\Local\Temp\divD58F.tmp --------- 0
19.07.2011 21:03 C:\Users\Daniel\AppData\Local\Temp\{fcf6f2db-a656-4657-8d71-58af298b7a21} --------- 0
19.07.2011 20:55 C:\Users\Daniel\AppData\Local\Temp\divF210.tmp --------- 0
19.07.2011 20:51 C:\Users\Daniel\AppData\Local\Temp\divF03C.tmp --------- 0
19.07.2011 20:44 C:\Users\Daniel\AppData\Local\Temp\divD580.tmp --------- 0
19.07.2011 20:42 C:\Users\Daniel\AppData\Local\Temp\divEBB7.tmp --------- 0
19.07.2011 20:29 C:\Users\Daniel\AppData\Local\Temp\scoped_dir1862 --------- 0
19.07.2011 20:28 C:\Users\Daniel\AppData\Local\Temp\scoped_dir1754 --------- 0
19.07.2011 20:28 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5402 --------- 0
19.07.2011 20:28 C:\Users\Daniel\AppData\Local\Temp\divCCC5.tmp --------- 0
19.07.2011 20:25 C:\Users\Daniel\AppData\Local\Temp\divD438.tmp --------- 0
19.07.2011 20:17 C:\Users\Daniel\AppData\Local\Temp\scoped_dir32341 --------- 0
19.07.2011 20:17 C:\Users\Daniel\AppData\Local\Temp\scoped_dir7931 --------- 0
19.07.2011 20:17 C:\Users\Daniel\AppData\Local\Temp\scoped_dir32223 --------- 0
19.07.2011 20:16 C:\Users\Daniel\AppData\Local\Temp\div21EA.tmp --------- 0
19.07.2011 20:07 C:\Users\Daniel\AppData\Local\Temp\msohtmlclip1 --------- 0
19.07.2011 20:00 C:\Users\Daniel\AppData\Local\Temp\{eeacd9cd-1b18-457c-a47c-1cae0f0c5a8e} --------- 0
19.07.2011 19:44 C:\Users\Daniel\AppData\Local\Temp\scoped_dir25790 --------- 0
19.07.2011 19:43 C:\Users\Daniel\AppData\Local\Temp\scoped_dir6404 --------- 0
19.07.2011 19:43 C:\Users\Daniel\AppData\Local\Temp\scoped_dir25702 --------- 0
19.07.2011 19:27 C:\Users\Daniel\AppData\Local\Temp\divD36D.tmp --------- 0
19.07.2011 19:18 C:\Users\Daniel\AppData\Local\Temp\divD30F.tmp --------- 0
19.07.2011 16:25 C:\Users\Daniel\AppData\Local\Temp\divDDEC.tmp --------- 0
18.07.2011 16:43 C:\Users\Daniel\AppData\Local\Temp\divE167.tmp --------- 0
18.07.2011 09:38 C:\Users\Daniel\AppData\Local\Temp\divEF70.tmp --------- 0
17.07.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\msdtadmin --------- 0
17.07.2011 14:51 C:\Users\Daniel\AppData\Local\Temp\divD09E.tmp --------- 0
17.07.2011 11:05 C:\Users\Daniel\AppData\Local\Temp\divDD7F.tmp --------- 0
16.07.2011 08:05 C:\Users\Daniel\AppData\Local\Temp\divE0F9.tmp --------- 0
15.07.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\www.minecraft.net --------- 0
15.07.2011 16:39 C:\Users\Daniel\AppData\Local\Temp\divDF83.tmp --------- 0
14.07.2011 16:12 C:\Users\Daniel\AppData\Local\Temp\div8577.tmp --------- 0
13.07.2011 19:35 C:\Users\Daniel\AppData\Local\Temp\div7E14.tmp --------- 0
13.07.2011 16:25 C:\Users\Daniel\AppData\Local\Temp\divEE96.tmp --------- 0
12.07.2011 16:25 C:\Users\Daniel\AppData\Local\Temp\divF9E0.tmp --------- 0
11.07.2011 16:08 C:\Users\Daniel\AppData\Local\Temp\div22D.tmp --------- 0
10.07.2011 20:09 C:\Users\Daniel\AppData\Local\Temp\divF54C.tmp --------- 0
10.07.2011 09:37 C:\Users\Daniel\AppData\Local\Temp\divC7A5.tmp --------- 0
09.07.2011 16:58 C:\Users\Daniel\AppData\Local\Temp\divC832.tmp --------- 0
09.07.2011 14:46 C:\Users\Daniel\AppData\Local\Temp\div140F.tmp --------- 0
09.07.2011 09:03 C:\Users\Daniel\AppData\Local\Temp\divCEB9.tmp --------- 0
08.07.2011 22:38 C:\Users\Daniel\AppData\Local\Temp\divE687.tmp --------- 0
07.07.2011 17:39 C:\Users\Daniel\AppData\Local\Temp\div152A.tmp --------- 0
07.07.2011 17:35 C:\Users\Daniel\AppData\Local\Temp\div1F0C.tmp --------- 0
07.07.2011 17:32 C:\Users\Daniel\AppData\Local\Temp\{8BDB25AB-BCC4-4491-9307-F596029DC5E7} --------- 0
07.07.2011 16:09 C:\Users\Daniel\AppData\Local\Temp\div1ECD.tmp --------- 0
06.07.2011 17:00 C:\Users\Daniel\AppData\Local\Temp\div2DA2.tmp --------- 0
06.07.2011 17:00 C:\Users\Daniel\AppData\Local\Temp\e9ffdc74138fabb009e7 --------- 0
05.07.2011 22:24 C:\Users\Daniel\AppData\Local\Temp\divF0F.tmp --------- 0
04.07.2011 16:19 C:\Users\Daniel\AppData\Local\Temp\div12A8.tmp --------- 0
03.07.2011 14:46 C:\Users\Daniel\AppData\Local\Temp\div3B2F.tmp --------- 0
03.07.2011 14:45 C:\Users\Daniel\AppData\Local\Temp\a5515dabab2a0e6ea1238c807760 --------- 0
03.07.2011 09:59 C:\Users\Daniel\AppData\Local\Temp\div145E.tmp --------- 0
02.07.2011 22:26 C:\Users\Daniel\AppData\Local\Temp\div54A.tmp --------- 0
02.07.2011 21:55 C:\Users\Daniel\AppData\Local\Temp\div5668.tmp --------- 0
02.07.2011 08:38 C:\Users\Daniel\AppData\Local\Temp\divE186.tmp --------- 0
01.07.2011 13:44 C:\Users\Daniel\AppData\Local\Temp\div896.tmp --------- 0
30.06.2011 16:13 C:\Users\Daniel\AppData\Local\Temp\div8AF5.tmp --------- 0
29.06.2011 21:26 C:\Users\Daniel\AppData\Local\Temp\divEFDE.tmp --------- 0
29.06.2011 16:10 C:\Users\Daniel\AppData\Local\Temp\divDF82.tmp --------- 0
28.06.2011 17:26 C:\Users\Daniel\AppData\Local\Temp\divD457.tmp --------- 0
28.06.2011 17:12 C:\Users\Daniel\AppData\Local\Temp\divFC13.tmp --------- 0
27.06.2011 19:55 C:\Users\Daniel\AppData\Local\Temp\plugtmp-5 --------- 0
27.06.2011 16:24 C:\Users\Daniel\AppData\Local\Temp\divFA8C.tmp --------- 0
26.06.2011 21:20 C:\Users\Daniel\AppData\Local\Temp\divE176.tmp --------- 0
26.06.2011 14:11 C:\Users\Daniel\AppData\Local\Temp\plugtmp-4 --------- 0
26.06.2011 11:12 C:\Users\Daniel\AppData\Local\Temp\divE09C.tmp --------- 0
25.06.2011 11:21 C:\Users\Daniel\AppData\Local\Temp\divED2E.tmp --------- 0
25.06.2011 00:35 C:\Users\Daniel\AppData\Local\Temp\divE781.tmp --------- 0
24.06.2011 16:41 C:\Users\Daniel\AppData\Local\Temp\divE88B.tmp --------- 0
24.06.2011 12:26 C:\Users\Daniel\AppData\Local\Temp\divDE59.tmp --------- 0
24.06.2011 09:57 C:\Users\Daniel\AppData\Local\Temp\div886.tmp --------- 0
23.06.2011 20:51 C:\Users\Daniel\AppData\Local\Temp\divD0EC.tmp --------- 0
23.06.2011 09:38 C:\Users\Daniel\AppData\Local\Temp\divDC94.tmp --------- 0
22.06.2011 16:22 C:\Users\Daniel\AppData\Local\Temp\divE261.tmp --------- 0
21.06.2011 22:23 C:\Users\Daniel\AppData\Local\Temp\divD64B.tmp --------- 0
21.06.2011 17:08 C:\Users\Daniel\AppData\Local\Temp\divED1F.tmp --------- 0
20.06.2011 21:16 C:\Users\Daniel\AppData\Local\Temp\divE510.tmp --------- 0
20.06.2011 20:24 C:\Users\Daniel\AppData\Local\Temp\divDFB1.tmp --------- 0
19.06.2011 10:37 C:\Users\Daniel\AppData\Local\Temp\divDDFC.tmp --------- 0
18.06.2011 17:59 C:\Users\Daniel\AppData\Local\Temp\divF04B.tmp --------- 0
18.06.2011 09:56 C:\Users\Daniel\AppData\Local\Temp\divFBC5.tmp --------- 0
17.06.2011 20:10 C:\Users\Daniel\AppData\Local\Temp\divF5AA.tmp --------- 0
16.06.2011 16:30 C:\Users\Daniel\AppData\Local\Temp\div98C0.tmp --------- 0
15.06.2011 16:26 C:\Users\Daniel\AppData\Local\Temp\div923.tmp --------- 0
14.06.2011 20:08 C:\Users\Daniel\AppData\Local\Temp\divE8E9.tmp --------- 0
13.06.2011 13:07 C:\Users\Daniel\AppData\Local\Temp\divED9D.tmp --------- 0
13.06.2011 11:21 C:\Users\Daniel\AppData\Local\Temp\divF0E.tmp --------- 0
12.06.2011 18:23 C:\Users\Daniel\AppData\Local\Temp\divCF36.tmp --------- 0
12.06.2011 11:34 C:\Users\Daniel\AppData\Local\Temp\divD67A.tmp --------- 0
11.06.2011 19:54 C:\Users\Daniel\AppData\Local\Temp\divF2CC.tmp --------- 0
11.06.2011 10:04 C:\Users\Daniel\AppData\Local\Temp\divDE88.tmp --------- 0
10.06.2011 13:21 C:\Users\Daniel\AppData\Local\Temp\divE791.tmp --------- 0
09.06.2011 16:07 C:\Users\Daniel\AppData\Local\Temp\divDBE8.tmp --------- 0
08.06.2011 20:46 C:\Users\Daniel\AppData\Local\Temp\vicle3af.cxw --------- 0
08.06.2011 19:52 C:\Users\Daniel\AppData\Local\Temp\divDF15.tmp --------- 0
07.06.2011 16:39 C:\Users\Daniel\AppData\Local\Temp\divF58B.tmp --------- 0
06.06.2011 16:10 C:\Users\Daniel\AppData\Local\Temp\divDA43.tmp --------- 0
05.06.2011 19:23 C:\Users\Daniel\AppData\Local\Temp\div124.tmp --------- 0
05.06.2011 10:59 C:\Users\Daniel\AppData\Local\Temp\hjasz1gg.uzi --------- 0
05.06.2011 08:16 C:\Users\Daniel\AppData\Local\Temp\divDA71.tmp --------- 0
04.06.2011 18:08 C:\Users\Daniel\AppData\Local\Temp\divD8FA.tmp --------- 0
04.06.2011 11:32 C:\Users\Daniel\AppData\Local\Temp\divDBF8.tmp --------- 0
04.06.2011 08:03 C:\Users\Daniel\AppData\Local\Temp\divE81D.tmp --------- 0
03.06.2011 16:54 C:\Users\Daniel\AppData\Local\Temp\divDA91.tmp --------- 0
03.06.2011 07:46 C:\Users\Daniel\AppData\Local\Temp\div692.tmp --------- 0
02.06.2011 19:58 C:\Users\Daniel\AppData\Local\Temp\divE35B.tmp --------- 0
02.06.2011 18:55 C:\Users\Daniel\AppData\Local\Temp\divDDDC.tmp --------- 0
02.06.2011 08:27 C:\Users\Daniel\AppData\Local\Temp\div3E3.tmp --------- 0
01.06.2011 16:37 C:\Users\Daniel\AppData\Local\Temp\divE39A.tmp --------- 0
31.05.2011 16:54 C:\Users\Daniel\AppData\Local\Temp\divE80E.tmp --------- 0
30.05.2011 18:54 C:\Users\Daniel\AppData\Local\Temp\divED9C.tmp --------- 0
29.05.2011 17:17 C:\Users\Daniel\AppData\Local\Temp\1v54gzma.jt4 --------- 0
29.05.2011 17:16 C:\Users\Daniel\AppData\Local\Temp\atgdhh1d.5om --------- 0
29.05.2011 17:16 C:\Users\Daniel\AppData\Local\Temp\ea24k2sw.itx --------- 0
29.05.2011 17:06 C:\Users\Daniel\AppData\Local\Temp\div1671.tmp --------- 0
29.05.2011 10:10 C:\Users\Daniel\AppData\Local\Temp\divF126.tmp --------- 0
28.05.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\5ve5gasg.zjo --------- 0
28.05.2011 13:13 C:\Users\Daniel\AppData\Local\Temp\divE6B6.tmp --------- 0
28.05.2011 07:54 C:\Users\Daniel\AppData\Local\Temp\{A6413792-E263-4C08-9B92-161D85DA4489} --------- 0
28.05.2011 07:53 C:\Users\Daniel\AppData\Local\Temp\divF5.tmp --------- 0
27.05.2011 20:24 C:\Users\Daniel\AppData\Local\Temp\{E290EE58-0C95-47ED-AEC2-3565A91477DF} --------- 0
27.05.2011 19:49 C:\Users\Daniel\AppData\Local\Temp\divE30D.tmp --------- 0
27.05.2011 18:34 C:\Users\Daniel\AppData\Local\Temp\div3B4.tmp --------- 0
27.05.2011 13:13 C:\Users\Daniel\AppData\Local\Temp\div1529.tmp --------- 0
26.05.2011 16:26 C:\Users\Daniel\AppData\Local\Temp\divFF20.tmp --------- 0
25.05.2011 16:57 C:\Users\Daniel\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_4.0.30319 --------- 0
25.05.2011 16:54 C:\Users\Daniel\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319 --------- 0
25.05.2011 16:23 C:\Users\Daniel\AppData\Local\Temp\divD532.tmp --------- 0
24.05.2011 16:56 C:\Users\Daniel\AppData\Local\Temp\divDB2D.tmp --------- 0
23.05.2011 16:26 C:\Users\Daniel\AppData\Local\Temp\divE484.tmp --------- 0
22.05.2011 14:05 C:\Users\Daniel\AppData\Local\Temp\divE82.tmp --------- 0
22.05.2011 11:26 C:\Users\Daniel\AppData\Local\Temp\divE1A6.tmp --------- 0
21.05.2011 18:05 C:\Users\Daniel\AppData\Local\Temp\divD60C.tmp --------- 0
21.05.2011 17:31 C:\Users\Daniel\AppData\Local\Temp\div663.tmp --------- 0
21.05.2011 16:18 C:\Users\Daniel\AppData\Local\Temp\divEED4.tmp --------- 0
21.05.2011 10:17 C:\Users\Daniel\AppData\Local\Temp\divF50E.tmp --------- 0
20.05.2011 20:27 C:\Users\Daniel\AppData\Local\Temp\divEB69.tmp --------- 0
20.05.2011 19:22 C:\Users\Daniel\AppData\Local\Temp\divDA04.tmp --------- 0
20.05.2011 14:49 C:\Users\Daniel\AppData\Local\Temp\divDF25.tmp --------- 0
19.05.2011 20:37 C:\Users\Daniel\AppData\Local\Temp\divE196.tmp --------- 0
19.05.2011 16:37 C:\Users\Daniel\AppData\Local\Temp\divF2FC.tmp --------- 0
18.05.2011 20:37 C:\Users\Daniel\AppData\Local\Temp\div700.tmp --------- 0
18.05.2011 16:12 C:\Users\Daniel\AppData\Local\Temp\divDC17.tmp --------- 0
17.05.2011 17:59 C:\Users\Daniel\AppData\Local\Temp\divEF03.tmp --------- 0
16.05.2011 20:45 C:\Users\Daniel\AppData\Local\Temp\divE0BB.tmp --------- 0
16.05.2011 19:13 C:\Users\Daniel\AppData\Local\Temp\divD3F9.tmp --------- 0
16.05.2011 18:36 C:\Users\Daniel\AppData\Local\Temp\plugtmp-3 --------- 0
16.05.2011 14:32 C:\Users\Daniel\AppData\Local\Temp\divEF22.tmp --------- 0
16.05.2011 10:05 C:\Users\Daniel\AppData\Local\Temp\divD1F6.tmp --------- 0
16.05.2011 09:46 C:\Users\Daniel\AppData\Local\Temp\divEB98.tmp --------- 0
15.05.2011 10:55 C:\Users\Daniel\AppData\Local\Temp\divF193.tmp --------- 0
14.05.2011 22:04 C:\Users\Daniel\AppData\Local\Temp\divE3F7.tmp --------- 0
14.05.2011 10:22 C:\Users\Daniel\AppData\Local\Temp\divEF51.tmp --------- 0
13.05.2011 21:21 C:\Users\Daniel\AppData\Local\Temp\divDAFE.tmp --------- 0
13.05.2011 20:09 C:\Users\Daniel\AppData\Local\Temp\divDE69.tmp --------- 0
13.05.2011 15:25 C:\Users\Daniel\AppData\Local\Temp\divDEB7.tmp --------- 0
13.05.2011 09:19 C:\Users\Daniel\AppData\Local\Temp\divDDBD.tmp --------- 0
12.05.2011 18:56 C:\Users\Daniel\AppData\Local\Temp\divE138.tmp --------- 0
12.05.2011 15:12 C:\Users\Daniel\AppData\Local\Temp\divF2FB.tmp --------- 0
12.05.2011 15:03 C:\Users\Daniel\AppData\Local\Temp\div1661.tmp --------- 0
12.05.2011 12:47 C:\Users\Daniel\AppData\Local\Temp\divD07F.tmp --------- 0
12.05.2011 09:35 C:\Users\Daniel\AppData\Local\Temp\divE58D.tmp --------- 0
11.05.2011 23:34 C:\Users\Daniel\AppData\Local\Temp\div2ECB.tmp --------- 0
11.05.2011 21:38 C:\Users\Daniel\AppData\Local\Temp\divECB1.tmp --------- 0
11.05.2011 16:38 C:\Users\Daniel\AppData\Local\Temp\{48A7D01F-0451-4DD8-81AF-260344E2CEB5} --------- 0
11.05.2011 16:35 C:\Users\Daniel\AppData\Local\Temp\divCDA0.tmp --------- 0
11.05.2011 16:23 C:\Users\Daniel\AppData\Local\Temp\div1D47.tmp --------- 0
11.05.2011 13:52 C:\Users\Daniel\AppData\Local\Temp\divE0F1.tmp --------- 0
11.05.2011 10:34 C:\Users\Daniel\AppData\Local\Temp\divFC90.tmp --------- 0
11.05.2011 09:22 C:\Users\Daniel\AppData\Local\Temp\divFCFD.tmp --------- 0
10.05.2011 16:57 C:\Users\Daniel\AppData\Local\Temp\divCC68.tmp --------- 0
10.05.2011 09:34 C:\Users\Daniel\AppData\Local\Temp\divE251.tmp --------- 0
09.05.2011 18:34 C:\Users\Daniel\AppData\Local\Temp\divD253.tmp --------- 0
09.05.2011 17:41 C:\Users\Daniel\AppData\Local\Temp\MozillaMailnews --------- 0
09.05.2011 16:06 C:\Users\Daniel\AppData\Local\Temp\divCD04.tmp --------- 0
09.05.2011 14:17 C:\Users\Daniel\AppData\Local\Temp\divE1D4.tmp --------- 0
09.05.2011 09:23 C:\Users\Daniel\AppData\Local\Temp\divEEE4.tmp --------- 0
08.05.2011 20:31 C:\Users\Daniel\AppData\Local\Temp\divD9B6.tmp --------- 0
08.05.2011 12:28 C:\Users\Daniel\AppData\Local\Temp\divD31E.tmp --------- 0
07.05.2011 20:14 C:\Users\Daniel\AppData\Local\Temp\divF25E.tmp --------- 0
07.05.2011 15:49 C:\Users\Daniel\AppData\Local\Temp\{18eccedb-dc6c-4c53-9a85-cf03db64cda0} --------- 0
07.05.2011 15:45 C:\Users\Daniel\AppData\Local\Temp\divC8CE.tmp --------- 0
07.05.2011 12:14 C:\Users\Daniel\AppData\Local\Temp\divE29F.tmp --------- 0
07.05.2011 10:37 C:\Users\Daniel\AppData\Local\Temp\divD4B5.tmp --------- 0
06.05.2011 15:16 C:\Users\Daniel\AppData\Local\Temp\divD5DE.tmp --------- 0
06.05.2011 09:59 C:\Users\Daniel\AppData\Local\Temp\divD6D8.tmp --------- 0
05.05.2011 20:28 C:\Users\Daniel\AppData\Local\Temp\divD495.tmp --------- 0
05.05.2011 12:41 C:\Users\Daniel\AppData\Local\Temp\{df33f80d-ea0f-431e-a0f6-bd8e924918ad} --------- 0
05.05.2011 09:38 C:\Users\Daniel\AppData\Local\Temp\divCBAC.tmp --------- 0
04.05.2011 20:49 C:\Users\Daniel\AppData\Local\Temp\{97D18D07-1DB6-4DEF-9D56-05AAF490DD2A} --------- 0
04.05.2011 20:44 C:\Users\Daniel\AppData\Local\Temp\div1846.tmp --------- 0
04.05.2011 20:33 C:\Users\Daniel\AppData\Local\Temp\divE917.tmp --------- 0
04.05.2011 15:56 C:\Users\Daniel\AppData\Local\Temp\divDC08.tmp --------- 0
04.05.2011 13:43 C:\Users\Daniel\AppData\Local\Temp\divD987.tmp --------- 0
04.05.2011 09:37 C:\Users\Daniel\AppData\Local\Temp\{0F0EBC4A-4D7C-435A-8375-73C7EA4EFBE5} --------- 0
04.05.2011 09:30 C:\Users\Daniel\AppData\Local\Temp\divE399.tmp --------- 0
03.05.2011 20:41 C:\Users\Daniel\AppData\Local\Temp\div4A14.tmp --------- 0
03.05.2011 16:39 C:\Users\Daniel\AppData\Local\Temp\VBE --------- 0
03.05.2011 11:53 C:\Users\Daniel\AppData\Local\Temp\divE38A.tmp --------- 0
03.05.2011 09:36 C:\Users\Daniel\AppData\Local\Temp\divD14A.tmp --------- 0
02.05.2011 19:23 C:\Users\Daniel\AppData\Local\Temp\divCE4C.tmp --------- 0
02.05.2011 14:48 C:\Users\Daniel\AppData\Local\Temp\divFA6D.tmp --------- 0
02.05.2011 09:38 C:\Users\Daniel\AppData\Local\Temp\divC7B5.tmp --------- 0
01.05.2011 17:47 C:\Users\Daniel\AppData\Local\Temp\divDED6.tmp --------- 0
01.05.2011 15:57 C:\Users\Daniel\AppData\Local\Temp\WMPBurn --------- 0
01.05.2011 14:39 C:\Users\Daniel\AppData\Local\Temp\divCA74.tmp --------- 0
01.05.2011 12:55 C:\Users\Daniel\AppData\Local\Temp\divE05D.tmp --------- 0
01.05.2011 11:48 C:\Users\Daniel\AppData\Local\Temp\divC013.tmp --------- 0
01.05.2011 10:54 C:\Users\Daniel\AppData\Local\Temp\plugtmp-2 --------- 0
01.05.2011 10:52 C:\Users\Daniel\AppData\Local\Temp\divE1A5.tmp --------- 0
30.04.2011 17:34 C:\Users\Daniel\AppData\Local\Temp\divC217.tmp --------- 0
30.04.2011 16:48 C:\Users\Daniel\AppData\Local\Temp\divCF08.tmp --------- 0
30.04.2011 16:31 C:\Users\Daniel\AppData\Local\Temp\divC7C4.tmp --------- 0
30.04.2011 14:05 C:\Users\Daniel\AppData\Local\Temp\divE60A.tmp --------- 0
30.04.2011 10:59 C:\Users\Daniel\AppData\Local\Temp\div6D1.tmp --------- 0
29.04.2011 19:21 C:\Users\Daniel\AppData\Local\Temp\divFF49.tmp --------- 0
29.04.2011 11:59 C:\Users\Daniel\AppData\Local\Temp\plugtmp --------- 0
26.04.2011 12:05 C:\Users\Daniel\AppData\Local\Temp\oPackage --------- 0
25.04.2011 16:44 C:\Users\Daniel\AppData\Local\Temp\comtypes_cache --------- 0
10.04.2011 10:29 C:\Users\Daniel\AppData\Local\Temp\Kikin_CrashDump --------- 0
20.03.2011 11:25 C:\Users\Daniel\AppData\Local\Temp\scoped_dir10422 --------- 0
20.03.2011 11:25 C:\Users\Daniel\AppData\Local\Temp\scoped_dir30992 --------- 0
19.03.2011 18:25 C:\Users\Daniel\AppData\Local\Temp\scoped_dir16894 --------- 0
19.03.2011 18:25 C:\Users\Daniel\AppData\Local\Temp\scoped_dir27704 --------- 0
18.03.2011 18:15 C:\Users\Daniel\AppData\Local\Temp\scoped_dir29020 --------- 0
18.03.2011 18:15 C:\Users\Daniel\AppData\Local\Temp\scoped_dir5720 --------- 0
18.03.2011 17:32 C:\Users\Daniel\AppData\Local\Temp\scoped_dir30105 --------- 0
18.03.2011 17:32 C:\Users\Daniel\AppData\Local\Temp\scoped_dir28517 --------- 0
10.03.2011 17:52 C:\Users\Daniel\AppData\Local\Temp\msohtmlclip --------- 0
08.03.2011 20:35 C:\Users\Daniel\AppData\Local\Temp\scoped_dir12832 --------- 0
08.03.2011 20:35 C:\Users\Daniel\AppData\Local\Temp\scoped_dir29683 --------- 0
07.03.2011 18:34 C:\Users\Daniel\AppData\Local\Temp\scoped_dir16108 --------- 0
07.03.2011 18:34 C:\Users\Daniel\AppData\Local\Temp\scoped_dir18731 --------- 0
07.03.2011 12:21 C:\Users\Daniel\AppData\Local\Temp\scoped_dir10911 --------- 0
07.03.2011 12:21 C:\Users\Daniel\AppData\Local\Temp\scoped_dir11291 --------- 0
06.03.2011 23:40 C:\Users\Daniel\AppData\Local\Temp\OIS --------- 0
18.02.2011 18:42 C:\Users\Daniel\AppData\Local\Temp\zauninst.exe --------- 226304
18.02.2011 18:28 C:\Users\Daniel\AppData\Local\Temp\vsinit.dll --------- 228864
18.02.2011 18:28 C:\Users\Daniel\AppData\Local\Temp\vsutil.dll --------- 715264
14.01.2011 20:59 C:\Users\Daniel\AppData\Local\Temp\{94C0063B-7BAE-4228-80AB-B7B961B1815E} --------- 0
16.11.2010 20:21 C:\Users\Daniel\AppData\Local\Temp\{A8DC9164-4057-4FB8-934C-8C12F777802C} --------- 0
30.09.2010 19:25 C:\Users\Daniel\AppData\Local\Temp\{BAD6C704-3C91-4189-8D3C-D9B6825002CF} --------- 0
07.08.2010 03:04 C:\Users\Daniel\AppData\Local\Temp\{33DC37BA-A25D-4695-B42F-B0208F160E3F} --------- 0
07.08.2010 02:52 C:\Users\Daniel\AppData\Local\Temp\{0407AFB4-1E2D-4847-BFB6-C7DA45656C87} --------- 0
02.08.2010 18:53 C:\Users\Daniel\AppData\Local\Temp\{26342740-30EC-4251-8169-9A2CC20CCD3E} --------- 0
18.07.2010 12:22 C:\Users\Daniel\AppData\Local\Temp\filelist.txt --------- 9056
29.06.2010 18:05 C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
22.05.2010 15:44 C:\Users\Daniel\AppData\Local\Temp\div293D.tmp --------- 0
23.10.2009 23:46 C:\Users\Daniel\AppData\Local\Temp\Left 4 Dead 2_disk1.sim --------- 2533261
30.04.2009 13:04 C:\Users\Daniel\AppData\Local\Temp\msvcr80.dll --------- 626688
30.04.2009 13:04 C:\Users\Daniel\AppData\Local\Temp\zlib1.dll --------- 75264
30.04.2009 13:04 C:\Users\Daniel\AppData\Local\Temp\SimPack.exe --------- 81408
26.09.2008 11:02 C:\Users\Daniel\AppData\Local\Temp\AdobeUpdater12345.exe --------- 2356088
28.02.2007 00:08 C:\Users\Daniel\AppData\Local\Temp\_is62C2.exe --------- 456416
06.11.2006 23:59 C:\Users\Daniel\AppData\Local\Temp\eauninstall.exe --------- 253952
31.10.2006 01:00 C:\Users\Daniel\AppData\Local\Temp\ose00000.exe --------- 145184
11.10.2006 22:38 C:\Users\Daniel\AppData\Local\Temp\EAInstall.dll --------- 720896
07.04.2005 01:39 C:\Users\Daniel\AppData\Local\Temp\set1355.tmp --------- 121064
07.04.2005 00:39 C:\Users\Daniel\AppData\Local\Temp\set13C1.tmp --------- 121064
22.10.2004 04:16 C:\Users\Daniel\AppData\Local\Temp\set1DFC.tmp --------- 118736
27.03.2003 19:41 C:\Users\Daniel\AppData\Local\Temp\IEC5E8C.tmp --------- 344923
----------------------------------------
C:\Program Files
19.07.2011 22:02 C:\Program Files\ATI Technologies --------- 0
19.07.2011 20:48 C:\Program Files\ATI --------- 0
17.07.2011 19:43 C:\Program Files\Fraps --------- 0
16.06.2011 16:28 C:\Program Files\Internet Explorer --------- 4096
11.06.2011 19:57 C:\Program Files\DivX --------- 0
25.05.2011 17:01 C:\Program Files\Microsoft Synchronization Services --------- 0
25.05.2011 17:01 C:\Program Files\Microsoft SQL Server Compact Edition --------- 0
25.05.2011 16:58 C:\Program Files\Microsoft Visual Studio 10.0 --------- 0
25.05.2011 16:58 C:\Program Files\Microsoft Help Viewer --------- 0
22.05.2011 14:41 C:\Program Files\Adobe --------- 0
22.05.2011 14:20 C:\Program Files\Common Files --------- 4096
11.05.2011 10:19 C:\Program Files\TeamSpeak 3 Client --------- 8192
30.03.2011 20:52 C:\Program Files\Warcraft III 1.24 --------- 0
20.03.2011 20:24 C:\Program Files\Warcraft III --------- 28672
17.12.2010 17:22 C:\Program Files\Windows Mail --------- 0
20.11.2010 11:40 C:\Program Files\CheckPoint --------- 0
16.10.2010 02:55 C:\Program Files\Quake 3 --------- 0
13.10.2010 12:52 C:\Program Files\Windows Media Player --------- 4096
10.10.2010 19:56 C:\Program Files\Windows XP Mode --------- 0
25.09.2010 02:52 C:\Program Files\FlatOut2 --------- 0
18.09.2010 11:56 C:\Program Files\Derive 6 --------- 0
18.09.2010 11:55 C:\Program Files\logisim --------- 0
15.08.2010 01:29 C:\Program Files\Call of Duty 2 --------- 0
04.08.2010 22:23 C:\Program Files\blobby --------- 0
16.07.2010 23:59 C:\Program Files\winhlp32 --------- 0
08.07.2010 17:02 C:\Program Files\Microsoft Games --------- 4096
05.07.2010 18:42 C:\Program Files\Microsoft Office --------- 0
03.07.2010 23:26 C:\Program Files\WinRAR --------- 4096
29.06.2010 18:03 C:\Program Files\Windows NT --------- 4096
29.06.2010 18:03 C:\Program Files\Gemeinsame Dateien --------- 0
14.07.2009 20:18 C:\Program Files\DVD Maker --------- 4096
14.07.2009 20:18 C:\Program Files\Windows Journal --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Sidebar --------- 4096
14.07.2009 19:58 C:\Program Files\Windows Photo Viewer --------- 0
14.07.2009 19:58 C:\Program Files\Windows Defender --------- 4096
14.07.2009 07:32 C:\Program Files\Windows Portable Devices --------- 0
14.07.2009 07:32 C:\Program Files\MSBuild --------- 0
14.07.2009 07:32 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 07:09 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:54 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
Daniel
AppData
Administrator
Default
Public
Default User
All Users
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
127.0.0.1 im.adtech.de
127.0.0.1 adserver.adtech.de
127.0.0.1 adtech.de
127.0.0.1 atwola.com
127.0.0.1 adserver.71i.de
127.0.0.1 adicqserver.71i.de
127.0.0.1 71i.de
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123simsen.com
127.0.0.1 www.123simsen.com
127.0.0.1 123topsearch.com
127.0.0.1 www.123topsearch.com
127.0.0.1 125sms.co.uk
127.0.0.1 www.125sms.co.uk
127.0.0.1 125sms.com
127.0.0.1 www.125sms.com
127.0.0.1 132.com
127.0.0.1 www.132.com
127.0.0.1 1337crew.info
127.0.0.1 www.1337crew.info
127.0.0.1 www.1337-crew.to
127.0.0.1 1337-crew.to
127.0.0.1 www.136136.net
127.0.0.1 136136.net
127.0.0.1 150freesms.de
127.0.0.1 www.150freesms.de
127.0.0.1 www.163ns.com
127.0.0.1 163ns.com
127.0.0.1 171203.com
127.0.0.1 17concepts.info
127.0.0.1 www.17concepts.info
127.0.0.1 17-plus.com
127.0.0.1 www.1800searchonline.com
127.0.0.1 1800searchonline.com
127.0.0.1 180searchassistant.com
127.0.0.1 www.180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 www.180solutions.com
127.0.0.1 181.365soft.info
127.0.0.1 www.181.365soft.info
127.0.0.1 1987324.com
127.0.0.1 www.1987324.com
127.0.0.1 1-domains-registrations.com
127.0.0.1 www.1-domains-registrations.com
127.0.0.1 www.1ghporn.info
127.0.0.1 1ghporn.info
127.0.0.1 www.1importantiamreal.com
127.0.0.1 1importantiamreal.com
127.0.0.1 www.1mybigdreamnowreal.com
127.0.0.1 1mybigdreamnowreal.com
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 5.352 K
smss.exe 276 Services 0 1.024 K
csrss.exe 368 Services 0 6.560 K
wininit.exe 444 Services 0 6.000 K
csrss.exe 472 Console 1 19.420 K
services.exe 524 Services 0 10.840 K
lsass.exe 536 Services 0 12.316 K
lsm.exe 548 Services 0 4.036 K
winlogon.exe 620 Console 1 6.356 K
svchost.exe 720 Services 0 9.108 K
svchost.exe 792 Services 0 8.292 K
Ati2evxx.exe 848 Services 0 4.776 K
svchost.exe 932 Services 0 22.968 K
svchost.exe 984 Services 0 117.764 K
svchost.exe 108 Services 0 42.940 K
svchost.exe 1040 Services 0 14.328 K
svchost.exe 1132 Services 0 38.868 K
Ati2evxx.exe 1256 Console 1 8.176 K
spoolsv.exe 1360 Services 0 17.280 K
sched.exe 1412 Services 0 1.996 K
svchost.exe 1436 Services 0 18.404 K
PhotoshopElementsFileAgen 1556 Services 0 1.580 K
avguard.exe 1628 Services 0 10.704 K
hamachi-2.exe 1676 Services 0 11.056 K
PnkBstrA.exe 1740 Services 0 5.228 K
svchost.exe 1848 Services 0 5.260 K
taskhost.exe 292 Console 1 8.132 K
dwm.exe 1660 Console 1 54.244 K
explorer.exe 1708 Console 1 78.424 K
ICQ.exe 2196 Console 1 62.812 K
sidebar.exe 2204 Console 1 33.264 K
Dropbox.exe 2224 Console 1 43.796 K
ONENOTEM.EXE 2232 Console 1 964 K
avshadow.exe 2372 Services 0 3.864 K
conhost.exe 2384 Services 0 2.560 K
avgnt.exe 2552 Console 1 2.808 K
apdproxy.exe 2580 Console 1 5.984 K
DivXUpdate.exe 2592 Console 1 19.640 K
VersionCueCS4Tray.exe 2692 Console 1 9.560 K
hamachi-2-ui.exe 2716 Console 1 22.016 K
jusched.exe 2752 Console 1 13.936 K
smax4pnp.exe 2764 Console 1 7.108 K
mbamgui.exe 2780 Console 1 6.880 K
MOM.exe 2788 Console 1 6.904 K
SearchIndexer.exe 2380 Services 0 27.176 K
svchost.exe 372 Services 0 37.396 K
svchost.exe 3092 Services 0 6.360 K
CCC.exe 3276 Console 1 12.800 K
svchost.exe 3444 Services 0 17.004 K
wmpnetwk.exe 3836 Services 0 4.188 K
svchost.exe 3312 Services 0 16.640 K
mbamservice.exe 4872 Services 0 46.100 K
wuauclt.exe 5028 Console 1 6.312 K
audiodg.exe 2432 Services 0 17.544 K
wmplayer.exe 1956 Console 1 54.860 K
ts3client_win32.exe 5032 Console 1 44.236 K
dllhost.exe 2544 Console 1 5.756 K
rads_user_kernel.exe 4588 Console 1 9.260 K
PMB.exe 1452 Console 1 48.184 K
LoLLauncher.exe 1944 Console 1 26.584 K
firefox.exe 5076 Console 1 152.160 K
plugin-container.exe 2088 Console 1 40.580 K
LolClient.exe 4860 Console 1 216.272 K
cmd.exe 3172 Console 1 3.712 K
conhost.exe 2400 Console 1 6.664 K
SearchProtocolHost.exe 3580 Services 0 8.104 K
SearchFilterHost.exe 4956 Services 0 6.432 K
tasklist.exe 2540 Console 1 5.384 K
WmiPrvSE.exe 4164 Services 0 6.044 K
***** Ende des Scans 26.07.2011 um 17:13:53,48 ***
Code:
ATTFilter
Acrobat.com Adobe Systems Incorporated 07.07.2010 1.2.443
Adobe AIR Adobe Systems Inc. 07.07.2010 1.1.0.5790
Adobe Anchor Service x64 CS4 30.06.2010
Adobe CMaps x64 CS4 30.06.2010
Adobe Creative Suite 4 Master Collection Adobe Systems Incorporated 21.05.2011 3.752MB 4.0
Adobe CSI CS4 x64 30.06.2010
Adobe Drive CS4 x64 30.06.2010
Adobe Flash Player 10 ActiveX Adobe Systems, Inc. 21.05.2011 1,96MB 10.0.2.54
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 16.06.2011 6,00MB 10.3.181.26
Adobe Fonts All x64 30.06.2010
Adobe InDesign CS4 Icon Handler x64 30.06.2010
Adobe Linguistics CS4 x64 30.06.2010
Adobe Media Player Adobe Systems Incorporated 07.07.2010 1.1
Adobe PDF Library Files x64 CS4 30.06.2010
Adobe Photoshop CS4 (64 Bit) 30.06.2010
Adobe Photoshop Elements 5.0 Adobe Systems, Inc. 31.10.2010 5.0
Adobe Reader 8.3.0 - Deutsch Adobe Systems Incorporated 14.06.2011 102,1MB 8.3.0
Adobe Type Support x64 CS4 30.06.2010
Adobe WinSoft Linguistics Plugin x64 30.06.2010
Aldi Sued Fotoservice 2.7 16.07.2010
Aldi Süd Foto Service 4.6 ORWO Net 16.07.2010 4.6
ALDI Süd Online Druck Service 4.6 ORWO Net 16.07.2010 4.6
Apple Application Support Apple Inc. 28.04.2011 52,8MB 1.4.1
Apple Software Update Apple Inc. 28.04.2011 2,16MB 2.1.1.116
ATI Catalyst Install Manager ATI Technologies, Inc. 18.07.2011 18,1MB 3.0.715.0
Aufstieg des Hexenkönigs™ 17.07.2010
Avira AntiVir Personal - Free Antivirus Avira GmbH 03.07.2011 61,8MB 10.2.0.696
Battlefield 2(TM) 06.08.2010
Battlefield 2: Special Forces 06.08.2010 0,78MB
Borland Delphi 7 Borland Software Corporation 04.07.2010 474MB 7.0
Call of Duty(R) - World at War(TM) Activision 27.08.2010 2.673MB 1.0
Call of Duty(R) 4 - Modern Warfare(TM) Activision 05.08.2010 2.247MB 1.7
Call of Duty: Modern Warfare 2 Infinity Ward 20.10.2010
Call of Duty: Modern Warfare 2 - Multiplayer Infinity Ward 20.10.2010
CCleaner Piriform 25.07.2011 3.08
CloneCD SlySoft 15.08.2010
Das große Tafelwerk interaktiv 06.11.2010
Dev-C++ 5 beta 9 release (4.9.9.2) 20.05.2011
DGE-528T Ethernet Controller Driver For Windows 7 D-Link 03.10.2010 1.00.0010
Die Schlacht um Mittelerde™ II 09.07.2010
DivX-Setup DivX, LLC 28.04.2011 2.5.0.8
Driver Genius Professional Edition Driver-Soft Inc. 18.07.2011 11,0MB 10.0
Dropbox Dropbox, Inc. 27.05.2011 1.1.35
DVD Shrink 3.2 DVD Shrink 15.08.2010
DVDVideoSoftTB Toolbar 18.11.2010
Epson Copy Utility 3.5 26.05.2011 3.5.0.0
Fraps 19.09.2010
Free Audio CD Burner version 1.4.7 DVDVideoSoft Limited. 27.03.2011 10,7MB
Free YouTube Download 2.9 DVDVideoSoft Limited. 18.11.2010 25,5MB
Free YouTube to MP3 Converter version 3.9.35.324 DVDVideoSoft Limited. 27.03.2011 36,0MB
GeoGebra WebStart International GeoGebra Institute 16.11.2010
ICQ 7.2 Build #3143 Banner Remover 1.1 murb.com 02.10.2010 2,09MB
ICQ7.5 ICQ 03.05.2011 7.5
Java(TM) 6 Update 26 Oracle 16.07.2011 94,9MB 6.0.260
Kasparov Chessmate 19.06.2011
kikin plugin 2.9 kikin 22.02.2011 2.9
League of Legends Riot Games 13.01.2011 1.02.0000
Left 4 Dead Valve 08.09.2010
LingoPad 2.6 (Build 360) Lingo4you 30.07.2010 2.6
LogMeIn Hamachi LogMeIn, Inc. 31.05.2011 2.0.3.115
Malwarebytes' Anti-Malware Version 1.51.1.1800 Malwarebytes Corporation 24.07.2011 13,4MB 1.51.1.1800
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 26.10.2010 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 24.05.2011 2,94MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 24.05.2011 52,0MB 4.0.30319
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 24.05.2011 10,7MB 4.0.30319
Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 24.05.2011 83,5MB 4.0.30319
Microsoft Help Viewer 1.0 Microsoft Corporation 24.05.2011 3,97MB 1.0.30319
Microsoft Help Viewer 1.0 Language Pack - DEU Microsoft Corporation 24.05.2011 1,95MB 1.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 04.07.2010 12.0.4518.1014
Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 24.05.2011 17,1MB 10.50.1447.4
Microsoft SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 24.05.2011 3,69MB 3.5.8080.0
Microsoft SQL Server Compact 3.5 SP2 x64 DEU Microsoft Corporation 24.05.2011 4,81MB 3.5.8080.0
Microsoft SQL Server System CLR Types Microsoft Corporation 24.05.2011 2,55MB 10.50.1447.4
Microsoft Visual C# 2010 Express - DEU Microsoft Corporation 24.05.2011 10.0.30319
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 20.10.2010 2,69MB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 30.06.2010 0,69MB 8.0.56336
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 13.10.2010 0,25MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 02.07.2010 0,77MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.10.2010 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 02.07.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Corporation 24.05.2011 0,58MB 9.0.30729.4974
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Corporation 24.05.2011 33,0MB 10.0.30319
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Corporation 24.05.2011 35,3MB 10.0.30319
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU Microsoft Corporation 24.05.2011 4,32MB 10.0.30319
Microsoft XNA Framework Redistributable 3.1 Microsoft Corporation 06.10.2010 7,55MB 3.1.10527.0
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme Microsoft Corporation 07.07.2010 0,13MB 12.0.4518.1014
Minecraft Beta Cracked 13.07.2011
Mozilla Firefox 5.0 (x86 de) Mozilla 25.06.2011 33,3MB 5.0
Mozilla Thunderbird (3.1.11) Mozilla 25.06.2011 3.1.11 (de)
Mp3tag v2.46a Florian Heidenreich 15.07.2010 v2.46a
Pando Media Booster Pando Networks Inc. 13.01.2011 5,47MB 2.3.5.2
PDFCreator Frank Heindörfer, Philip Chinery 24.12.2010 1.1.0
Photoshop Camera Raw_x64 30.06.2010
PunkBuster Services Even Balance, Inc. 19.10.2010 0.988
QuickTime Apple Inc. 28.04.2011 73,7MB 7.69.80.9
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 07.07.2010 6.0.1.6000
Runes of Magic Frogster Online Gaming GmbH 01.06.2011 3.0.8.2349
Schiffe bauen mit Willy Werkel 14.01.2011
Secret Maryo Chronicles Florian Richter 21.05.2011 1.9
Sid Meier's Civilization 4 Firaxis Games 01.08.2010 1.74
Sid Meier's Civilization 4 - Beyond the Sword Firaxis Games 01.08.2010 3.19
Sid Meier's Civilization 4 - Warlords Firaxis Games 01.08.2010 2.13
SoundMAX Analog Devices 06.07.2011 6.10.2.6100
Steam Valve Corporation 06.10.2010 1,49MB 1.0.0.0
Steamless Portal Pack Steamless 06.05.2011 1.0
Stronghold Crusader 20.03.2011
TeamSpeak 3 Client TeamSpeak Systems GmbH 30.05.2011
TeamSpeak 3 Client TeamSpeak Systems GmbH 29.10.2010
TripleA Version 1_2_5_5 27.02.2011
Uninstall 1.0.0.1 27.03.2011 10,9MB
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU Microsoft Corporation 24.05.2011 11,2MB 4.0.8080.0
VLC media player 1.1.10 VideoLAN 08.07.2011 1.1.10
Warcraft III Blizzard Entertainment 07.07.2010
Warkeys 1.17.1.0b 08.10.2010 1.17.1.0b
WavePad Audiobearbeitungs-Software NCH Software 23.02.2011
Windows Media Player Firefox Plugin Microsoft Corp 03.12.2010 0,29MB 1.0.0.8
Windows XP Mode Microsoft Corporation 09.10.2010 1.161MB 1.3.7600.16422
WinPcap 4.1.2 CACE Technologies 02.10.2010 4.1.0.2001
WinRAR 02.07.2010
YouTube Downloader 3.0 BienneSoft 26.06.2011
Dann noch eventuell hilfreiche Infos: Zu dem Zeitpunkt als das Problem mit der Link-Umleitung aufgetreten ist war ich gerade dabei einige Treiber zu akualisieren. Letztendlich habe ich aber nur mein Grafiktreiber neuinstalliert (direkt von der Herstellerseite runtergeladen) sowie die beiden Programme "Driver Genius" und "Driver Navigator" runtergeladen. Danach hab ich dann die Treiberinstallation abgebrochen da die Link-Umleitung aufgetreten ist. gruß Joker Geändert von Joker807 (26.07.2011 um 16:34 Uhr) |
|
26.07.2011, 19:46
| #5 |
| | Umleitung von Google-Links über 100ksearches Da ich, wie schon erwähnt Zonealarm deinstalliert hatte, wollte ich gerade Windows Firewall aktivieren und muss jetzt feststellen dass das nicht mehr möglich ist. Folgende Fehlermeldung kommt: "Einige der Einstellungen können von der Windows-Firewall nicht geändert werden. Fehlercode 0x8007042c" Nach kurzen googleln hab ich zwar für dieses Problem schon einige Lösungsvorschläge gefunden aber ich habe mich entschieden erst mal nichts zu machen und auf euren Rat warten. |
|
26.07.2011, 22:37
| #6 |
| /// Helfer-Team | Umleitung von Google-Links über 100ksearches 1. ZoneAlarm richtig deinstalliert?: Forennachricht ZoneAlarmPro 3 vollständig deinstallieren 2. deinstalliere, wenn nicht absichtlich installiert hast bzw nicht benötigst: DVDVideoSoftTB Toolbar 3. Code:
ATTFilter kikin plugin
4. Fixen mit OTL
Code:
ATTFilter :OTL
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p="
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
[2010.08.27 23:04:54 | 000,000,943 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\conduit.xml
[2010.10.17 17:40:52 | 000,002,059 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\daemon-search.xml
[2010.09.24 22:41:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.18 22:10:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.23 22:47:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\Shell - "" = AutoRun
O33 - MountPoints2\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
[2010.10.03 21:05:12 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\kikin
:Commands
[purity]
[emptytemp]
5. erneut einen Scan mit OTL:
__________________ --> Umleitung von Google-Links über 100ksearches |
|
27.07.2011, 22:00
| #7 |
| | Umleitung von Google-Links über 100ksearches zu 1.: hab keine Rückstände gefunden zu 2. und 3.: gemacht zu 4.: Textdokument nach dem Fixen mit OTL Code:
ATTFilter All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "ZoneAlarm-Sicherheit Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "chr-greentree_ff&type=937811" removed from browser.search.param.yahoo-fr
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p=" removed from keyword.URL
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\conduit.xml moved successfully.
C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\daemon-search.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E601996F-E400-41CA-804B-CD6373A7EEE2}\ not found.
File C:\Program Files (x86)\kikin\ie_kikin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ZoneAlarm Client not found.
File C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
File C:\Program Files (x86)\kikin\ie_kikin.dll not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b29abdc5-a1fd-11df-b19b-00195b5a5264}\ not found.
File E:\LaunchU3.exe -a not found.
Folder C:\Users\Daniel\AppData\Roaming\kikin\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: AppData
User: Daniel
->Temp folder emptied: 11828782 bytes
->Temporary Internet Files folder emptied: 27659689 bytes
->Java cache emptied: 5675856 bytes
->FireFox cache emptied: 235203582 bytes
->Flash cache emptied: 523289 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 45598 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 73850 bytes
Total Files Cleaned = 268,00 mb
OTL by OldTimer - Version 3.2.26.1 log created on 07272011_201752
Files\Folders moved on Reboot...
C:\Users\Daniel\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Daniel\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.
Registry entries deleted on Reboot...
|
|
27.07.2011, 22:12
| #8 |
| | Umleitung von Google-Links über 100ksearches zu 5. OTL.txt OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.07.2011 20:27:21 - Run 2 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Daniel\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 51,78% Memory free 6,00 Gb Paging File | 4,24 Gb Available in Paging File | 70,68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 280,56 Gb Free Space | 60,24% Space Free | Partition Type: NTFS Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.06.29 10:46:19 | 000,124,216 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe PRC - [2011.06.28 17:16:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.26 13:57:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.04.29 17:50:08 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.11.07 21:40:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.10.20 22:30:39 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2008.08.15 05:46:20 | 000,378,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe PRC - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe PRC - [2006.12.22 08:29:56 | 000,067,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe ========== Modules (SafeList) ========== MOD - [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.05.22 14:20:15 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2010.02.11 07:29:30 | 000,952,320 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.07.15 17:41:21 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.28 17:16:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.05.22 14:17:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.04.29 17:50:08 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.10.20 22:30:39 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.06.28 17:16:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.06.28 17:16:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.07.04 00:11:13 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.02.11 09:42:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.09.23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2009.09.23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2009.08.06 22:39:28 | 000,215,040 | ---- | M] (D-Link corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DLKRT64.sys -- (DLKRT64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.02.06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2007.01.16 13:51:32 | 000,413,184 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:64bit: - [2006.12.26 14:54:37 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:64bit: - [2006.12.26 14:54:33 | 000,013,520 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2006.11.01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2006.12.26 14:54:37 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 12 2F 88 FF 5B CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.06.11 19:57:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.06.11 19:57:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 13:57:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.06.15 19:58:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.06.26 15:31:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.06.15 19:58:47 | 000,000,000 | ---D | M] [2010.10.03 20:51:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2010.10.03 20:51:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.07.27 20:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\8jsqjv9n.default\extensions [2011.07.21 17:31:12 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\icqplugin-1.xml [2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\icqplugin.xml [2011.07.27 20:17:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.07.17 21:46:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JSQJV9N.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.06.26 13:57:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.07.17 21:46:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2011.07.23 20:59:13 | 000,436,328 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 im.adtech.de O1 - Hosts: 127.0.0.1 adserver.adtech.de O1 - Hosts: 127.0.0.1 adtech.de O1 - Hosts: 127.0.0.1 atwola.com O1 - Hosts: 127.0.0.1 adserver.71i.de O1 - Hosts: 127.0.0.1 adicqserver.71i.de O1 - Hosts: 127.0.0.1 71i.de O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 15016 more lines... O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.27 20:17:52 | 000,000,000 | ---D | C] -- C:\_OTL [2011.07.27 16:47:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.07.26 17:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.07.26 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.07.25 19:56:41 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.07.25 19:43:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Trojaner Board [2011.07.25 18:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.07.24 11:27:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.07.23 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2011.07.23 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.07.23 22:02:13 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.23 22:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.23 22:02:07 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.23 22:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware fail [2011.07.23 20:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.07.23 20:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.07.22 14:21:16 | 000,000,000 | ---D | C] -- C:\Windows\system64 [2011.07.22 13:52:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Easeware [2011.07.22 13:42:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2011.07.19 22:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.07.19 22:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\My Drivers [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Innovative Solutions [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions [2011.07.19 21:31:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\DriverGenius [2011.07.19 21:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition [2011.07.19 21:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft [2011.07.19 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.07.19 20:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011.07.19 20:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.07.17 21:46:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.07.17 21:46:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.17 21:46:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.17 21:46:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.17 16:14:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Minecraft [2011.07.14 18:36:01 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked [2011.07.13 16:33:16 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011.07.13 16:33:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 16:33:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011.07.13 16:33:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011.07.13 16:33:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011.07.13 16:33:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 16:33:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011.07.13 16:32:59 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011.07.13 16:32:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011.07.13 16:32:59 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011.07.13 16:32:59 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.07.13 16:32:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011.07.13 16:32:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011.07.13 16:32:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011.07.13 16:32:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011.07.13 16:32:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011.07.13 16:32:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011.07.13 16:32:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011.07.13 16:32:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011.07.09 22:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.07.09 22:20:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\vlc [2011.07.03 10:07:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011.07.01 23:34:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\.minecraft [2011.07.01 23:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft [2011.06.29 16:15:00 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2011.06.29 16:15:00 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2011.06.29 16:14:57 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2011.06.29 16:14:57 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2011.06.29 16:14:57 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2011.06.29 16:14:57 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2011.06.29 16:14:56 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2011.06.29 16:14:55 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2011.06.29 16:14:55 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2011.06.29 16:14:55 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2011.06.29 16:14:55 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2011.06.29 16:14:55 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2011.06.29 16:14:55 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll [2011.06.29 16:14:55 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2011.06.29 16:14:55 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2011.06.29 16:14:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2011.06.27 21:34:48 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2011.06.27 21:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\YouTube Downloader [2011.06.27 21:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader [2011.06.27 21:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.07.27 20:29:12 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.27 20:29:12 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.27 20:21:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.27 20:21:20 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2011.07.26 17:16:02 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.26 16:50:48 | 000,002,097 | ---- | M] () -- C:\Users\Daniel\Desktop\hjtscanlist.zip [2011.07.25 18:57:28 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.24 12:08:51 | 000,031,705 | ---- | M] () -- C:\Users\Daniel\Desktop\Anhang Joker.zip [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.07.23 21:54:21 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.07.23 21:54:21 | 000,698,726 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.07.23 21:54:21 | 000,652,708 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.07.23 21:54:21 | 000,148,782 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.07.23 21:54:21 | 000,121,640 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.07.23 20:59:13 | 000,436,328 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011.07.22 13:42:24 | 000,092,458 | ---- | M] () -- C:\Users\Daniel\Desktop\veraltete Treiber.jpg [2011.07.19 21:30:01 | 000,001,111 | ---- | M] () -- C:\Users\Daniel\Desktop\Driver Genius Professional Edition.lnk [2011.07.19 21:10:41 | 000,000,674 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011.07.19 20:20:48 | 000,001,640 | ---- | M] () -- C:\Users\Daniel\Desktop\Gerätemanager.lnk [2011.07.17 21:45:59 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.17 21:45:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.17 21:45:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.17 21:45:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.07.14 18:36:01 | 000,000,982 | ---- | M] () -- C:\Users\Daniel\Desktop\Start Minecraft Beta Cracked.lnk [2011.07.14 16:11:40 | 003,022,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.07.13 19:33:54 | 286,490,907 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.07.09 22:24:25 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.06.28 17:16:28 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.06.28 17:16:28 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.07.26 17:15:51 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.26 17:11:14 | 000,030,259 | ---- | C] () -- C:\Users\Daniel\Desktop\hjtscanlist.bat [2011.07.26 16:50:43 | 000,002,097 | ---- | C] () -- C:\Users\Daniel\Desktop\hjtscanlist.zip [2011.07.24 12:12:14 | 000,031,705 | ---- | C] () -- C:\Users\Daniel\Desktop\Anhang Joker.zip [2011.07.24 10:57:12 | 000,001,405 | ---- | C] () -- C:\Users\Daniel\Desktop\Internet Explorer.lnk [2011.07.23 22:02:14 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.22 13:40:17 | 000,092,458 | ---- | C] () -- C:\Users\Daniel\Desktop\veraltete Treiber.jpg [2011.07.19 21:30:01 | 000,001,111 | ---- | C] () -- C:\Users\Daniel\Desktop\Driver Genius Professional Edition.lnk [2011.07.19 21:10:15 | 000,000,674 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.19 20:20:32 | 000,001,640 | ---- | C] () -- C:\Users\Daniel\Desktop\Gerätemanager.lnk [2011.07.14 18:36:01 | 000,000,982 | ---- | C] () -- C:\Users\Daniel\Desktop\Start Minecraft Beta Cracked.lnk [2011.07.09 22:24:25 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.05.25 16:56:17 | 001,578,968 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.22 19:01:15 | 000,140,200 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.04.07 17:00:45 | 000,007,607 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2010.11.21 10:31:15 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010.11.07 23:06:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\mupkernps11.dll [2010.11.01 15:00:47 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.11.01 14:58:35 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2010.10.20 22:30:39 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.09.24 17:49:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.08.16 17:41:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.08.06 20:08:53 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.08.06 20:08:48 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.07.17 23:29:29 | 000,468,128 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\mdbu.bin [2010.07.04 01:23:02 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.01.03 06:05:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2002.08.09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL [2002.08.09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL ========== LOP Check ========== [2011.07.17 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft [2010.11.20 11:42:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\CheckPoint [2010.07.04 00:15:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite [2011.05.21 12:14:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dev-Cpp [2011.07.27 20:23:10 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dropbox [2011.03.28 19:50:08 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers [2011.07.22 13:52:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Easeware [2011.06.01 22:11:44 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\FOG Downloader [2011.07.27 20:22:59 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\ICQ [2010.07.08 15:52:25 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Lingo4u [2011.01.16 13:10:49 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\LolClient [2010.07.18 12:25:45 | 000,000,000 | R--D | M] -- C:\Users\Daniel\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2010.07.16 15:05:14 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Mp3tag [2010.08.01 21:25:36 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\My Games [2011.02.24 18:11:17 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\NCH Swift Sound [2011.04.24 18:33:30 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Opera [2010.07.10 15:27:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Orginal Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien [2011.05.22 14:36:22 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\smc [2010.11.27 21:14:56 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TeamViewer [2011.02.26 16:19:19 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Teeworlds [2011.02.09 16:43:14 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\temp [2010.10.03 20:51:41 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Thunderbird [2011.05.12 09:57:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TS3Client [2010.12.29 22:33:42 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\www.schleinzer.com [2011.07.06 17:00:25 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > |
|
27.07.2011, 22:14
| #9 |
| | Umleitung von Google-Links über 100ksearches Extras.txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.07.2011 20:27:21 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Daniel\Desktop
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,55 Gb Available Physical Memory | 51,78% Memory free
6,00 Gb Paging File | 4,24 Gb Available in Paging File | 70,68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 280,56 Gb Free Space | 60,24% Space Free | Partition Type: NTFS
Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{9D00A8DA-650F-21C6-E787-78756733F15F}" = ATI Catalyst Install Manager
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E5A509B4-D9B1-4FD9-B3EF-EDB216AA8651}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A35B15C-9CCD-4C0C-BD5B-34ABF8C95813}_is1" = ICQ 7.2 Build #3143 Banner Remover 1.1
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.0
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}" = Die Schlacht um Mittelerde™ II
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}" = Das große Tafelwerk interaktiv
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3BA9E7B3-BDC3-48C9-A8CE-2A0982594DF0}" = DGE-528T Ethernet Controller Driver For Windows 7
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3E4B349F-10B5-4586-9D99-489A90A8B228}" = Sid Meier's Civilization 4 - Warlords
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{72263053-50D1-4598-9502-51ED64E54C51}" = Borland Delphi 7
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}" = Epson Copy Utility 3.5
"{AC76BA86-7AD7-1031-7B44-A83000000003}" = Adobe Reader 8.3.0 - Deutsch
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B6C2569C-E2AA-4AB9-8C26-AC2487A2BFFC}" = Sid Meier's Civilization 4
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B931FB80-537A-4600-00AD-AC5DEDB6C25B}" = Aufstieg des Hexenkönigs™
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"{D81641E8-ABF1-3D07-803B-60E8FC619368}" = Microsoft Visual C# 2010 Express - DEU
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0
"Adobe_697a06b96d8bcbe2d77b88e7d5448d0" = Adobe Creative Suite 4 Master Collection
"Aldi Süd Foto Service" = Aldi Süd Foto Service 4.6
"ALDI Süd Online Druck Service" = ALDI Süd Online Druck Service 4.6
"ALDI Sued Fotoservice_is1" = Aldi Sued Fotoservice 2.7
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CloneCD" = CloneCD
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup.divx.com" = DivX-Setup
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download_is1" = Free YouTube Download 2.9
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.35.324
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}" = Call of Duty(R) - World at War(TM)
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"Kasparov Chessmate" = Kasparov Chessmate
"Left 4 Dead" = Left 4 Dead
"LingoPad_is1" = LingoPad 2.6 (Build 360)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Microsoft Visual C# 2010 Express - DEU" = Microsoft Visual C# 2010 Express - DEU
"Minecraft Beta Cracked" = Minecraft Beta Cracked
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"Mozilla Thunderbird (3.1.11)" = Mozilla Thunderbird (3.1.11)
"Mp3tag" = Mp3tag v2.46a
"PunkBusterSvc" = PunkBuster Services
"SBMWW" = Schiffe bauen mit Willy Werkel
"secretmaryo" = Secret Maryo Chronicles
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steamless Portal Pack" = Steamless Portal Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TripleAVersion1_2_5_5" = TripleA Version 1_2_5_5
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.10
"Warcraft III" = Warcraft III
"Warkeys" = Warkeys 1.17.1.0b
"WavePad" = WavePad Audiobearbeitungs-Software
"WinPcapInst" = WinPcap 4.1.2
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"GeoGebra WebStart" = GeoGebra WebStart
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 27.07.2011 10:19:11 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 10:19:11 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 10:19:30 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 11:00:02 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 12:00:00 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 14:20:21 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 14:21:45 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 14:21:45 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 14:21:45 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 27.07.2011 14:22:56 | Computer Name = Daniel-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\system32\conhost.exe".
Die
abhängige Assemblierung "Microsoft.Windows.SystemCompatible,processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 13.12.2010 17:03:59 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 22:03:59 - Fehler beim Herstellen der Internetverbindung. 22:03:59
- Serververbindung konnte nicht hergestellt werden..
Error - 13.12.2010 17:04:06 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 22:04:05 - Fehler beim Herstellen der Internetverbindung. 22:04:05
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2010 12:11:35 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 17:11:35 - Fehler beim Herstellen der Internetverbindung. 17:11:35
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2010 12:11:45 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 17:11:41 - Fehler beim Herstellen der Internetverbindung. 17:11:41
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2010 13:12:02 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 18:12:02 - Fehler beim Herstellen der Internetverbindung. 18:12:02
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2010 13:12:08 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 18:12:07 - Fehler beim Herstellen der Internetverbindung. 18:12:07
- Serververbindung konnte nicht hergestellt werden..
Error - 25.12.2010 04:30:42 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 09:30:42 - Fehler beim Herstellen der Internetverbindung. 09:30:42
- Serververbindung konnte nicht hergestellt werden..
Error - 25.12.2010 04:31:08 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 09:31:02 - Fehler beim Herstellen der Internetverbindung. 09:31:02
- Serververbindung konnte nicht hergestellt werden..
Error - 25.12.2010 14:58:03 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 19:58:03 - Fehler beim Herstellen der Internetverbindung. 19:58:03
- Serververbindung konnte nicht hergestellt werden..
Error - 25.12.2010 14:58:16 | Computer Name = Daniel-PC | Source = MCUpdate | ID = 0
Description = 19:58:11 - Fehler beim Herstellen der Internetverbindung. 19:58:11
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 26.07.2011 14:41:02 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows-Firewallautorisierungstreiber" wurde aufgrund
folgenden Fehlers nicht gestartet: %%183
Error - 26.07.2011 14:41:02 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Windows-Firewallautorisierungstreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%183
Error - 27.07.2011 10:18:47 | Computer Name = Daniel-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 27.07.2011 10:19:10 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows-Firewallautorisierungstreiber" wurde aufgrund
folgenden Fehlers nicht gestartet: %%183
Error - 27.07.2011 10:19:10 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Windows-Firewallautorisierungstreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%183
Error - 27.07.2011 10:19:51 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
Error - 27.07.2011 14:21:18 | Computer Name = Daniel-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 27.07.2011 14:21:44 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows-Firewallautorisierungstreiber" wurde aufgrund
folgenden Fehlers nicht gestartet: %%183
Error - 27.07.2011 14:21:44 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Windows-Firewallautorisierungstreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%183
Error - 27.07.2011 14:22:49 | Computer Name = Daniel-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-2147023143.
< End of report >
Joker |
|
28.07.2011, 06:56
| #10 |
| /// Helfer-Team | Umleitung von Google-Links über 100ksearches 1. TDSSKiller von Kaspersky
2. Adobe Reader aktualisieren : - Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus") Adobe Reader Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..." 3. reinige dein System mit Ccleaner:
4.
5. - "Link:-> ESET Online Scanner >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen. Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung -> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch - folgendes bitte anhaken > "Remove found threads" und "Scan archives" - die Scanergebnis als *.txt Dateien speichern) - meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt" Vor dem Scan Einstellungen im Internet Explorer: - "Extras→ Internetoptionen→ Sicherheit": - alles auf Standardstufe stellen - Active X erlauben - um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen ► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
30.07.2011, 16:27
| #11 |
| | Umleitung von Google-Links über 100ksearches Hallo, zu 1.: TDSSKiller Bericht: Code:
ATTFilter 2011/07/28 17:40:29.0120 2156 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/28 17:40:31.0122 2156 ================================================================================
2011/07/28 17:40:31.0122 2156 SystemInfo:
2011/07/28 17:40:31.0122 2156
2011/07/28 17:40:31.0123 2156 OS Version: 6.1.7600 ServicePack: 0.0
2011/07/28 17:40:31.0123 2156 Product type: Workstation
2011/07/28 17:40:31.0123 2156 ComputerName: DANIEL-PC
2011/07/28 17:40:31.0123 2156 UserName: Daniel
2011/07/28 17:40:31.0123 2156 Windows directory: C:\Windows
2011/07/28 17:40:31.0123 2156 System windows directory: C:\Windows
2011/07/28 17:40:31.0123 2156 Running under WOW64
2011/07/28 17:40:31.0123 2156 Processor architecture: Intel x64
2011/07/28 17:40:31.0123 2156 Number of processors: 2
2011/07/28 17:40:31.0123 2156 Page size: 0x1000
2011/07/28 17:40:31.0123 2156 Boot type: Normal boot
2011/07/28 17:40:31.0123 2156 ================================================================================
2011/07/28 17:40:31.0604 2156 Initialize success
2011/07/28 17:40:49.0113 2352 ================================================================================
2011/07/28 17:40:49.0113 2352 Scan started
2011/07/28 17:40:49.0113 2352 Mode: Manual;
2011/07/28 17:40:49.0113 2352 ================================================================================
2011/07/28 17:40:50.0222 2352 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/07/28 17:40:50.0277 2352 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2011/07/28 17:40:50.0308 2352 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/07/28 17:40:50.0386 2352 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/07/28 17:40:50.0464 2352 ADIHdAudAddService (4bf1961779a58bcb4c0f5db07d428fc6) C:\Windows\system32\drivers\ADIHdAud.sys
2011/07/28 17:40:50.0652 2352 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/28 17:40:50.0722 2352 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/28 17:40:50.0769 2352 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/28 17:40:50.0847 2352 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
2011/07/28 17:40:50.0902 2352 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2011/07/28 17:40:50.0933 2352 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2011/07/28 17:40:50.0964 2352 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/28 17:40:50.0996 2352 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/28 17:40:51.0042 2352 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
2011/07/28 17:40:51.0066 2352 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/28 17:40:51.0097 2352 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
2011/07/28 17:40:51.0167 2352 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2011/07/28 17:40:51.0222 2352 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/28 17:40:51.0253 2352 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/28 17:40:51.0339 2352 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/28 17:40:51.0371 2352 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2011/07/28 17:40:51.0722 2352 atikmdag (aeae4abe6419923c037a0b2a157e1fc6) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/07/28 17:40:51.0865 2352 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/07/28 17:40:51.0904 2352 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
2011/07/28 17:40:51.0974 2352 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/28 17:40:52.0021 2352 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/28 17:40:52.0068 2352 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/28 17:40:52.0123 2352 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/28 17:40:52.0169 2352 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/28 17:40:52.0208 2352 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/28 17:40:52.0232 2352 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/28 17:40:52.0279 2352 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/28 17:40:52.0310 2352 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/28 17:40:52.0333 2352 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/28 17:40:52.0349 2352 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/28 17:40:52.0388 2352 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/28 17:40:52.0419 2352 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/28 17:40:52.0451 2352 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2011/07/28 17:40:52.0490 2352 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/28 17:40:52.0529 2352 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/28 17:40:52.0607 2352 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/28 17:40:52.0623 2352 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2011/07/28 17:40:52.0669 2352 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2011/07/28 17:40:52.0701 2352 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/28 17:40:52.0732 2352 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/07/28 17:40:52.0771 2352 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/28 17:40:52.0849 2352 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
2011/07/28 17:40:52.0935 2352 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
2011/07/28 17:40:52.0974 2352 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/28 17:40:53.0021 2352 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/28 17:40:53.0083 2352 DLKRT64 (09fd35972834a0fb12f387eec72acef9) C:\Windows\system32\DRIVERS\DLKRT64.sys
2011/07/28 17:40:53.0146 2352 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/28 17:40:53.0201 2352 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/28 17:40:53.0318 2352 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/28 17:40:53.0443 2352 ElbyCDFL (8d18a680bdab2aca00506fe6f8aef81a) C:\Windows\system32\Drivers\ElbyCDFL.sys
2011/07/28 17:40:53.0466 2352 ElbyCDIO (ea2ff60fcce3b9ffe0bd77658b88512d) C:\Windows\system32\Drivers\ElbyCDIO.sys
2011/07/28 17:40:53.0521 2352 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/28 17:40:53.0544 2352 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2011/07/28 17:40:53.0599 2352 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/28 17:40:53.0638 2352 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/28 17:40:53.0685 2352 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/28 17:40:53.0748 2352 FETNDIS (ecce54654a19f6cc5e526696680c1827) C:\Windows\system32\DRIVERS\fet6x64.sys
2011/07/28 17:40:53.0787 2352 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/28 17:40:53.0818 2352 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/28 17:40:53.0927 2352 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/28 17:40:53.0966 2352 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2011/07/28 17:40:54.0005 2352 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/28 17:40:54.0037 2352 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/28 17:40:54.0083 2352 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/28 17:40:54.0130 2352 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/28 17:40:54.0193 2352 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
2011/07/28 17:40:54.0263 2352 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/28 17:40:54.0326 2352 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2011/07/28 17:40:54.0365 2352 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/07/28 17:40:54.0388 2352 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/28 17:40:54.0427 2352 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/28 17:40:54.0451 2352 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/28 17:40:54.0505 2352 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2011/07/28 17:40:54.0552 2352 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/07/28 17:40:54.0599 2352 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2011/07/28 17:40:54.0638 2352 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/28 17:40:54.0669 2352 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/07/28 17:40:54.0716 2352 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
2011/07/28 17:40:54.0763 2352 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/28 17:40:54.0802 2352 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2011/07/28 17:40:54.0841 2352 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/28 17:40:54.0873 2352 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/28 17:40:54.0912 2352 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/07/28 17:40:54.0943 2352 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/28 17:40:54.0974 2352 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/28 17:40:54.0990 2352 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2011/07/28 17:40:55.0029 2352 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/07/28 17:40:55.0068 2352 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/07/28 17:40:55.0099 2352 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/07/28 17:40:55.0138 2352 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/28 17:40:55.0177 2352 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/28 17:40:55.0216 2352 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/28 17:40:55.0279 2352 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/28 17:40:55.0341 2352 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/28 17:40:55.0365 2352 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/28 17:40:55.0388 2352 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/28 17:40:55.0427 2352 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/28 17:40:55.0466 2352 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/28 17:40:55.0513 2352 MBAMProtector (9c4fb231b6e02f84580de2f00f3c5293) C:\Windows\system32\drivers\mbam.sys
2011/07/28 17:40:55.0544 2352 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/28 17:40:55.0591 2352 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/28 17:40:55.0630 2352 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/28 17:40:55.0677 2352 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/28 17:40:55.0716 2352 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2011/07/28 17:40:55.0748 2352 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/28 17:40:55.0787 2352 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2011/07/28 17:40:55.0826 2352 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2011/07/28 17:40:55.0857 2352 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/28 17:40:55.0896 2352 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2011/07/28 17:40:55.0982 2352 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/28 17:40:56.0037 2352 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/28 17:40:56.0076 2352 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/28 17:40:56.0115 2352 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2011/07/28 17:40:56.0130 2352 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2011/07/28 17:40:56.0193 2352 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/28 17:40:56.0224 2352 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/28 17:40:56.0240 2352 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/07/28 17:40:56.0294 2352 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/28 17:40:56.0326 2352 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/28 17:40:56.0349 2352 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/28 17:40:56.0388 2352 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2011/07/28 17:40:56.0435 2352 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/07/28 17:40:56.0458 2352 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/28 17:40:56.0490 2352 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/28 17:40:56.0544 2352 MTsensor (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/07/28 17:40:56.0560 2352 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/28 17:40:56.0623 2352 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/28 17:40:56.0677 2352 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2011/07/28 17:40:56.0724 2352 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/28 17:40:56.0763 2352 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/28 17:40:56.0787 2352 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/28 17:40:56.0818 2352 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/28 17:40:56.0841 2352 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2011/07/28 17:40:56.0865 2352 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/28 17:40:56.0905 2352 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/28 17:40:57.0061 2352 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/28 17:40:57.0131 2352 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
2011/07/28 17:40:57.0155 2352 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/28 17:40:57.0194 2352 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/28 17:40:57.0272 2352 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
2011/07/28 17:40:57.0319 2352 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/28 17:40:57.0374 2352 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
2011/07/28 17:40:57.0413 2352 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
2011/07/28 17:40:57.0452 2352 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/07/28 17:40:57.0491 2352 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/07/28 17:40:57.0553 2352 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/28 17:40:57.0584 2352 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2011/07/28 17:40:57.0631 2352 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2011/07/28 17:40:57.0663 2352 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
2011/07/28 17:40:57.0694 2352 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/28 17:40:57.0725 2352 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/28 17:40:57.0764 2352 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/28 17:40:57.0913 2352 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/28 17:40:57.0944 2352 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/28 17:40:57.0983 2352 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/28 17:40:58.0069 2352 PxHlpa64 (901dba98359966a62a6548596988e931) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/07/28 17:40:58.0131 2352 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/28 17:40:58.0170 2352 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/28 17:40:58.0209 2352 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/28 17:40:58.0233 2352 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/28 17:40:58.0280 2352 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/28 17:40:58.0319 2352 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/28 17:40:58.0350 2352 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/28 17:40:58.0374 2352 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/28 17:40:58.0413 2352 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/28 17:40:58.0444 2352 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/28 17:40:58.0467 2352 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/28 17:40:58.0522 2352 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
2011/07/28 17:40:58.0584 2352 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/28 17:40:58.0631 2352 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/28 17:40:58.0670 2352 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2011/07/28 17:40:58.0694 2352 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2011/07/28 17:40:58.0772 2352 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/28 17:40:58.0819 2352 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys
2011/07/28 17:40:58.0874 2352 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/07/28 17:40:58.0913 2352 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/07/28 17:40:58.0944 2352 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/28 17:40:58.0983 2352 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/28 17:40:59.0038 2352 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/28 17:40:59.0061 2352 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/28 17:40:59.0092 2352 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/28 17:40:59.0163 2352 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/07/28 17:40:59.0186 2352 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/28 17:40:59.0209 2352 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/28 17:40:59.0233 2352 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/28 17:40:59.0280 2352 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/28 17:40:59.0303 2352 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/28 17:40:59.0350 2352 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/28 17:40:59.0397 2352 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/28 17:40:59.0499 2352 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2011/07/28 17:40:59.0499 2352 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2011/07/28 17:40:59.0506 2352 sptd - detected LockedFile.Multi.Generic (1)
2011/07/28 17:40:59.0569 2352 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
2011/07/28 17:40:59.0608 2352 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/28 17:40:59.0647 2352 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/28 17:40:59.0702 2352 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/28 17:40:59.0756 2352 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/07/28 17:40:59.0795 2352 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
2011/07/28 17:40:59.0819 2352 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2011/07/28 17:40:59.0936 2352 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys
2011/07/28 17:41:00.0022 2352 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/28 17:41:00.0061 2352 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/28 17:41:00.0106 2352 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/28 17:41:00.0128 2352 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/28 17:41:00.0175 2352 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/28 17:41:00.0207 2352 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2011/07/28 17:41:00.0287 2352 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/28 17:41:00.0329 2352 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/28 17:41:00.0360 2352 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/28 17:41:00.0391 2352 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/28 17:41:00.0446 2352 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/07/28 17:41:00.0477 2352 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2011/07/28 17:41:00.0500 2352 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/28 17:41:00.0555 2352 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/07/28 17:41:00.0594 2352 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2011/07/28 17:41:00.0633 2352 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys
2011/07/28 17:41:00.0688 2352 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
2011/07/28 17:41:00.0727 2352 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
2011/07/28 17:41:00.0774 2352 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/28 17:41:00.0821 2352 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS
2011/07/28 17:41:00.0852 2352 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/07/28 17:41:00.0883 2352 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/07/28 17:41:00.0922 2352 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/28 17:41:00.0961 2352 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/28 17:41:01.0000 2352 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/07/28 17:41:01.0032 2352 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2011/07/28 17:41:01.0063 2352 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
2011/07/28 17:41:01.0094 2352 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/07/28 17:41:01.0125 2352 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/07/28 17:41:01.0157 2352 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2011/07/28 17:41:01.0204 2352 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2011/07/28 17:41:01.0290 2352 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/07/28 17:41:01.0360 2352 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys
2011/07/28 17:41:01.0407 2352 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/07/28 17:41:01.0461 2352 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\Windows\system32\drivers\vpcvmm.sys
2011/07/28 17:41:01.0508 2352 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/28 17:41:01.0555 2352 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
2011/07/28 17:41:01.0586 2352 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/28 17:41:01.0633 2352 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/28 17:41:01.0649 2352 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/28 17:41:01.0704 2352 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/28 17:41:01.0743 2352 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/28 17:41:01.0844 2352 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/28 17:41:01.0875 2352 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/28 17:41:02.0000 2352 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/07/28 17:41:02.0032 2352 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/07/28 17:41:02.0102 2352 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/28 17:41:02.0157 2352 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2011/07/28 17:41:02.0204 2352 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/28 17:41:02.0826 2352 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/07/28 17:41:02.0841 2352 Boot (0x1200) (342c450295306b4561b14377ce73823b) \Device\Harddisk0\DR0\Partition0
2011/07/28 17:41:02.0857 2352 ================================================================================
2011/07/28 17:41:02.0857 2352 Scan finished
2011/07/28 17:41:02.0857 2352 ================================================================================
2011/07/28 17:41:02.0873 4264 Detected object count: 1
2011/07/28 17:41:02.0873 4264 Actual detected object count: 1
2011/07/28 17:41:45.0818 4264 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/07/28 17:41:45.0880 4264 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/07/28 17:41:45.0888 4264 C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot
2011/07/28 17:41:45.0888 4264 LockedFile.Multi.Generic(sptd) - User select action: Delete
2011/07/28 17:42:22.0100 0892 Deinitialize success
zu 2. erledigt zu 3. erledigt zu4. SuperAntiSpyware Bericht: Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 07/30/2011 at 03:32 PM
Application Version : 4.56.1000
Core Rules Database Version : 7490
Trace Rules Database Version: 5302
Scan type : Complete Scan
Total Scan Time : 01:23:06
Memory items scanned : 731
Memory threats detected : 0
Registry items scanned : 14349
Registry threats detected : 0
File items scanned : 46419
File threats detected : 28
Adware.Tracking Cookie
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@adbrite[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad.360yield[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@07.usclickmaster[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@media6degrees[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ru4[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@mediabrandsww[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@yieldmanager[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@invitemedia[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ads.creative-serving[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad3.adfarm1.adition[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@adxpose[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@adfarm1.adition[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@media6degrees[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad.yieldmanager[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad.zanox[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ads.creative-serving[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@eas.apm.emediate[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@webmasterplan[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad4.adfarm1.adition[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@serving-sys[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@invitemedia[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad1.adfarm1.adition[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@imrworldwide[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@c.gigcount[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@revsci[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@www.etracker[1].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@ad2.adfarm1.adition[2].txt
C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Cookies\daniel@tracking.quisma[2].txt
Schritt 5 muss ich noch machen aber die Link-Umleitung ist nach Schritt 4 verschwunden. Schon mal vieeelen Dank dafür. Gruß Joker |
|
30.07.2011, 18:53
| #12 |
| | Umleitung von Google-Links über 100ksearches Tja, zu früh gefreut, die Link-Umleitung kommt doch noch, nur nich mehr jedes mal. Der Online-Scan von Eset läuft grad, allerdings musste ich auf deren deutsche Seite gehen, da ich auf den Server vom gepostete Link (eset.at) nicht zugreifen kann. (Zeitüberschreitung) |
|
30.07.2011, 23:42
| #13 |
| /// Helfer-Team | Umleitung von Google-Links über 100ksearches 1. Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKCU..\Run: [AdobeBridge] File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
[2011.07.14 18:36:01 | 000,000,982 | ---- | M] () -- C:\Users\Daniel\Desktop\Start Minecraft Beta Cracked.lnk
[2011.07.17 19:43:23 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\.minecraft
:Commands
[purity]
[emptytemp]
2. erneut einen Scan mit OTL:
** das Protokoll von Eset bitte noch posten!
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! |
|
01.08.2011, 11:13
| #14 |
| | Umleitung von Google-Links über 100ksearches Hallo, hier der Eset-Bericht: (ich hatte den ersten Scan abgebrochen und einen 2. von eset.at durchgeführt) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=215e8a1abfdbe442afe3bf70f67b8e19
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-07-30 08:33:56
# local_time=2011-07-30 10:33:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 100 711266 86941663 433713 0
# compatibility_mode=5893 16776573 100 94 103865 64450770 0 0
# compatibility_mode=8192 67108863 100 0 295 295 0 0
# scanned=249257
# found=0
# cleaned=0
# scan_time=12937
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=215e8a1abfdbe442afe3bf70f67b8e19
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-31 06:46:14
# local_time=2011-07-31 08:46:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 100 785644 87016041 508091 0
# compatibility_mode=5893 16776573 100 94 178243 64525148 0 0
# compatibility_mode=8192 67108863 100 0 74673 74673 0 0
# scanned=449704
# found=1
# cleaned=1
# scan_time=18497
C:\Windows\system64\consrv.dll Win64/Agent.AC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert) 00000000000000000000000000000000 C
Zum Fixen mit OTL: - Fix durchgeführt wie beschrieben - neugestartet und dann nach dem Neustart noch vor der Anmeldung kam eine Meldung, dass eine Systemwiederherstellung durchgeführt werden muss. Danach kam noch mal ein Neustart und dann kam ich erst wieder auf den Desktop. Ein Textdokument habe ich auf dem Desktop nicht gefunden und inwieweit der Fix durchgeführt worden ist weiß ich nicht. Allerdings fehl von Minecraft jetzt folgende Datei: "C:\User\xxxx\AppData\Roaming\.minecraft\bin\minecraft.jar" Der restliche Minecraft Order exestier noch. Geändert von Joker807 (01.08.2011 um 11:39 Uhr) |
|
01.08.2011, 11:19
| #15 |
| | Umleitung von Google-Links über 100ksearches Zum Scan mit OTL: Ich hab aus versehen erst den Scan ohne folgende Punkte durchgeführt: - Unter Extra-Registrierung wähle bitte Benutze SafeList. - Mache Häckchen bei LOP- und Purity-Prüfung. Hier trotzdem der Bericht: OTL Logfile: Code:
ATTFilter OTL logfile created on: 31.07.2011 21:27:51 - Run 3 OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Daniel\Desktop 64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,41 Gb Available Physical Memory | 47,07% Memory free 6,00 Gb Paging File | 4,09 Gb Available in Paging File | 68,18% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 465,76 Gb Total Space | 277,12 Gb Free Space | 59,50% Space Free | Partition Type: NTFS Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe PRC - [2011.07.06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011.06.29 10:46:19 | 000,124,216 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe PRC - [2011.06.28 17:16:27 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.06.26 13:57:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2011.06.09 16:32:21 | 008,211,200 | ---- | M] (TeamSpeak Systems GmbH) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.25 22:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe PRC - [2011.04.29 17:50:08 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2010.11.07 21:40:54 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.10.20 22:30:39 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2008.08.15 05:46:20 | 000,378,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe PRC - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe PRC - [2006.12.22 08:29:56 | 000,067,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe ========== Modules (SafeList) ========== MOD - [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.05.22 14:20:15 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2010.02.11 07:29:30 | 000,952,320 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility) SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.07.15 17:41:21 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011.06.28 17:16:27 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.05.22 14:17:42 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011.04.29 17:50:08 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.10.20 22:30:39 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.08.15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4) SRV - [2006.12.22 08:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.06.28 17:16:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.06.28 17:16:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF) DRV:64bit: - [2010.02.11 09:42:54 | 005,352,960 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2009.09.23 03:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr) DRV:64bit: - [2009.09.23 03:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm) DRV:64bit: - [2009.09.23 03:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb) DRV:64bit: - [2009.09.23 03:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus) DRV:64bit: - [2009.08.06 22:39:28 | 000,215,040 | ---- | M] (D-Link corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DLKRT64.sys -- (DLKRT64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 22:35:58 | 000,047,872 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fet6x64.sys -- (FETNDIS) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2008.02.06 03:00:00 | 000,054,480 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2007.01.16 13:51:32 | 000,413,184 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService) DRV:64bit: - [2006.12.26 14:54:37 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ElbyCDFL.sys -- (ElbyCDFL) DRV:64bit: - [2006.12.26 14:54:33 | 000,013,520 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2006.11.01 15:23:42 | 000,015,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2006.12.26 14:54:37 | 000,040,648 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys -- (ElbyCDFL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 12 2F 88 FF 5B CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.param.yahoo-fr: "" FF - prefs.js..browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.06.11 19:57:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.06.11 19:57:51 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.26 13:57:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.28 19:26:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.06.26 15:31:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.07.28 19:26:02 | 000,000,000 | ---D | M] [2010.10.03 20:51:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions [2010.10.03 20:51:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2011.07.27 20:13:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\8jsqjv9n.default\extensions [2011.07.29 14:20:16 | 000,000,950 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\icqplugin-1.xml [2010.06.21 17:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\8jsqjv9n.default\searchplugins\icqplugin.xml [2011.07.27 20:17:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.07.17 21:46:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} File not found (No name found) -- () (No name found) -- C:\USERS\DANIEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8JSQJV9N.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.06.26 13:57:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.07.17 21:46:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml O1 HOSTS File: ([2011.07.23 20:59:13 | 000,436,328 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 im.adtech.de O1 - Hosts: 127.0.0.1 adserver.adtech.de O1 - Hosts: 127.0.0.1 adtech.de O1 - Hosts: 127.0.0.1 atwola.com O1 - Hosts: 127.0.0.1 adserver.71i.de O1 - Hosts: 127.0.0.1 adicqserver.71i.de O1 - Hosts: 127.0.0.1 71i.de O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 15016 more lines... O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS4/contributeieplugin.dll () O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found. O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CloneCDTray] C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daniel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\E\Shell - "" = AutoRun O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.07.30 14:05:37 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\SUPERAntiSpyware.com [2011.07.30 14:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2011.07.30 14:05:23 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2011.07.28 18:53:44 | 000,000,000 | ---D | C] -- C:\Users\Daniel\riotsGamesLogs [2011.07.28 17:34:59 | 001,436,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Daniel\Desktop\TDSSKiller.exe [2011.07.27 20:17:52 | 000,000,000 | ---D | C] -- C:\_OTL [2011.07.27 16:47:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.07.26 17:15:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.07.26 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.07.25 19:56:41 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2011.07.25 19:43:07 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Trojaner Board [2011.07.25 18:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.07.24 11:27:12 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.07.23 22:02:51 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Malwarebytes [2011.07.23 22:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.07.23 22:02:13 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.23 22:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.07.23 22:02:07 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.07.23 22:02:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware fail [2011.07.23 20:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011.07.23 20:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011.07.22 14:21:16 | 000,000,000 | ---D | C] -- C:\Windows\system64 [2011.07.22 13:52:34 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Easeware [2011.07.22 13:42:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2011.07.19 22:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.07.19 22:02:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\My Drivers [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Innovative Solutions [2011.07.19 21:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions [2011.07.19 21:31:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\DriverGenius [2011.07.19 21:30:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius Professional Edition [2011.07.19 21:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver-Soft [2011.07.19 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.07.19 20:48:14 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011.07.19 20:48:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.07.17 21:46:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.07.17 21:46:15 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.17 21:46:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.17 21:46:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.17 16:14:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Minecraft [2011.07.14 18:36:01 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Beta Cracked [2011.07.13 16:33:16 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2011.07.13 16:33:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 16:33:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2011.07.13 16:33:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2011.07.13 16:33:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2011.07.13 16:33:11 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2011.07.13 16:33:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2011.07.13 16:33:11 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 16:33:11 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 16:33:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2011.07.13 16:33:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 16:33:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2011.07.13 16:33:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2011.07.13 16:32:59 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2011.07.13 16:32:59 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2011.07.13 16:32:59 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2011.07.13 16:32:59 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2011.07.13 16:32:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2011.07.13 16:32:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2011.07.13 16:32:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2011.07.13 16:32:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2011.07.13 16:32:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2011.07.13 16:32:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2011.07.13 16:32:57 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2011.07.13 16:32:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2011.07.09 22:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2011.07.09 22:20:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\vlc [2011.07.03 10:07:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2011.07.01 23:34:32 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Roaming\.minecraft [2011.07.01 23:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Minecraft [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.07.31 21:31:43 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.07.31 21:31:43 | 000,015,504 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.07.31 21:22:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.07.31 21:22:33 | 2414,731,264 | -HS- | M] () -- C:\hiberfil.sys [2011.07.28 19:26:02 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.07.26 17:16:02 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.26 16:50:48 | 000,002,097 | ---- | M] () -- C:\Users\Daniel\Desktop\hjtscanlist.zip [2011.07.25 19:43:40 | 000,025,071 | ---- | M] () -- C:\Users\Daniel\Desktop\Malwarebytes - Fehler.jpg [2011.07.25 18:57:28 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.24 12:08:51 | 000,031,705 | ---- | M] () -- C:\Users\Daniel\Desktop\Anhang Joker.zip [2011.07.24 11:27:17 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe [2011.07.24 11:17:49 | 000,050,477 | ---- | M] () -- C:\Users\Daniel\Desktop\Defogger.exe [2011.07.23 21:54:21 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.07.23 21:54:21 | 000,698,726 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.07.23 21:54:21 | 000,652,708 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.07.23 21:54:21 | 000,148,782 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.07.23 21:54:21 | 000,121,640 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.07.23 20:59:13 | 000,436,328 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011.07.22 13:42:24 | 000,092,458 | ---- | M] () -- C:\Users\Daniel\Desktop\veraltete Treiber.jpg [2011.07.19 21:30:01 | 000,001,111 | ---- | M] () -- C:\Users\Daniel\Desktop\Driver Genius Professional Edition.lnk [2011.07.19 21:10:41 | 000,000,674 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2011.07.19 20:20:48 | 000,001,640 | ---- | M] () -- C:\Users\Daniel\Desktop\Gerätemanager.lnk [2011.07.17 21:45:59 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2011.07.17 21:45:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2011.07.17 21:45:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2011.07.17 21:45:58 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2011.07.14 18:36:01 | 000,000,982 | ---- | M] () -- C:\Users\Daniel\Desktop\Start Minecraft Beta Cracked.lnk [2011.07.14 16:11:40 | 003,022,816 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.07.13 19:33:54 | 286,490,907 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.07.11 16:58:52 | 001,436,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Daniel\Desktop\TDSSKiller.exe [2011.07.09 22:24:25 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.07.28 19:26:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.07.28 19:26:02 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2011.07.26 17:15:51 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.07.26 17:11:14 | 000,030,259 | ---- | C] () -- C:\Users\Daniel\Desktop\hjtscanlist.bat [2011.07.26 16:50:43 | 000,002,097 | ---- | C] () -- C:\Users\Daniel\Desktop\hjtscanlist.zip [2011.07.25 19:43:40 | 000,025,071 | ---- | C] () -- C:\Users\Daniel\Desktop\Malwarebytes - Fehler.jpg [2011.07.24 12:12:14 | 000,031,705 | ---- | C] () -- C:\Users\Daniel\Desktop\Anhang Joker.zip [2011.07.24 11:17:46 | 000,050,477 | ---- | C] () -- C:\Users\Daniel\Desktop\Defogger.exe [2011.07.24 10:57:12 | 000,001,405 | ---- | C] () -- C:\Users\Daniel\Desktop\Internet Explorer.lnk [2011.07.23 22:02:14 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.07.22 13:40:17 | 000,092,458 | ---- | C] () -- C:\Users\Daniel\Desktop\veraltete Treiber.jpg [2011.07.19 21:30:01 | 000,001,111 | ---- | C] () -- C:\Users\Daniel\Desktop\Driver Genius Professional Edition.lnk [2011.07.19 21:10:15 | 000,000,674 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2011.07.19 20:20:32 | 000,001,640 | ---- | C] () -- C:\Users\Daniel\Desktop\Gerätemanager.lnk [2011.07.14 18:36:01 | 000,000,982 | ---- | C] () -- C:\Users\Daniel\Desktop\Start Minecraft Beta Cracked.lnk [2011.07.09 22:24:25 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2011.05.25 16:56:17 | 001,578,968 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.04.22 19:01:15 | 000,140,200 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011.04.07 17:00:45 | 000,007,607 | ---- | C] () -- C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg [2010.11.21 10:31:15 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2010.11.07 23:06:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\mupkernps11.dll [2010.11.01 15:00:47 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI [2010.11.01 14:58:35 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2010.10.20 22:30:39 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2010.09.24 17:49:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.08.16 17:41:25 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.08.06 20:08:53 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.08.06 20:08:48 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.07.17 23:29:29 | 000,468,128 | ---- | C] () -- C:\Users\Daniel\AppData\Roaming\mdbu.bin [2010.07.04 01:23:02 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini [2010.06.25 19:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2006.01.03 06:05:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2002.08.09 16:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\WSIHK32.DLL [2002.08.09 16:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\WSIWIN32.DLL ========== Alternate Data Streams ========== @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:05EE1EEF < End of report > |
|
| Themen zu Umleitung von Google-Links über 100ksearches |
| adresszeile, anzeige, aufrufe, beliebige, dateien, explorer, fenster, firefox, folge, folgendes, google, guten, interne, internet, internet explorer, klicke, problem, recht, schnell, suche, umgeleitet, umleitung, website, wechsel, werbeseite, zahlen, zip-datei |
.
Linear-Darstellung
