| |
| |||||||
Log-Analyse und Auswertung: Internet plötzlich sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
18.09.2011, 13:13
| #1 |
| |  Internet plötzlich sehr langsam Hallo, seit ein paar Tagen ist mein Internet sehr langsam. Der Seitenaufbau dauert manchmal mehrere Minuten. Aber es gibt auch kurze Momente in denen alles normal läuft, beim nächsten Link kann es dann aber schon wieder sein, dass ich ewig warten muss. Downloads und Uploads funktionieren ganz normal mit hoher Geschwindigkeit. Auch Speedtests liefern gute Werte (23k Download / 1k Upload bei 25k/1k Leitung). Nur das surfen über sämtliche Browser geht nur sehr schleppend. Würde mich über Hilfe freuen. Hier nun meine Logfiles: Code:
ATTFilter OTL logfile created on: 18.09.2011 13:36:49 - Run 1 OTL by OldTimer - Version 3.2.29.0 Folder = C:\Users\Armin\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 6,04 Gb Available Physical Memory | 75,72% Memory free 15,96 Gb Paging File | 13,75 Gb Available in Paging File | 86,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 798,56 Gb Free Space | 85,74% Space Free | Partition Type: NTFS Drive D: | 1,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive E: | 781,25 Gb Total Space | 582,42 Gb Free Space | 74,55% Space Free | Partition Type: NTFS Drive F: | 1,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: ARMIN-PC | User Name: Armin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.09.18 13:35:38 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Armin\Desktop\OTL.exe PRC - [2011.09.10 17:13:52 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe PRC - [2011.09.09 13:37:23 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe PRC - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2011.09.10 18:25:01 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll MOD - [2011.09.10 17:13:52 | 003,077,528 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.07.28 23:35:34 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.08.04 14:34:48 | 002,329,480 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2011.07.21 12:08:02 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.09.09 13:58:41 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.07.29 00:23:16 | 009,980,416 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.07.28 22:54:10 | 000,309,248 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.07.21 12:11:10 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.07.21 12:11:09 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.06.07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2011.04.21 20:17:04 | 000,471,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.23 15:41:28 | 000,036,448 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64) DRV:64bit: - [2011.02.24 10:30:50 | 000,389,608 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci) DRV:64bit: - [2011.02.24 10:30:50 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV - [2011.02.25 22:17:06 | 000,031,824 | ---- | M] (Atola) [Kernel | On_Demand | Stopped] -- C:\Programme\A-FF Find and Mount\slicedisk-x64.sys -- (SliceDisk5) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7B 9B 1E 91 E1 6E CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Armin\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Armin\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.09 13:23:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.15 13:41:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 13:42:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.09.09 13:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Armin\AppData\Roaming\mozilla\Extensions [2011.09.10 22:18:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Armin\AppData\Roaming\mozilla\Firefox\Profiles\ufxly4di.default\extensions [2011.09.10 22:18:04 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Armin\AppData\Roaming\mozilla\Firefox\Profiles\ufxly4di.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2011.09.10 21:04:56 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Armin\AppData\Roaming\mozilla\Firefox\Profiles\ufxly4di.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.09.09 18:17:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.09.09 18:17:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} [2011.09.03 08:18:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.09.03 02:19:44 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.09.03 02:13:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.09.03 02:19:44 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.09.03 02:19:44 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.09.03 02:19:44 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.09.03 02:19:44 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome - Experimental ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup File not found O4 - HKCU..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Armin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Armin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31B4796E-1C29-49D2-8090-54267235A205}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004.10.05 15:11:12 | 003,871,580 | R--- | M] (Macromedia, Inc.) - D:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2005.01.06 20:08:48 | 000,000,144 | RH-- | M] () - D:\autorun.inf -- [ UDF ] O32 - AutoRun File - [2002.07.15 13:41:18 | 000,024,576 | RH-- | M] () - D:\AutoRunMorrowind.exe -- [ UDF ] O32 - AutoRun File - [2011.05.26 20:51:19 | 000,000,067 | R--- | M] () - F:\autorun.inf -- [ UDF ] O33 - MountPoints2\{734f03f4-db00-11e0-870b-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{734f03f4-db00-11e0-870b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Autorun.exe -- [2004.10.05 15:11:12 | 003,871,580 | R--- | M] (Macromedia, Inc.) O33 - MountPoints2\{734f03f4-db00-11e0-870b-806e6f6e6963}\Shell\install\command - "" = D:\Setup.exe -- [2001.09.05 05:23:24 | 000,056,320 | RH-- | M] (InstallShield Software Corporation) O33 - MountPoints2\{b181f234-dad4-11e0-a638-f46d04739e60}\Shell - "" = AutoRun O33 - MountPoints2\{b181f234-dad4-11e0-a638-f46d04739e60}\Shell\AutoRun\command - "" = F:\setup.exe -- [2011.05.26 20:50:19 | 000,401,720 | R--- | M] (Acresso Software Inc.) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.09.18 13:35:38 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Users\Armin\Desktop\OTL.exe [2011.09.16 13:42:06 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\GCI Demo [2011.09.16 13:41:43 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GCI Demo [2011.09.16 13:41:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GCI Demo [2011.09.16 13:41:43 | 000,000,000 | ---D | C] -- C:\Program Files\GCI Demo [2011.09.15 21:45:00 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\Dust [2011.09.15 21:44:56 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Ubisoft Game Launcher [2011.09.15 21:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011.09.15 19:38:48 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\Dungeons and Dragons Online [2011.09.15 19:17:30 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Turbine [2011.09.15 19:11:45 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\ApplicationHistory [2011.09.15 19:10:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP [2011.09.13 12:21:58 | 000,000,000 | ---D | C] -- C:\Users\Armin\riotsGamesLogs [2011.09.11 20:17:51 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\LolClient [2011.09.11 17:12:21 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\TS3Client [2011.09.11 17:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2011.09.11 17:11:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client [2011.09.11 11:49:58 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\LogMeIn Hamachi [2011.09.11 11:49:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2011.09.11 11:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2011.09.11 11:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.09.11 00:32:47 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Avira [2011.09.11 00:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.09.11 00:32:08 | 000,123,784 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.09.11 00:32:08 | 000,088,288 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.09.11 00:32:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.09.11 00:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.09.10 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\gtk-2.0 [2011.09.10 22:20:30 | 000,000,000 | ---D | C] -- C:\Users\Armin\.thumbnails [2011.09.10 22:19:28 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\gegl-0.0 [2011.09.10 22:19:28 | 000,000,000 | ---D | C] -- C:\Users\Armin\.gimp-2.6 [2011.09.10 22:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP [2011.09.10 22:19:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIMP-2.0 [2011.09.10 22:18:36 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\FireShot [2011.09.10 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\DVDVideoSoft [2011.09.10 21:04:55 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\DVDVideoSoftIEHelpers [2011.09.10 21:04:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2011.09.10 21:04:52 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\DVDVideoSoft [2011.09.10 21:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2011.09.10 21:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2011.09.10 20:42:30 | 000,000,000 | ---D | C] -- C:\Log [2011.09.10 20:42:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2011.09.10 20:42:20 | 001,207,808 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\PhoenixDll.dll [2011.09.10 20:42:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Phoenix Windows Data Recovery-Home [2011.09.10 20:42:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery [2011.09.10 20:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Find and Mount [2011.09.10 20:19:16 | 000,000,000 | ---D | C] -- C:\Program Files\A-FF Find and Mount [2011.09.10 18:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.09.10 18:27:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2011.09.10 18:27:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011.09.10 18:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.09.10 18:26:37 | 000,000,000 | ---D | C] -- C:\ATI [2011.09.10 18:12:19 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Skype [2011.09.10 18:12:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.09.10 18:12:10 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.09.10 18:12:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.09.10 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.09.10 17:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games [2011.09.10 17:13:56 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\PMB Files [2011.09.10 17:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.09.10 17:13:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2011.09.10 12:13:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Convar [2011.09.10 11:49:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2011.09.10 11:48:34 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Oblivion [2011.09.10 11:48:34 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\My Games [2011.09.09 23:31:56 | 000,000,000 | ---D | C] -- C:\ProgramData\media center programs [2011.09.09 23:31:55 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Funcom [2011.09.09 20:48:10 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\Witcher 2 [2011.09.09 20:48:10 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\The Witcher 2 [2011.09.09 20:46:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 [2011.09.09 20:06:03 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\TechSmith [2011.09.09 20:05:04 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\Camtasia Studio [2011.09.09 20:04:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime [2011.09.09 20:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7 [2011.09.09 20:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.09.09 20:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2011.09.09 20:04:52 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2011.09.09 20:04:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2011.09.09 19:25:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.09.09 18:38:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.09.09 18:26:54 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.09.09 18:26:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011.09.09 18:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.09.09 18:17:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.09.09 18:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.09.09 16:17:29 | 000,040,445 | ---- | C] (Beepa Pty Ltd) -- C:\Program Files (x86)\uninstall.exe [2011.09.09 16:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HELP [2011.09.09 16:17:29 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2011.09.09 15:47:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2011.09.09 15:33:57 | 000,000,000 | RH-D | C] -- C:\Users\Armin\AppData\Roaming\SecuROM [2011.09.09 15:14:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2011.09.09 14:45:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2011.09.09 14:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [2011.09.09 14:41:37 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\WinRAR [2011.09.09 14:41:37 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.09.09 14:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.09.09 14:41:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2011.09.09 14:23:41 | 000,000,000 | ---D | C] -- C:\Users\Armin\Documents\Rockstar Games [2011.09.09 14:19:31 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Rockstar Games [2011.09.09 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.09.09 14:18:24 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.09.09 14:15:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2011.09.09 14:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2011.09.09 14:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2011.09.09 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raptr [2011.09.09 13:58:51 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Raptr [2011.09.09 13:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr [2011.09.09 13:58:41 | 000,270,912 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.09.09 13:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.09.09 13:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2011.09.09 13:57:50 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\DAEMON Tools Lite [2011.09.09 13:57:48 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011.09.09 13:53:23 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\.minecraft [2011.09.09 13:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.09.09 13:50:01 | 000,000,000 | ---D | C] -- C:\Spiele [2011.09.09 13:42:11 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Thunderbird [2011.09.09 13:42:11 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Thunderbird [2011.09.09 13:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2011.09.09 13:38:56 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.09.09 13:38:41 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Google [2011.09.09 13:37:24 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Opera [2011.09.09 13:37:24 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Opera [2011.09.09 13:37:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2011.09.09 13:36:59 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Macromedia [2011.09.09 13:36:59 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Adobe [2011.09.09 13:36:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.09.09 13:23:39 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Mozilla [2011.09.09 13:23:39 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Mozilla [2011.09.09 13:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.09.09 13:11:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3 [2011.09.09 13:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2011.09.09 13:11:18 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\InstallShield [2011.09.09 13:11:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology [2011.09.09 13:10:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA [2011.09.09 13:09:56 | 000,471,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011.09.09 13:09:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.09.09 13:09:28 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.09.09 13:09:17 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.09.09 13:09:16 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.09.09 13:09:16 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll [2011.09.09 13:09:16 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.09.09 13:09:16 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.09.09 13:09:16 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.09.09 13:09:16 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll [2011.09.09 13:09:16 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll [2011.09.09 13:09:15 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll [2011.09.09 13:09:10 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.09.09 13:09:10 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.09.09 13:09:10 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.09.09 13:09:10 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.09.09 13:09:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.09.09 13:09:09 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.09.09 13:09:05 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll [2011.09.09 13:09:05 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll [2011.09.09 13:09:05 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll [2011.09.09 13:09:05 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll [2011.09.09 13:09:05 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll [2011.09.09 13:09:05 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll [2011.09.09 13:09:04 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.09.09 13:09:04 | 001,870,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll [2011.09.09 13:09:03 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll [2011.09.09 13:09:03 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.09.09 13:08:57 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.09.09 13:08:56 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011.09.09 13:08:56 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011.09.09 13:08:56 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011.09.09 13:08:56 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011.09.09 13:08:56 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011.09.09 13:08:56 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011.09.09 13:08:55 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011.09.09 13:08:55 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011.09.09 13:08:55 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011.09.09 13:08:55 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011.09.09 13:08:55 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011.09.09 13:08:55 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011.09.09 13:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.09.09 13:08:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.09.09 13:08:23 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2011.09.09 13:08:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2011.09.09 13:08:14 | 000,000,000 | ---D | C] -- C:\Intel [2011.09.09 12:51:37 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\ATI [2011.09.09 12:51:37 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\ATI [2011.09.09 12:50:27 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011.09.09 12:50:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2011.09.09 12:50:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2011.09.09 12:49:49 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2011.09.09 12:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.09.09 12:49:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.09.09 12:49:01 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2011.09.09 12:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011.09.09 12:47:03 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.09.09 12:39:09 | 000,000,000 | R--D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.09.09 12:39:09 | 000,000,000 | R--D | C] -- C:\Users\Armin\Searches [2011.09.09 12:39:09 | 000,000,000 | R--D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.09.09 12:39:02 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Identities [2011.09.09 12:39:00 | 000,000,000 | R--D | C] -- C:\Users\Armin\Contacts [2011.09.09 12:38:59 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\VirtualStore [2011.09.09 12:38:54 | 000,000,000 | --SD | C] -- C:\Users\Armin\AppData\Roaming\Microsoft [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Videos [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Saved Games [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Pictures [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Music [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Links [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Favorites [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Downloads [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Documents [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\Desktop [2011.09.09 12:38:54 | 000,000,000 | R--D | C] -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Vorlagen [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\AppData\Local\Verlauf [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\AppData\Local\Temporary Internet Files [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Startmenü [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\SendTo [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Recent [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Netzwerkumgebung [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Lokale Einstellungen [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Documents\Eigene Videos [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Documents\Eigene Musik [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Eigene Dateien [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Documents\Eigene Bilder [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Druckumgebung [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Cookies [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\AppData\Local\Anwendungsdaten [2011.09.09 12:38:54 | 000,000,000 | -HSD | C] -- C:\Users\Armin\Anwendungsdaten [2011.09.09 12:38:54 | 000,000,000 | -H-D | C] -- C:\Users\Armin\AppData [2011.09.09 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Temp [2011.09.09 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Local\Microsoft [2011.09.09 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Armin\AppData\Roaming\Media Center Programs [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Programme [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.09.09 12:38:52 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.08.24 20:17:52 | 000,043,520 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.06.15 03:54:36 | 000,153,008 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps64.dll [2010.06.15 03:54:34 | 000,206,768 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps32.dll [2010.06.15 03:54:32 | 000,074,672 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps64.dat [2010.06.15 03:54:22 | 002,320,304 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\fraps.exe [2010.06.15 03:46:32 | 000,163,840 | ---- | C] (Beepa P/L) -- C:\Program Files (x86)\frapslcd.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.09.18 13:35:38 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Armin\Desktop\OTL.exe [2011.09.18 13:32:55 | 000,000,168 | ---- | M] () -- C:\Users\Armin\defogger_reenable [2011.09.18 13:32:00 | 000,050,477 | ---- | M] () -- C:\Users\Armin\Desktop\Defogger.exe [2011.09.18 13:18:31 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.09.18 13:18:31 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.09.18 13:15:26 | 001,642,740 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.09.18 13:15:26 | 000,707,446 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.09.18 13:15:26 | 000,661,064 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.09.18 13:15:26 | 000,153,038 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.09.18 13:15:26 | 000,125,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.09.18 13:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.09.18 13:10:54 | 2132,717,567 | -HS- | M] () -- C:\hiberfil.sys [2011.09.18 12:43:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-829292093-2654154359-3812680981-1000UA.job [2011.09.16 13:43:00 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-829292093-2654154359-3812680981-1000Core.job [2011.09.16 13:41:43 | 000,001,685 | ---- | M] () -- C:\Users\Armin\Desktop\GCI Demo.lnk [2011.09.15 19:11:46 | 000,000,093 | ---- | M] () -- C:\Users\Armin\AppData\Local\fusioncache.dat [2011.09.15 19:11:33 | 001,669,102 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.14 23:30:33 | 000,001,461 | ---- | M] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk [2011.09.14 23:29:10 | 000,000,603 | ---- | M] () -- C:\Users\Public\Desktop\Morrowind.lnk [2011.09.11 17:11:20 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2011.09.11 17:04:17 | 000,000,070 | ---- | M] () -- C:\Windows\spwdrhag.INI [2011.09.11 11:47:26 | 000,000,739 | ---- | M] () -- C:\Users\Armin\Desktop\Terraria.lnk [2011.09.11 00:32:14 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.09.10 23:12:51 | 000,011,116 | ---- | M] () -- C:\Users\Armin\.recently-used.xbel [2011.09.10 22:19:26 | 000,001,095 | ---- | M] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.09.10 21:36:01 | 003,152,910 | ---- | M] () -- C:\Users\Armin\Documents\neuer kanal.wav [2011.09.10 21:14:04 | 009,039,726 | ---- | M] () -- C:\Users\Armin\Documents\grrrrrrrrr.wav [2011.09.10 21:09:52 | 007,187,694 | ---- | M] () -- C:\Users\Armin\Documents\grrr.wav [2011.09.10 21:04:53 | 000,001,312 | ---- | M] () -- C:\Users\Armin\Desktop\Free YouTube Download.lnk [2011.09.10 20:42:21 | 000,001,210 | ---- | M] () -- C:\Users\Armin\Desktop\Stellar Phoenix Windows Data Recovery-Home.lnk [2011.09.10 20:19:17 | 000,000,909 | ---- | M] () -- C:\Users\Armin\Desktop\Find and Mount.lnk [2011.09.10 18:12:11 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.09.10 18:08:32 | 000,001,801 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2011.09.10 17:31:38 | 000,001,914 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.09.10 15:55:31 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.09.10 11:57:38 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.09.10 11:52:18 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2011.09.09 23:31:59 | 000,000,240 | ---- | M] () -- C:\Users\Armin\Desktop\Age of Conan.lnk [2011.09.09 20:46:45 | 000,000,567 | ---- | M] () -- C:\Users\Public\Desktop\Start The Witcher 2.lnk [2011.09.09 20:10:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.09.09 20:09:10 | 006,812,878 | ---- | M] () -- C:\Users\Armin\Documents\test.wav [2011.09.09 20:04:58 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.09.09 18:29:04 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.09.09 18:29:04 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.09.09 16:17:29 | 000,040,445 | ---- | M] (Beepa Pty Ltd) -- C:\Program Files (x86)\uninstall.exe [2011.09.09 16:17:29 | 000,000,857 | ---- | M] () -- C:\Users\Armin\Desktop\Fraps.lnk [2011.09.09 14:18:24 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2011.09.09 13:58:41 | 000,270,912 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.09.09 13:50:22 | 000,000,645 | ---- | M] () -- C:\Users\Armin\Desktop\Minecraft.lnk [2011.09.09 13:42:08 | 000,002,090 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.09.09 13:38:57 | 000,002,274 | ---- | M] () -- C:\Users\Armin\Desktop\Google Chrome.lnk [2011.09.09 13:37:23 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk [2011.09.09 13:23:36 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.09.09 13:11:51 | 000,035,915 | ---- | M] () -- C:\Windows\Ascd_log.ini [2011.09.09 13:07:23 | 000,024,496 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2011.09.09 13:07:08 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2011.09.09 12:51:14 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011.09.09 12:39:12 | 000,001,439 | ---- | M] () -- C:\Users\Armin\Desktop\Internet Explorer.lnk [2011.08.24 20:19:10 | 000,056,320 | ---- | M] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.08.24 20:17:52 | 000,043,520 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.09.18 13:32:55 | 000,000,168 | ---- | C] () -- C:\Users\Armin\defogger_reenable [2011.09.18 13:31:57 | 000,050,477 | ---- | C] () -- C:\Users\Armin\Desktop\Defogger.exe [2011.09.16 13:41:43 | 000,001,685 | ---- | C] () -- C:\Users\Armin\Desktop\GCI Demo.lnk [2011.09.15 19:11:46 | 000,000,093 | ---- | C] () -- C:\Users\Armin\AppData\Local\fusioncache.dat [2011.09.14 23:30:33 | 000,001,461 | ---- | C] () -- C:\Users\Public\Desktop\The Elder Scrolls Construction Set.lnk [2011.09.14 23:29:10 | 000,000,603 | ---- | C] () -- C:\Users\Public\Desktop\Morrowind.lnk [2011.09.11 17:11:20 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2011.09.11 11:47:26 | 000,000,739 | ---- | C] () -- C:\Users\Armin\Desktop\Terraria.lnk [2011.09.11 11:39:53 | 001,669,102 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.09.11 00:32:14 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2011.09.10 23:12:51 | 000,011,116 | ---- | C] () -- C:\Users\Armin\.recently-used.xbel [2011.09.10 22:19:26 | 000,001,095 | ---- | C] () -- C:\Users\Public\Desktop\GIMP 2.lnk [2011.09.10 21:36:07 | 003,152,910 | ---- | C] () -- C:\Users\Armin\Documents\neuer kanal.wav [2011.09.10 21:14:08 | 009,039,726 | ---- | C] () -- C:\Users\Armin\Documents\grrrrrrrrr.wav [2011.09.10 21:09:57 | 007,187,694 | ---- | C] () -- C:\Users\Armin\Documents\grrr.wav [2011.09.10 21:04:53 | 000,001,312 | ---- | C] () -- C:\Users\Armin\Desktop\Free YouTube Download.lnk [2011.09.10 20:42:21 | 000,001,210 | ---- | C] () -- C:\Users\Armin\Desktop\Stellar Phoenix Windows Data Recovery-Home.lnk [2011.09.10 20:42:20 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\StellarProfile.dll [2011.09.10 20:42:20 | 000,000,070 | ---- | C] () -- C:\Windows\spwdrhag.INI [2011.09.10 20:19:17 | 000,000,909 | ---- | C] () -- C:\Users\Armin\Desktop\Find and Mount.lnk [2011.09.10 18:12:11 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.09.10 18:08:32 | 000,001,801 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2011.09.10 17:31:38 | 000,001,914 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2011.09.10 11:57:38 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.09.10 11:52:18 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2011.09.09 23:31:59 | 000,000,240 | ---- | C] () -- C:\Users\Armin\Desktop\Age of Conan.lnk [2011.09.09 20:46:45 | 000,000,567 | ---- | C] () -- C:\Users\Public\Desktop\Start The Witcher 2.lnk [2011.09.09 20:10:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.09.09 20:09:15 | 006,812,878 | ---- | C] () -- C:\Users\Armin\Documents\test.wav [2011.09.09 20:04:58 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk [2011.09.09 18:28:58 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011.09.09 18:28:58 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011.09.09 18:26:23 | 2132,717,567 | -HS- | C] () -- C:\hiberfil.sys [2011.09.09 16:17:29 | 000,000,857 | ---- | C] () -- C:\Users\Armin\Desktop\Fraps.lnk [2011.09.09 14:45:12 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk [2011.09.09 13:50:22 | 000,000,645 | ---- | C] () -- C:\Users\Armin\Desktop\Minecraft.lnk [2011.09.09 13:42:08 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2011.09.09 13:42:08 | 000,002,090 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2011.09.09 13:40:26 | 000,001,439 | ---- | C] () -- C:\Users\Armin\Desktop\Internet Explorer.lnk [2011.09.09 13:38:57 | 000,002,274 | ---- | C] () -- C:\Users\Armin\Desktop\Google Chrome.lnk [2011.09.09 13:38:42 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-829292093-2654154359-3812680981-1000UA.job [2011.09.09 13:38:41 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-829292093-2654154359-3812680981-1000Core.job [2011.09.09 13:37:23 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk [2011.09.09 13:37:23 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk [2011.09.09 13:23:36 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.09.09 13:23:36 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.09.09 13:11:27 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2011.09.09 13:09:55 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011.09.09 13:08:01 | 000,035,915 | ---- | C] () -- C:\Windows\Ascd_log.ini [2011.09.09 13:07:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2011.09.09 13:07:02 | 000,024,496 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2011.09.09 12:51:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.09 12:39:10 | 000,001,439 | ---- | C] () -- C:\Users\Armin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.08.24 20:19:10 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.06.15 01:20:08 | 000,001,872 | ---- | C] () -- C:\Program Files (x86)\README.HTM [2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS ========== LOP Check ========== [2011.09.11 15:59:52 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\.minecraft [2011.09.09 14:00:51 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\DAEMON Tools Lite [2011.09.10 21:04:58 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\DVDVideoSoft [2011.09.10 21:04:55 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\DVDVideoSoftIEHelpers [2011.09.10 22:18:36 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\FireShot [2011.09.16 13:42:06 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\GCI Demo [2011.09.10 23:12:51 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\gtk-2.0 [2011.09.11 20:17:51 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\LolClient [2011.09.09 13:37:24 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\Opera [2011.09.18 13:12:20 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\Raptr [2011.09.09 13:42:11 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\Thunderbird [2011.09.11 19:06:07 | 000,000,000 | ---D | M] -- C:\Users\Armin\AppData\Roaming\TS3Client [2009.07.14 07:08:49 | 000,006,174 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.09.09 12:39:00 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2011.09.10 18:26:37 | 000,000,000 | ---D | M] -- C:\ATI [2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.09.09 12:38:52 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.09 13:08:14 | 000,000,000 | ---D | M] -- C:\Intel [2011.09.10 20:42:30 | 000,000,000 | ---D | M] -- C:\Log [2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.09.16 13:41:43 | 000,000,000 | R--D | M] -- C:\Program Files [2011.09.15 21:42:07 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.09.11 00:32:08 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.09.09 12:38:52 | 000,000,000 | -HSD | M] -- C:\Programme [2011.09.09 12:38:52 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.09.15 21:39:50 | 000,000,000 | ---D | M] -- C:\Spiele [2011.09.18 13:37:39 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.09.09 12:38:54 | 000,000,000 | R--D | M] -- C:\Users [2011.09.15 21:41:13 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > [2010.06.15 03:54:22 | 002,320,304 | ---- | M] (Beepa P/L) -- C:\Program Files (x86)\fraps.exe [2011.09.09 16:17:29 | 000,040,445 | ---- | M] (Beepa Pty Ltd) -- C:\Program Files (x86)\uninstall.exe < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: EXPLORER.EXE > [2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe [2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe [2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < > ========== Alternate Data Streams ========== @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:C3AE45C9 < End of report > |
| Themen zu Internet plötzlich sehr langsam |
| alternate, antivir, autorun, avira, bho, browser, c:\windows\system32\rundll32.exe, explorer, firefox, focus, format, grand theft auto, helper, home, installation, internet, langsam, league of legends, mozilla thunderbird, opera, pando media booster, plug-in, programme, realtek, registry, rundll, scan, sehr langsam, software, spielen, studio, teamspeak, webcheck, windows, windows xp, winlogon.exe |
Baum-Darstellung