| |
| |||||||
Log-Analyse und Auswertung: Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-FundWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
31.12.2011, 13:39
| #1 |
| |  Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund Heyho liebe Trojaner-Board-Gemeinde, ich habe seit gestern Nachmittag ein dickes Problem: Ich komme ums verrecken nicht mehr ins Internet, mein Router wird erst gar nicht mehr gefunden. Angefangen hat es mit dicken Lags beim Spielen von League of Legends, danach haben Internetseiten aufgehört zu laden und die svchost.exe (NICHT svchostS, sondern die reguläre svchost.exe im System32-Ordner) begann in Spikes massenhaft Daten zu senden (~300kb/s, ca. alle 1,5s Leitung für einen Moment voll ausgelastet, danach komplette Funkstille bis zum nächsten Spike), währenddessen meldete mir mein Windows "Netzwerkkonnektivität eingeschränkt". Misstrauisch wie ich war, startete ich einen kompletten Scan mit Avast! über nacht (selbstverständlich Pre-Windows-Scan, also noch bevor Windows geladen ist), und fündig wurde Avast mit 2 Dateien vom Refog KGB: KGB64.exe KGBNetService.exe runrefog per Ausführen brachte nichts, ebensowenig wie runkgb oder die Tastenkombination aus Strg+Shift+Alt+K. Habe die beiden Dateien also per Avast! entfernt. Problem ist leider weiterhin vorhanden. Vielleicht könnt ihr mir helfen, hier die Logs: OTL: Code:
ATTFilter OTL logfile created on: 31.12.2011 12:43:58 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Haakon\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,46 Gb Available Physical Memory | 80,78% Memory free 15,99 Gb Paging File | 14,42 Gb Available in Paging File | 90,17% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 831,09 Gb Free Space | 89,23% Space Free | Partition Type: NTFS Drive D: | 100,00 Mb Total Space | 70,06 Mb Free Space | 70,07% Space Free | Partition Type: NTFS Drive E: | 232,79 Gb Total Space | 103,59 Gb Free Space | 44,50% Space Free | Partition Type: NTFS Drive F: | 6,32 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive I: | 3,94 Gb Total Space | 2,38 Gb Free Space | 60,31% Space Free | Partition Type: FAT32 Computer Name: HAAKON-PC | User Name: Haakon | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.12.31 12:15:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Haakon\Desktop\OTL.exe PRC - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011.12.13 04:45:23 | 000,086,016 | ---- | M] () -- C:\Windows\Installer\MSI69B0.tmp PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe PRC - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.03.24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe PRC - [2011.03.22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe PRC - [2010.11.21 04:25:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe PRC - [2010.11.21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2010.11.15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe ========== Modules (No Company Name) ========== MOD - [2011.07.29 00:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll MOD - [2011.07.29 00:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.19 18:59:00 | 002,779,416 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV:64bit: - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.12.14 12:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011.12.13 04:45:23 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Windows\Installer\MSI69B0.tmp -- (HyperDeskCustomThemeEnabler) SRV - [2011.12.09 14:39:52 | 000,135,584 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service) SRV - [2011.10.15 09:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2011.10.15 00:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.03.24 05:37:18 | 000,493,384 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe -- (WCUService_STC_FF) SRV - [2011.03.22 09:37:16 | 000,497,480 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe -- (WCUService_STC_IE) SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.09.21 10:48:10 | 000,954,368 | ---- | M] (Wireless) [On_Demand | Stopped] -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi) SRV - [2009.09.21 10:48:10 | 000,265,216 | ---- | M] (Wireless) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi) SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.12.29 19:21:29 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011.12.23 13:12:18 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.12.23 13:12:18 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.12.18 14:55:19 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2011.12.18 14:55:19 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2011.11.28 18:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2011.11.28 18:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2011.11.28 18:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2011.11.28 18:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2011.11.28 18:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2011.11.28 18:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.07.08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2011.03.07 10:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI) DRV:64bit: - [2011.03.07 10:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3) DRV:64bit: - [2011.01.13 12:58:30 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2010.11.21 04:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub) DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.22 02:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2010.10.22 02:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2010.01.27 17:25:42 | 001,584,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009.10.07 11:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.10.07 11:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.09.21 10:48:10 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\jswpslwfx.sys -- (JSWPSLWF) DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.02.17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb) DRV - [2011.12.31 12:40:31 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2011.12.18 12:49:27 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64) DRV - [2011.12.13 04:13:46 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:splashtopconnect IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a0}:1.1.8.4 FF - prefs.js..extensions.enabledItems: {91c612bf-2a7a-48b8-8c8c-6de28589b7a1}:1.1.8.4 FF - prefs.js..extensions.enabledItems: {d9284e50-81fc-11da-a72b-0800200c9a66}:7.5.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30 FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Haakon\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2011.12.13 03:49:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2011.12.13 03:49:16 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{d9284e50-81fc-11da-a72b-0800200c9a66}: C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{d9284e50-81fc-11da-a72b-0800200c9a66} [2011.12.13 03:49:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.21 21:24:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.29 23:54:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.19 18:32:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.29 20:33:45 | 000,000,000 | ---D | M] [2011.12.13 03:58:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Haakon\AppData\Roaming\mozilla\Extensions [2011.12.29 18:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Haakon\AppData\Roaming\mozilla\Firefox\Profiles\4kww88b0.default\extensions [2011.12.19 18:32:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2011.12.18 19:03:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2011.12.29 23:54:00 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 () (No name found) -- C:\USERS\HAAKON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\4KWW88B0.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.11.21 05:21:43 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.12.18 19:03:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011.11.21 02:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.11.21 02:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.11.21 02:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.11.21 02:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.11.21 02:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.11.21 02:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [STCAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) -C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {F791A188-699D-4FD4-955A-EB59E89B1907} - Ave's 7StartButton Changer - C:\Program Files (x86)\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll (AveApps, Andreas Verhoeven) O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.02.08 12:07:09 | 000,000,000 | ---D | M] - F:\AutoPlay -- [ CDFS ] O32 - AutoRun File - [2010.02.08 10:55:51 | 002,855,560 | R--- | M] (UBISOFT) - F:\autorun.exe -- [ CDFS ] O32 - AutoRun File - [2010.02.08 10:55:52 | 000,000,043 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{323b64ac-296e-11e1-89e1-50e549b51e23}\Shell - "" = AutoRun O33 - MountPoints2\{323b64ac-296e-11e1-89e1-50e549b51e23}\Shell\AutoRun\command - "" = G:\pushinst.exe O33 - MountPoints2\{9e988f6a-2a64-11e1-ad99-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{9e988f6a-2a64-11e1-ad99-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe -- [2010.02.08 10:55:51 | 002,855,560 | R--- | M] (UBISOFT) O33 - MountPoints2\{cdd33e72-3249-11e1-95ec-50e549b51e23}\Shell - "" = AutoRun O33 - MountPoints2\{cdd33e72-3249-11e1-95ec-50e549b51e23}\Shell\AutoRun\command - "" = G:\OblivionLauncher.exe O33 - MountPoints2\{cdd33e9d-3249-11e1-95ec-50e549b51e23}\Shell - "" = AutoRun O33 - MountPoints2\{cdd33e9d-3249-11e1-95ec-50e549b51e23}\Shell\AutoRun\command - "" = H:\CD_Start.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - StartUpFolder: C:^Users^Haakon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe - (Leader Technologies/Logitech) MsConfig:64bit - StartUpReg: ASUSGamerOSD - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) MsConfig:64bit - StartUpReg: ZyngaGamesAgent - hkey= - key= - C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2011.12.31 12:38:30 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Haakon\Desktop\OTL.exe [2011.12.30 21:35:05 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\ElevatedDiagnostics [2011.12.30 00:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [2011.12.30 00:02:49 | 000,839,680 | ---- | C] (hxxp://www.mp3dev.org/) -- C:\Windows\SysWow64\lameACM.acm [2011.12.30 00:02:49 | 000,287,744 | ---- | C] (Kristal StudioDFileDescription) -- C:\Windows\SysWow64\divxa32.acm [2011.12.30 00:02:46 | 000,630,784 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp7vfw.dll [2011.12.30 00:02:46 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32f.dll [2011.12.30 00:02:46 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2011.12.30 00:02:46 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm [2011.12.30 00:02:46 | 000,039,936 | ---- | C] (Disappearing Inc.) -- C:\Windows\SysWow64\huffyuv.dll [2011.12.30 00:02:45 | 000,413,760 | ---- | C] (Hacked with Joy !) -- C:\Windows\SysWow64\DivXc32.dll [2011.12.30 00:02:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack [2011.12.29 23:54:46 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\DDMSettings [2011.12.29 23:53:50 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\DivX [2011.12.29 23:53:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2011.12.29 23:52:50 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2011.12.29 23:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2011.12.29 23:50:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2011.12.29 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2011.12.29 22:03:53 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Blender Foundation [2011.12.29 21:57:58 | 000,000,000 | ---D | C] -- C:\Users\Haakon\.thumbnails [2011.12.29 21:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blender Foundation [2011.12.29 21:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Blender Foundation [2011.12.29 20:45:05 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVSociety [2011.12.29 20:45:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVSociety [2011.12.29 20:44:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVSociety [2011.12.29 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp [2011.12.29 20:33:45 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in [2011.12.29 20:33:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2011.12.29 20:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2011.12.29 20:33:18 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Winamp [2011.12.29 20:33:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2011.12.29 19:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2011.12.29 19:26:03 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Oblivion [2011.12.29 19:26:03 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\My Games [2011.12.29 19:21:29 | 000,279,616 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.12.29 19:19:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2011.12.29 19:19:07 | 000,530,488 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2011.12.29 19:18:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2011.12.29 19:17:58 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\DAEMON Tools Lite [2011.12.29 19:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2011.12.29 01:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\lothargeisinger.de [2011.12.28 20:34:03 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2011.12.28 20:29:45 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\.minecraft [2011.12.28 00:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Veetle [2011.12.27 15:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2011.12.27 15:54:53 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\TrackMania [2011.12.27 15:54:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever [2011.12.27 12:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTH [2011.12.27 11:01:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\en-US [2011.12.27 11:01:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\en [2011.12.27 11:01:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0409 [2011.12.27 11:01:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US [2011.12.27 11:01:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\en [2011.12.27 11:01:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0409 [2011.12.27 10:56:22 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\en-US\pscr.sys.mui [2011.12.27 10:55:37 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerIb.sys.mui [2011.12.27 10:55:37 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrParwdm.sys.mui [2011.12.27 10:55:36 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\en-US\BrSerId.sys.mui [2011.12.26 22:59:38 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\ScummVM [2011.12.26 02:39:22 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Desktop\Antony Raijekov [2011.12.26 02:38:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Last.fm [2011.12.26 02:07:40 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FL Studio 4 [2011.12.26 02:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FL Studio 4 [2011.12.26 02:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FLStudio4 [2011.12.25 21:13:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2011.12.25 21:07:34 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2011.12.25 21:07:34 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2011.12.25 21:06:26 | 000,000,000 | ---D | C] -- C:\NVIDIA [2011.12.25 20:46:28 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro [2011.12.25 20:46:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro [2011.12.25 20:36:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2011.12.25 20:08:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Cleaner Pro [2011.12.25 13:07:00 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Desktop\LoLG15Timer [2011.12.25 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\lothargeisinger.de [2011.12.25 12:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lothargeisinger.de [2011.12.25 04:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMP WinOFF [2011.12.25 04:20:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMP WinOFF [2011.12.24 20:27:58 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\CCleaner Registry Backups [2011.12.23 23:00:16 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2011.12.23 15:10:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs [2011.12.23 15:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs [2011.12.23 15:10:15 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\SplitMediaLabs [2011.12.23 13:28:16 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Comodo [2011.12.23 13:22:16 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2011.12.23 13:21:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2011.12.23 13:17:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2011.12.23 13:17:47 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2011.12.23 13:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2011.12.23 13:17:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2011.12.23 02:16:36 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\TeamViewer [2011.12.23 02:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2011.12.22 23:58:57 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Desktop\cpu-z [2011.12.22 19:05:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.12.22 18:47:29 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\3DMark 11 [2011.12.22 18:47:09 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\IsolatedStorage [2011.12.22 18:46:27 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Futuremark_Corporation [2011.12.22 18:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark [2011.12.22 18:36:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark [2011.12.22 18:36:01 | 000,000,000 | ---D | C] -- C:\Program Files\Futuremark [2011.12.22 18:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2011.12.21 21:20:06 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2011.12.21 21:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2011.12.21 21:20:05 | 000,304,472 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2011.12.21 21:20:02 | 000,042,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2011.12.21 21:20:01 | 000,058,712 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2011.12.21 21:20:00 | 000,591,192 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2011.12.21 21:19:58 | 000,256,960 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2011.12.21 21:19:58 | 000,066,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2011.12.21 21:19:23 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2011.12.21 21:19:22 | 000,199,816 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2011.12.21 21:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2011.12.21 21:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2011.12.21 21:07:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2011.12.21 14:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler [2011.12.21 14:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler [2011.12.21 14:50:06 | 000,000,000 | ---D | C] -- C:\Windows\pss [2011.12.21 14:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.12.21 14:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011.12.20 17:16:42 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Aquamarin Haushaltsbuch [2011.12.20 17:16:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Haushaltsbuch [2011.12.20 17:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquamarin Haushaltsbuch [2011.12.20 16:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2011.12.20 16:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2011.12.20 16:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2011.12.20 16:18:06 | 000,000,000 | ---D | C] -- C:\ProgramData\StarMoney 7.0 [2011.12.20 16:17:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Business Objects [2011.12.20 16:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\StarFinanz [2011.12.19 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Ubisoft Game Launcher [2011.12.19 19:02:50 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Ubisoft [2011.12.19 19:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2011.12.19 18:59:16 | 000,022,696 | ---- | C] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2011.12.19 18:58:58 | 000,041,200 | ---- | C] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2011.12.19 18:58:56 | 000,389,840 | ---- | C] (COMODO) -- C:\Windows\SysNative\guard64.dll [2011.12.19 18:58:56 | 000,301,224 | ---- | C] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2011.12.19 18:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2011.12.18 20:52:29 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\LogiShrd [2011.12.18 20:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd [2011.12.18 20:52:23 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Leadertech [2011.12.18 20:51:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd [2011.12.18 20:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2011.12.18 20:51:56 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2011.12.18 20:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd [2011.12.18 20:51:19 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Logitech [2011.12.18 20:51:19 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Logishrd [2011.12.18 20:49:11 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\TS3Client [2011.12.18 20:22:36 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Last.fm [2011.12.18 20:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm [2011.12.18 20:22:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Last.fm [2011.12.18 20:11:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2011.12.18 20:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client [2011.12.18 19:34:09 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\NVIDIA [2011.12.18 19:03:40 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2011.12.18 19:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.12.18 19:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.12.18 19:03:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.12.18 17:56:35 | 000,000,000 | ---D | C] -- C:\Users\Haakon\riotsGamesLogs [2011.12.18 17:56:20 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\LolClient [2011.12.18 17:51:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2011.12.18 15:34:47 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\GUILD WARS [2011.12.18 15:34:01 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.12.18 15:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs [2011.12.18 15:34:00 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Games [2011.12.18 15:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.12.18 15:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011.12.18 15:18:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011.12.18 15:13:04 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Macromedia [2011.12.18 15:13:04 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Adobe [2011.12.18 15:13:00 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.12.18 15:07:22 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Unity [2011.12.18 14:58:21 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\LCDSirReal [2011.12.18 14:58:21 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LCDSirReal [2011.12.18 14:55:50 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Logitech [2011.12.18 14:55:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2011.12.18 14:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software [2011.12.18 14:44:31 | 000,026,624 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\jswpslwfx.sys [2011.12.18 14:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK [2011.12.18 14:44:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TP-LINK [2011.12.18 14:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2011.12.18 14:02:59 | 001,584,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys [2011.12.18 14:02:59 | 001,584,640 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2011.12.18 14:02:59 | 000,000,000 | ---D | C] -- C:\Windows\Options [2011.12.18 14:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TP-LINK [2011.12.18 13:45:53 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AVM_Driver [2011.12.18 13:45:06 | 000,480,632 | ---- | C] (AVM Berlin) -- C:\Windows\instwcli.dex [2011.12.18 13:44:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVM_update [2011.12.13 10:00:18 | 000,000,000 | R--D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.12.13 10:00:18 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Searches [2011.12.13 10:00:18 | 000,000,000 | R--D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.12.13 10:00:08 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Identities [2011.12.13 10:00:07 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Contacts [2011.12.13 10:00:05 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\VirtualStore [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Vorlagen [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\AppData\Local\Verlauf [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\AppData\Local\Temporary Internet Files [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Startmenü [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\SendTo [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Lokale Einstellungen [2011.12.13 09:59:56 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\AppData\Local\Anwendungsdaten [2011.12.13 09:59:55 | 000,000,000 | --SD | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Videos [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Saved Games [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Pictures [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Music [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Links [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Favorites [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Downloads [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Documents [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\Desktop [2011.12.13 09:59:55 | 000,000,000 | R--D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Recent [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Netzwerkumgebung [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Documents\Eigene Videos [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Documents\Eigene Musik [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Eigene Dateien [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Documents\Eigene Bilder [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Druckumgebung [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Cookies [2011.12.13 09:59:55 | 000,000,000 | -HSD | C] -- C:\Users\Haakon\Anwendungsdaten [2011.12.13 09:59:55 | 000,000,000 | -H-D | C] -- C:\Users\Haakon\AppData [2011.12.13 09:59:55 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Temp [2011.12.13 09:59:55 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Microsoft [2011.12.13 09:59:55 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Media Center Programs [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Programme [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.12.13 09:59:50 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.12.13 09:59:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.12.13 09:59:49 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.12.13 09:59:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.12.13 09:59:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.12.13 09:59:47 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.12.13 09:54:50 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2011.12.13 09:54:17 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2011.12.13 09:53:03 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.12.13 04:46:37 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Skinux [2011.12.13 04:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Skins Factory [2011.12.13 04:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Skins Factory [2011.12.13 04:44:26 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Downloaded Installations [2011.12.13 04:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint [2011.12.13 04:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2011.12.13 04:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2011.12.13 04:34:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2011.12.13 04:34:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.12.13 04:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.12.13 04:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2011.12.13 04:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2011.12.13 04:33:26 | 000,000,000 | ---D | C] -- C:\IDE [2011.12.13 04:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2011.12.13 04:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2011.12.13 04:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2011.12.13 04:32:19 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Microsoft Help [2011.12.13 04:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2011.12.13 04:32:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2011.12.13 04:32:00 | 000,000,000 | RH-D | C] -- C:\MSOCache [2011.12.13 04:30:18 | 000,023,680 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\IOMap64.sys [2011.12.13 04:28:03 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Desktop\Treiber CDS [2011.12.13 04:27:07 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\WinRAR [2011.12.13 04:26:49 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.12.13 04:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2011.12.13 04:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR [2011.12.13 04:24:08 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Desktop\Software [2011.12.13 04:06:33 | 000,000,000 | ---D | C] -- C:\Users\Haakon\Documents\ASUS [2011.12.13 04:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2011.12.13 04:03:34 | 000,039,424 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys [2011.12.13 04:03:34 | 000,017,792 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\drivers\asusgsb.sys [2011.12.13 04:03:34 | 000,016,896 | ---- | C] (ASUSTeK COMPUTER INC.) -- C:\Windows\SysNative\ATKOGL64.dll [2011.12.13 04:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [2011.12.13 04:02:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS [2011.12.13 04:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2011.12.13 04:00:17 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011.12.13 03:58:26 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Local\Mozilla [2011.12.13 03:58:25 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Mozilla [2011.12.13 03:58:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.12.13 03:53:43 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE [2011.12.13 03:53:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Etron Technology [2011.12.13 03:52:24 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2011.12.13 03:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2011.12.13 03:52:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.12.13 03:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD [2011.12.13 03:51:14 | 000,413,800 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2011.12.13 03:50:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2011.12.13 03:49:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.12.13 03:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.12.13 03:49:25 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.12.13 03:49:25 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.12.13 03:49:25 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.12.13 03:49:25 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.12.13 03:49:25 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.12.13 03:49:24 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.12.13 03:49:24 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.12.13 03:49:24 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.12.13 03:49:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.12.13 03:49:24 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.12.13 03:49:24 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.12.13 03:49:24 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.12.13 03:49:24 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.12.13 03:49:23 | 002,075,712 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.12.13 03:49:23 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.12.13 03:49:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.12.13 03:48:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2011.12.13 03:48:46 | 000,000,000 | ---D | C] -- C:\Users\Haakon\AppData\Roaming\Splashtop [2011.12.13 03:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Splashtop [2011.12.13 03:48:22 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.12.13 03:48:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2011.12.13 03:48:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte [2011.12.13 03:47:59 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011.12.13 03:47:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.12.31 12:47:33 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.12.31 12:47:33 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.12.31 12:47:33 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.12.31 12:47:33 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.12.31 12:47:33 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.12.31 12:40:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.12.31 12:40:06 | 2145,390,591 | -HS- | M] () -- C:\hiberfil.sys [2011.12.31 12:39:04 | 000,000,020 | ---- | M] () -- C:\Users\Haakon\defogger_reenable [2011.12.31 12:31:28 | 000,050,477 | ---- | M] () -- C:\Users\Haakon\Desktop\Defogger.exe [2011.12.31 12:15:46 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Haakon\Desktop\OTL.exe [2011.12.31 11:35:30 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.12.31 11:35:30 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.12.29 21:57:00 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\Blender.lnk [2011.12.29 20:10:24 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini [2011.12.29 19:30:43 | 000,000,032 | ---- | M] () -- C:\Windows\CD_Start.INI [2011.12.29 19:29:05 | 000,002,109 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2011.12.29 19:21:29 | 000,279,616 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2011.12.29 19:19:41 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.12.29 19:19:07 | 000,530,488 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys [2011.12.29 15:58:06 | 000,000,708 | ---- | M] () -- C:\Users\Haakon\Desktop\Assassin's Creed II.lnk [2011.12.29 14:42:56 | 000,031,744 | ---- | M] () -- C:\Users\Haakon\Documents\Haushaltsbuch.backup [2011.12.27 15:54:14 | 000,001,055 | ---- | M] () -- C:\Users\Public\Desktop\TmNationsForever.lnk [2011.12.25 20:46:28 | 000,001,975 | ---- | M] () -- C:\Users\Haakon\Desktop\Driver Cleaner Pro.lnk [2011.12.25 04:20:45 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\AMP WinOFF.lnk [2011.12.23 23:08:11 | 000,001,901 | ---- | M] () -- C:\Users\Haakon\Desktop\LoL Item Changer.lnk [2011.12.23 13:49:57 | 000,001,730 | ---- | M] () -- C:\Users\Haakon\Desktop\GUILD WARS.lnk [2011.12.23 13:30:32 | 000,001,110 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2011.12.23 13:12:18 | 000,088,480 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.12.23 13:12:18 | 000,046,400 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.12.23 02:10:00 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2011.12.21 21:24:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2011.12.21 21:09:37 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2011.12.21 21:09:37 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2011.12.21 10:08:31 | 000,415,656 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.12.20 17:16:28 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Haushaltsbuch.lnk [2011.12.19 18:59:16 | 000,022,696 | ---- | M] (COMODO) -- C:\Windows\SysNative\drivers\cmderd.sys [2011.12.19 18:58:58 | 000,041,200 | ---- | M] (COMODO) -- C:\Windows\SysNative\cmdcsr.dll [2011.12.19 18:58:56 | 000,389,840 | ---- | M] (COMODO) -- C:\Windows\SysNative\guard64.dll [2011.12.19 18:58:56 | 000,301,224 | ---- | M] (COMODO) -- C:\Windows\SysWow64\guard32.dll [2011.12.19 18:16:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011.12.18 21:02:06 | 000,001,348 | ---- | M] () -- C:\Users\Haakon\Desktop\League of Legends.lnk [2011.12.18 14:55:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2011.12.18 14:55:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2011.12.18 13:00:57 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref [2011.12.18 12:49:27 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys [2011.12.13 09:57:39 | 000,161,548 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.12.13 09:57:39 | 000,161,548 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.12.13 03:58:27 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.12.13 03:57:00 | 000,000,040 | ---- | M] () -- C:\Windows\GSetup.ini [2011.12.13 03:43:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.12.31 12:39:04 | 000,000,020 | ---- | C] () -- C:\Users\Haakon\defogger_reenable [2011.12.31 12:38:32 | 000,050,477 | ---- | C] () -- C:\Users\Haakon\Desktop\Defogger.exe [2011.12.30 00:02:55 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011.12.30 00:02:49 | 000,000,414 | ---- | C] () -- C:\Windows\SysWow64\lame_acm.xml [2011.12.30 00:02:46 | 003,164,160 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll [2011.12.30 00:02:45 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.12.30 00:02:45 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.12.30 00:02:45 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011.12.29 21:57:00 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\Blender.lnk [2011.12.29 20:10:24 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2011.12.29 19:30:43 | 000,000,032 | ---- | C] () -- C:\Windows\CD_Start.INI [2011.12.29 19:29:05 | 000,002,109 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2011.12.29 19:19:41 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2011.12.29 15:58:06 | 000,000,708 | ---- | C] () -- C:\Users\Haakon\Desktop\Assassin's Creed II.lnk [2011.12.27 15:54:14 | 000,001,055 | ---- | C] () -- C:\Users\Public\Desktop\TmNationsForever.lnk [2011.12.25 20:46:28 | 000,001,975 | ---- | C] () -- C:\Users\Haakon\Desktop\Driver Cleaner Pro.lnk [2011.12.25 04:20:45 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\AMP WinOFF.lnk [2011.12.23 23:08:11 | 000,001,901 | ---- | C] () -- C:\Users\Haakon\Desktop\LoL Item Changer.lnk [2011.12.23 13:30:32 | 000,001,110 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk [2011.12.23 02:10:00 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2011.12.23 02:10:00 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2011.12.22 18:22:46 | 000,001,966 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2011.12.22 18:22:46 | 000,001,945 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2011.12.22 18:22:46 | 000,001,924 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2011.12.21 21:19:58 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2011.12.21 21:09:37 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2011.12.21 21:09:37 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2011.12.20 17:16:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Haushaltsbuch.lnk [2011.12.20 17:16:27 | 000,031,744 | ---- | C] () -- C:\Users\Haakon\Documents\Haushaltsbuch.backup [2011.12.20 16:21:57 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2011.12.19 18:32:38 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2011.12.19 18:16:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2011.12.18 21:02:06 | 000,001,348 | ---- | C] () -- C:\Users\Haakon\Desktop\League of Legends.lnk [2011.12.18 15:34:00 | 000,001,730 | ---- | C] () -- C:\Users\Haakon\Desktop\GUILD WARS.lnk [2011.12.18 14:55:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2011.12.18 14:55:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2011.12.18 14:02:59 | 000,291,504 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2011.12.18 14:02:59 | 000,052,790 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2011.12.18 13:12:09 | 000,088,480 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2011.12.18 13:12:09 | 000,046,400 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2011.12.13 10:00:22 | 000,001,405 | ---- | C] () -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.12.13 10:00:20 | 000,001,439 | ---- | C] () -- C:\Users\Haakon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.12.13 09:57:32 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011.12.13 09:57:24 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011.12.13 09:54:17 | 2145,390,591 | -HS- | C] () -- C:\hiberfil.sys [2011.12.13 04:40:17 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe [2011.12.13 04:33:15 | 002,202,749 | ---- | C] () -- C:\Users\Haakon\Desktop\Windows 7 Loader.exe [2011.12.13 04:01:58 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2011.12.13 04:01:58 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref [2011.12.13 04:00:33 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2011.12.13 03:58:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.12.13 03:53:43 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe [2011.12.13 03:53:43 | 000,021,104 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys [2011.12.13 03:51:14 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2011.12.13 03:47:22 | 000,207,400 | ---- | C] () -- C:\Windows\GSetup.exe [2011.12.13 03:47:22 | 000,000,040 | ---- | C] () -- C:\Windows\GSetup.ini [2011.12.13 03:43:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2007.08.16 15:17:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\nsldap32v50.dll [2005.12.21 16:57:04 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\nsldappr32v50.dll [2005.12.21 16:54:34 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nsldapssl32v50.dll ========== LOP Check ========== [2011.12.30 21:36:09 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\.minecraft [2011.12.30 19:50:42 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Aquamarin Haushaltsbuch [2011.12.29 22:03:53 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Blender Foundation [2011.12.30 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\DAEMON Tools Lite [2011.12.18 20:52:23 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Leadertech [2011.12.18 17:56:20 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\LolClient [2011.12.26 22:59:38 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\ScummVM [2011.12.13 04:46:37 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Skinux [2011.12.13 03:48:46 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Splashtop [2011.12.23 15:10:15 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\SplitMediaLabs [2011.12.23 02:21:00 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\TeamViewer [2011.12.30 20:42:54 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\TS3Client [2011.12.19 19:02:50 | 000,000,000 | ---D | M] -- C:\Users\Haakon\AppData\Roaming\Ubisoft [2009.07.14 06:08:49 | 000,016,254 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011.12.18 18:55:35 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.12.13 09:59:49 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.12.13 04:33:26 | 000,000,000 | ---D | M] -- C:\IDE [2011.12.13 04:32:00 | 000,000,000 | RH-D | M] -- C:\MSOCache [2011.12.25 21:06:26 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2011.12.29 23:52:50 | 000,000,000 | R--D | M] -- C:\Program Files [2011.12.30 20:39:52 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2011.12.29 23:48:09 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011.12.13 09:59:50 | 000,000,000 | -HSD | M] -- C:\Programme [2011.12.13 09:59:50 | 000,000,000 | -HSD | M] -- C:\Recovery [2011.12.31 12:45:06 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011.12.25 21:08:34 | 000,000,000 | R--D | M] -- C:\Users [2011.12.31 05:23:09 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: AFD.SYS > [2010.11.21 04:24:08 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys [2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\SysNative\drivers\afd.sys [2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys [2011.04.25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys < MD5 for: EXPLORER.EXE > [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > Geändert von HBloodhawk (31.12.2011 um 13:47 Uhr) Grund: OTL Extras vergessen |
|
02.01.2012, 14:53
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund Bitte mal prüfen:
__________________Falsche Proxy Einstellungen entfernen
  Zitat:
__________________ |
|
02.01.2012, 16:31
| #3 |
| | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund Okay, hab das Problem mittlerweile identifiziert:
__________________Die Datei service.log im Root hatte jeglichen einkommenden Netzwerkverkehr unterbunden, selbst nach Windows-Neuinstallation war die Datei noch da. War eher Zufall, dass ich die Datei aus reinem Interesse mal geöffnet hab. Hab jetzt auf beiden HDDs ne Low Level-Formatierung durchgeführt, Windows neuinstalliert und als Notfallsystem auf der hd1 noch Arch Linux. Thema hat sich (wenn auch mit der Holzhammermethode) erledigt. Komplett plattmachen war dann doch irgendwie mittlerweile bei dem ganzen Datenmüll sowieso praktisch. Liebe Grüße und Danke, Haakon |
|
02.01.2012, 17:08
| #4 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-FundZitat:
 Zitat:
Kurzum: Ich weiß überhaupt nicht was du da für eine Datei meinst
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.01.2012, 20:32
| #5 | |
| | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund Also, da da wohl offensichtlich noch etwas Klärungsbedarf herrscht: Unter C:\ (genau im Root eben) war eine versteckte Datei namens "service.log". Weil sie mir spanisch vorkam, da die meisten Dienste ja dann doch eher unter ".../System32/..." liegen, hatte ich die Datei einfach mal per Avast!-Sandbox mit dem Editor geöffnet. Was zu Tage kam waren 5 Zeilen Batch, welche einige meiner Ports für eingehenden Datenverkehr sperrten und an dessen Ende er sich noch per Kommentar "bedankt": Zitat:
Der hohe ausgehende Datenverkehr wäre somit auch erklärt, der Kerl hatte wohl grade entweder ge-DDoS-ed, oder munter fröhlich Spam versandt. P.S: Die 1. Neuinstallation von Windows ist natürlich nachdem ich die Platte vollständig formatiert hatte erfolgt. Blöd bin ich nicht  Aber normale Formatierung hat eben nicht gereicht, darum hab ich halt zum Holzhammer namens "Seagate SeaTools for DOS" gegriffen und meinen beiden HDDs nen neuen "Haar"schnitt verpasst |
|
02.01.2012, 21:36
| #6 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-FundZitat:
Zitat:
Zitat:
 Code:
ATTFilter sudo dd if=/dev/zero of=/dev/sda count=1 bs=512
__________________ --> Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund |
|
02.01.2012, 22:35
| #7 | |||
| | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-FundZitat:
unbedarftere User nehmen die gerne für bare Münze. Zitat:
Den LLF hats auf jeden Fall nicht überlebt Zitat:
"Ein Pfennigbaum ist auch ein Kaktus, da alle Kakteen Sukkulenten sind und Pfennigbäume auch sukkulent leben." <- Ich hoffe die Metapher ist nicht zu abstrakt, was ich damit sagen möchte, ist, dass du einen Zero Fill von Linux nicht mit einem Low Level Format vom HDD-Hersteller vergleichen kannst, allein schon deswegen weil zwar beide die Platte mit Nullen überschreiben, aber Low Level Format noch zusätzlich die physikalischen Sektoren neu berechnet -> dazu ist die P-List des Herstellers vonnöten, und die kann dir kein noch so tolles HDD-Format-Tool organisieren... Von den LL-Injections der Festplattenhersteller, die sicherstellen wollen, dass auch nur die hauseigene Software für nen LLF verwendbar ist, mal sowieso abgesehen Naja, whatever, beide HDDs sind nun zweifelsfrei sauber, frischer geht nicht^^ Thema kann geclosed werden. |
|
02.01.2012, 23:01
| #8 | |||||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-FundZitat:
Zitat:
Ich hab nirgends geschrieben, dass eine sichere Löschung durch komplettes Überschreiben mit Nullen unsinnig oder gar Zeitverschwendung ist, nur für das Thema Neuinstallation reicht eine Quickformat! Bei einer Neuinstallation geht es nicht um sicheres Löschen von Daten! Zitat:
Zitat:
 Es ist völlig irrelevant ob ich mit Linux die Device-Datei mit Nullen fülle oder es über das Herstellertool mache. Ein "echtes" LLF macht nur der Hersteller ein einziges Mal mit der Platte. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Router wird fast nie gefunden, wenn ja eingeschränkte Konnektivität; KGB-Fund |
| 64-bit, adobe, antivirus, ausgelastet, avast, beim spielen, bho, browser, c:\windows\system32\rundll32.exe, document, error, firefox, format, hacked, helper, internet, launch, league of legends, logfile, netzwerkkonnektivität, plug-in, problem, realtek, refog.keylogger, registry, required, rundll, scan, security, senden, server, software, spielen, starmoney, system, teamspeak, visual studio, webcheck, windows |
Linear-Darstellung
