| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gewisse Internetseiten nicht mehr aufrufbar, Polizei TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.09.2012, 20:27
| #1 |
| |  Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner Ich hatte vor ca nem Monat mal den Polizei Trojaner (Österreichisch) drauf, die Anzeige ging dann jedoch von selbst wieder weg. Danach mit Antivir oder Malwarebytes gescannt und dann blöderweise die Dateien gelöscht -.- Danach alles ganz normal funktioniert wie immer... jedoch seit ein paar Tagen kann ich einige Internetseiten nicht mehr öffnen, andere schon, haben daheim Wlan, wenn ich mich über Handy mit dem Wlan verbinde gehen genau die selben Seiten nicht, wie am Notebook, (auch bei Schwesters PC probiert, da gehts auch nicht). Hab dann Notebook neu aufgesetzt, hatte natürlich keine Recovery gemacht, deshalb von www.unawave.de windows 7 gedownloaded, USB bootfähig gemacht und da rauf kopiert und neu aufgesetzt, vorher natürlich noch schön Daten auf externer festplatte gesichert... das Problem besteht jedoch weiterhin, und da der Trojaner ja mal drauf war, wird er jetzt sicher immer noch oben sein und sich überall auf externen Festplatten und co verteilt haben oder? danke schon jetzt  Das komische ist ja, wenn ich mein Handy anschließe und tethering mache, dann kann ich alle Seiten ganz normal öffnen, kann es sein dass da Router technisch iwas nicht stimmt, habe selbst nichts verändert... haben ne Fixe IP im Internet könnte da der Trojaner iwas blockieren?OTL Logfile: Code:
ATTFilter OTL logfile created on: 20.09.2012 21:09:08 - Run 2 OTL by OldTimer - Version 3.2.64.0 Folder = C:\Users\Sharky\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7,87 Gb Total Physical Memory | 5,60 Gb Available Physical Memory | 71,18% Memory free 15,73 Gb Paging File | 13,25 Gb Available in Paging File | 84,21% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 447,16 Gb Total Space | 404,16 Gb Free Space | 90,38% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 105,14 Gb Free Space | 22,57% Space Free | Partition Type: NTFS Drive F: | 229,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: NB418 | User Name: Sharky | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.09.20 20:09:32 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sharky\Desktop\OTL.exe PRC - [2012.09.07 20:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.07 20:25:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.09.07 20:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.08.02 16:05:36 | 004,750,424 | ---- | M] (MEDIA FOG LTD.) -- C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe PRC - [2011.10.21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2009.09.30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2009.09.30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2009.09.05 16:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe PRC - [2009.09.05 16:17:52 | 003,567,616 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe PRC - [2009.09.05 16:17:40 | 003,358,720 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe PRC - [2009.08.07 05:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ========== Modules (No Company Name) ========== MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.06.15 16:13:16 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\imageformats\qico4.dll MOD - [2012.06.15 14:27:06 | 008,260,608 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtGui4.dll MOD - [2012.06.15 14:13:44 | 000,942,080 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtNetwork4.dll MOD - [2012.06.15 14:12:36 | 000,357,888 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtXml4.dll MOD - [2012.06.15 14:12:28 | 002,290,176 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\QtCore4.dll MOD - [2011.09.27 09:13:00 | 000,223,232 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\sqlite3.dll MOD - [2011.09.27 09:13:00 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\Carambis\Driver Updater\CrashRpt.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.11.11 22:33:44 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.09.19 16:34:28 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.09.07 20:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.07 20:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.08.30 13:05:28 | 000,827,560 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc) SRV - [2012.08.29 16:17:06 | 002,445,880 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon) SRV - [2009.10.02 18:39:44 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2009.09.30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2009.09.30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2009.09.05 16:17:56 | 003,450,368 | ---- | M] (Egis Technology Inc.) [Auto | Running] -- C:\Program Files (x86)\Acer Bio Protection\BASVC.exe -- (IGBASVC) SRV - [2009.08.07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.09.20 18:48:10 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2012.09.20 18:48:10 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2012.09.20 13:21:42 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.09.19 16:22:18 | 000,036,400 | ---- | M] (EgisTec) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor) DRV:64bit: - [2012.09.19 16:05:37 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2012.09.07 20:26:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.09.07 20:26:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.09.07 20:26:05 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011.05.07 17:51:32 | 000,454,232 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant) DRV:64bit: - [2009.11.12 00:31:44 | 006,106,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.10.26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.10.02 23:47:38 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2009.09.23 10:25:22 | 000,144,496 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) DRV:64bit: - [2009.09.03 18:15:26 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.08.29 10:15:32 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2009.08.29 10:15:26 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.08.07 18:23:18 | 000,254,000 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.08.07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.02 03:46:58 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt) DRV:64bit: - [2009.06.29 10:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:64bit: - [2009.06.24 18:23:24 | 000,205,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.07 00:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.04.08 06:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV - [2012.08.30 13:05:42 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.puls4.com/home IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google Search" FF - prefs.js..browser.startup.homepage: "https://www.google.at/" FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?hl=de&q=" FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll () 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.09.20 09:07:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.09.20 09:07:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.19 15:52:54 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.19 15:53:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharky\AppData\Roaming\mozilla\Extensions [2012.09.20 19:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sharky\AppData\Roaming\mozilla\Firefox\Profiles\18masadl.default\extensions [2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Sharky\AppData\Roaming\mozilla\firefox\profiles\18masadl.default\searchplugins\icqplugin.gif [2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Sharky\AppData\Roaming\mozilla\firefox\profiles\18masadl.default\searchplugins\icqplugin.src [2011.03.30 15:14:34 | 000,001,042 | ---- | M] () -- C:\Users\Sharky\AppData\Roaming\mozilla\firefox\profiles\18masadl.default\searchplugins\icqplugin.xml [2012.09.19 15:52:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [ISW] File not found O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [VitaKeyPdtWzd] C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe (Egis Technology Inc.) O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [Driver Updater] C:\Program Files (x86)\Carambis\Driver Updater\dupdater.exe (MEDIA FOG LTD.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra 'Tools' menuitem : Quick-Launch Area - {10954C80-4F0F-11d3-B17C-00C0DFE39736} - C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe (Egis Technology Inc.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{212193D5-D5C9-4574-81A9-BC21DBC92CC9}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D497DD46-2EF7-496A-B174-9BD135157C50}: DhcpNameServer = 83.218.160.1 83.218.160.2 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007.01.25 15:50:58 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) - F:\Autorun.exe -- [ CDFS ] O32 - AutoRun File - [2007.01.23 19:55:10 | 000,000,912 | R--- | M] () - F:\autorun.cfg -- [ CDFS ] O32 - AutoRun File - [2007.01.25 11:28:52 | 000,000,075 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{6cc8cdf5-02f8-11e2-bcb7-026133316c51}\Shell - "" = AutoRun O33 - MountPoints2\{6cc8cdf5-02f8-11e2-bcb7-026133316c51}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2007.01.25 15:50:58 | 000,778,240 | R--- | M] (Funatics Studio alpha Ltd. & Co. KG) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.09.20 20:09:46 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Sharky\Desktop\OTL.exe [2012.09.20 19:21:20 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.09.20 19:19:47 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\S2 [2012.09.20 19:19:45 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Documents\S2 [2012.09.20 19:12:07 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012.09.20 19:12:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2012.09.20 19:02:03 | 000,000,000 | ---D | C] -- C:\Sierra [2012.09.20 18:57:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield [2012.09.20 18:56:29 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Ubisoft [2012.09.20 18:48:02 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2012.09.20 18:48:02 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2012.09.20 18:48:02 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2012.09.20 18:48:02 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2012.09.20 18:48:01 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2012.09.20 18:48:01 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2012.09.20 18:48:01 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2012.09.20 18:48:01 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2012.09.20 18:48:00 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2012.09.20 18:48:00 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2012.09.20 18:48:00 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2012.09.20 18:48:00 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2012.09.20 18:48:00 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2012.09.20 18:48:00 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2012.09.20 18:47:59 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2012.09.20 18:47:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2012.09.20 18:47:59 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2012.09.20 18:47:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2012.09.20 18:47:59 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2012.09.20 18:47:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2012.09.20 18:47:51 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2012.09.20 18:47:51 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2012.09.20 18:47:51 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2012.09.20 18:47:51 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2012.09.20 18:47:50 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2012.09.20 18:47:50 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2012.09.20 18:47:49 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2012.09.20 18:47:49 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2012.09.20 18:47:48 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2012.09.20 18:47:48 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2012.09.20 18:47:48 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2012.09.20 18:47:48 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2012.09.20 18:47:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2012.09.20 18:47:47 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2012.09.20 18:47:46 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2012.09.20 18:47:46 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2012.09.20 18:47:46 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2012.09.20 18:47:46 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2012.09.20 18:47:46 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2012.09.20 18:47:46 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2012.09.20 18:47:44 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2012.09.20 18:47:44 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2012.09.20 18:47:44 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2012.09.20 18:47:44 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2012.09.20 18:47:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2012.09.20 18:47:42 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2012.09.20 18:47:41 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2012.09.20 18:47:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2012.09.20 18:47:39 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2012.09.20 18:47:39 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2012.09.20 18:47:39 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2012.09.20 18:47:39 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2012.09.20 18:47:39 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2012.09.20 18:47:39 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2012.09.20 18:47:38 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2012.09.20 18:47:38 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2012.09.20 18:47:36 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2012.09.20 18:47:36 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2012.09.20 18:47:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2012.09.20 18:47:36 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2012.09.20 18:47:35 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2012.09.20 18:47:35 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2012.09.20 18:47:35 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2012.09.20 18:47:35 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2012.09.20 18:47:33 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2012.09.20 18:47:33 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2012.09.20 18:47:33 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2012.09.20 18:47:33 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2012.09.20 18:47:29 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2012.09.20 18:47:29 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2012.09.20 18:47:29 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2012.09.20 18:47:29 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2012.09.20 18:47:28 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2012.09.20 18:47:28 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2012.09.20 18:47:27 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2012.09.20 18:47:27 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2012.09.20 18:47:26 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2012.09.20 18:47:26 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2012.09.20 18:47:26 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2012.09.20 18:47:26 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2012.09.20 18:47:25 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2012.09.20 18:47:25 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2012.09.20 18:47:24 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2012.09.20 18:47:24 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2012.09.20 18:47:24 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2012.09.20 18:47:24 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2012.09.20 18:47:23 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2012.09.20 18:47:23 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2012.09.20 18:47:23 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2012.09.20 18:47:23 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2012.09.20 18:47:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2012.09.20 18:47:22 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2012.09.20 18:47:21 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2012.09.20 18:47:21 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2012.09.20 18:47:19 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2012.09.20 18:47:19 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2012.09.20 18:47:18 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2012.09.20 18:47:18 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2012.09.20 18:47:18 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2012.09.20 18:47:18 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2012.09.20 18:47:17 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2012.09.20 18:47:17 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2012.09.20 18:47:16 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2012.09.20 18:47:16 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2012.09.20 18:47:14 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2012.09.20 18:47:14 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2012.09.20 18:47:14 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2012.09.20 18:47:14 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2012.09.20 18:47:14 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2012.09.20 18:47:14 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2012.09.20 18:47:13 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2012.09.20 18:47:13 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2012.09.20 18:47:13 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2012.09.20 18:47:13 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2012.09.20 18:47:12 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2012.09.20 18:47:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2012.09.20 18:47:12 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2012.09.20 18:47:12 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2012.09.20 18:47:11 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2012.09.20 18:47:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2012.09.20 18:46:51 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2012.09.20 18:46:51 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2012.09.20 18:46:50 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2012.09.20 18:46:50 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2012.09.20 18:46:49 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2012.09.20 18:46:49 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2012.09.20 18:46:35 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2012.09.20 18:46:35 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2012.09.20 18:46:33 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2012.09.20 18:46:33 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2012.09.20 18:46:33 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2012.09.20 18:46:33 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2012.09.20 18:46:33 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2012.09.20 18:46:33 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2012.09.20 18:46:31 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2012.09.20 18:46:31 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2012.09.20 18:46:30 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2012.09.20 18:46:30 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2012.09.20 18:46:29 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2012.09.20 18:46:29 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2012.09.20 18:46:28 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2012.09.20 18:46:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2012.09.20 18:46:27 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2012.09.20 18:46:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2012.09.20 18:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012.09.20 13:28:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.09.20 13:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2012.09.20 13:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2012.09.20 13:27:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2012.09.20 13:26:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.09.20 13:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.09.20 13:25:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2012.09.20 13:24:52 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Microsoft Help [2012.09.20 13:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2012.09.20 13:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012.09.20 13:24:03 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.09.20 13:22:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.09.20 13:21:42 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.09.20 13:21:38 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\DAEMON Tools Lite [2012.09.20 13:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.09.20 13:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.09.20 13:19:54 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Desktop\Microsoft.Office.2007.Enterprise.German.iSO-HS [2012.09.20 12:21:47 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Documents\Meine empfangenen Dateien [2012.09.20 12:17:05 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software [2012.09.20 11:47:08 | 062,164,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2012.09.20 11:17:00 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Tracing [2012.09.20 11:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2012.09.20 11:16:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012.09.20 11:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2012.09.20 11:15:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012.09.20 11:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012.09.20 11:15:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.09.20 11:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.09.20 11:04:14 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\ICQ Search [2012.09.20 11:02:56 | 145,968,464 | ---- | C] (Microsoft Corporation) -- C:\Users\Sharky\Desktop\wlsetup-all_de_2009_14.0.8117.416.exe [2012.09.20 11:02:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar [2012.09.20 11:02:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2012.09.20 11:00:33 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Avira [2012.09.20 10:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.20 10:53:06 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.20 10:53:06 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.09.20 10:53:06 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.09.20 10:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.20 10:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.09.20 10:51:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.09.20 10:42:25 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Macromedia [2012.09.20 10:42:25 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Adobe [2012.09.20 09:14:42 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Malwarebytes [2012.09.20 09:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.09.20 09:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.20 09:13:55 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.20 09:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.09.20 09:07:42 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Documents\ForceField Shared Files [2012.09.20 09:07:39 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\CheckPoint [2012.09.20 09:07:28 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint [2012.09.20 09:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point [2012.09.20 09:06:22 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys [2012.09.20 09:04:38 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Diagnostics [2012.09.20 09:02:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint [2012.09.20 09:02:44 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2012.09.20 08:57:09 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\adaware [2012.09.20 08:57:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2012.09.20 08:56:50 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Downloaded Installations [2012.09.19 17:03:43 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll [2012.09.19 17:03:42 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll [2012.09.19 17:03:40 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2012.09.19 17:03:40 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2012.09.19 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\ATI [2012.09.19 16:59:45 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\ATI [2012.09.19 16:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.09.19 16:35:29 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2012.09.19 16:35:29 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2012.09.19 16:35:29 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2012.09.19 16:35:14 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2012.09.19 16:35:14 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2012.09.19 16:35:14 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2012.09.19 16:35:05 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2012.09.19 16:35:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2012.09.19 16:34:27 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.19 16:34:27 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.19 16:34:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.09.19 16:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.09.19 16:30:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.09.19 16:29:08 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Broadcom [2012.09.19 16:29:08 | 000,000,000 | ---D | C] -- C:\Users\Sharky\Documents\Bluetooth-Exchange-Ordner [2012.09.19 16:28:27 | 000,132,648 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2012.09.19 16:28:27 | 000,035,104 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2012.09.19 16:28:27 | 000,021,160 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2012.09.19 16:28:26 | 000,098,344 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2012.09.19 16:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM [2012.09.19 16:25:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2012.09.19 16:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.09.19 16:25:16 | 001,604,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2012.09.19 16:25:16 | 001,291,808 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2012.09.19 16:25:16 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2012.09.19 16:25:16 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2012.09.19 16:25:16 | 000,205,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2012.09.19 16:25:16 | 000,058,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2012.09.19 16:25:15 | 001,680,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2012.09.19 16:25:15 | 000,611,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2012.09.19 16:25:15 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2012.09.19 16:25:15 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2012.09.19 16:25:15 | 000,211,376 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2012.09.19 16:25:15 | 000,193,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2012.09.19 16:25:15 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2012.09.19 16:25:15 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2012.09.19 16:25:14 | 001,638,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2012.09.19 16:25:14 | 001,201,184 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2012.09.19 16:25:14 | 000,436,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2012.09.19 16:25:14 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2012.09.19 16:25:14 | 000,320,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2012.09.19 16:25:14 | 000,310,784 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2012.09.19 16:25:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2012.09.19 16:25:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2012.09.19 16:25:14 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2012.09.19 16:25:14 | 000,166,400 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2012.09.19 16:25:14 | 000,108,032 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2012.09.19 16:25:14 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2012.09.19 16:25:14 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2012.09.19 16:25:14 | 000,066,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2012.09.19 16:25:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.09.19 16:25:11 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012.09.19 16:25:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2012.09.19 16:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2012.09.19 16:23:38 | 000,052,264 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btusbflt.sys [2012.09.19 16:23:36 | 000,123,392 | ---- | C] (Egis Technology Inc.) -- C:\Windows\SysNative\VCryptAPI.dll [2012.09.19 16:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [2012.09.19 16:22:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acer Bio Protection [2012.09.19 16:22:26 | 000,566,832 | ---- | C] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll [2012.09.19 16:22:26 | 000,469,552 | ---- | C] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2012.09.19 16:22:18 | 000,036,400 | ---- | C] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2012.09.19 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012.09.19 16:14:33 | 000,070,656 | ---- | C] (ENE TECHNOLOGY INC.) -- C:\Windows\SysNative\drivers\enecir.sys [2012.09.19 16:14:02 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K [2012.09.19 16:13:38 | 000,000,000 | ---D | C] -- C:\Windows\Dell [2012.09.19 16:13:37 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2012.09.19 16:13:37 | 000,098,816 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\Vxdif.dll [2012.09.19 16:13:36 | 000,254,000 | ---- | C] (Alps Electric Co., Ltd.) -- C:\Windows\SysNative\drivers\Apfiltr.sys [2012.09.19 16:12:59 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2012.09.19 16:12:47 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll [2012.09.19 16:12:47 | 000,396,072 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll [2012.09.19 16:12:47 | 000,292,400 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys [2012.09.19 16:12:47 | 000,263,464 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll [2012.09.19 16:12:47 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll [2012.09.19 16:12:47 | 000,205,608 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll [2012.09.19 16:12:47 | 000,169,256 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll [2012.09.19 16:12:47 | 000,147,752 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo4.dll [2012.09.19 16:12:47 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll [2012.09.19 16:12:14 | 000,151,936 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys [2012.09.19 16:11:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.09.19 16:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.09.19 16:08:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.09.19 16:07:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012.09.19 16:07:31 | 017,199,616 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\atio6axx.dll [2012.09.19 16:07:31 | 012,964,352 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysWow64\atioglxx.dll [2012.09.19 16:07:31 | 006,106,624 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys [2012.09.19 16:07:31 | 004,661,760 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll [2012.09.19 16:07:31 | 004,634,112 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll [2012.09.19 16:07:31 | 003,624,448 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll [2012.09.19 16:07:31 | 003,602,432 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll [2012.09.19 16:07:31 | 003,547,136 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll [2012.09.19 16:07:31 | 003,034,624 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll [2012.09.19 16:07:31 | 002,899,456 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll [2012.09.19 16:07:31 | 002,599,424 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll [2012.09.19 16:07:31 | 000,479,232 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll [2012.09.19 16:07:31 | 000,438,784 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2012.09.19 16:07:31 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll [2012.09.19 16:07:31 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll [2012.09.19 16:07:31 | 000,302,592 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll [2012.09.19 16:07:31 | 000,208,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll [2012.09.19 16:07:31 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2012.09.19 16:07:31 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2012.09.19 16:07:31 | 000,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atibtmon.exe [2012.09.19 16:07:31 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll [2012.09.19 16:07:31 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll [2012.09.19 16:07:31 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll [2012.09.19 16:07:31 | 000,053,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll [2012.09.19 16:07:31 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll [2012.09.19 16:07:31 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll [2012.09.19 16:07:31 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll [2012.09.19 16:07:31 | 000,052,224 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll [2012.09.19 16:07:31 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll [2012.09.19 16:07:31 | 000,043,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll [2012.09.19 16:07:31 | 000,039,936 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll [2012.09.19 16:07:31 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2012.09.19 16:07:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.09.19 16:07:23 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.09.19 16:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012.09.19 16:05:51 | 003,888,128 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll [2012.09.19 16:05:51 | 003,552,768 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2012.09.19 16:05:51 | 000,095,472 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2012.09.19 16:05:50 | 002,978,296 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2012.09.19 16:01:43 | 001,537,024 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys [2012.09.19 16:01:43 | 000,000,000 | ---D | C] -- C:\Windows\Options [2012.09.19 16:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros [2012.09.19 16:00:59 | 000,000,000 | ---D | C] -- C:\temp [2012.09.19 16:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros [2012.09.19 16:00:55 | 000,000,000 | ---D | C] -- C:\Program Files\Broadcom [2012.09.19 15:58:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager [2012.09.19 15:58:22 | 000,408,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys [2012.09.19 15:58:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.09.19 15:58:20 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\InstallShield [2012.09.19 15:53:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012.09.19 15:53:43 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2012.09.19 15:53:03 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Mozilla [2012.09.19 15:53:03 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Mozilla [2012.09.19 15:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.09.19 15:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.19 15:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.09.19 15:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JMicron [2012.09.19 15:48:47 | 000,144,496 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\SysNative\drivers\jmcr.sys [2012.09.19 15:48:47 | 000,110,080 | ---- | C] (JMicron Technology Corporation) -- C:\Windows\SysNative\jmcricon.dll [2012.09.19 15:46:55 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.09.19 15:46:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012.09.19 15:46:50 | 000,000,000 | ---D | C] -- C:\Intel [2012.09.19 15:37:49 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\TempDIR [2012.09.19 15:32:02 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Carambis [2012.09.19 15:31:13 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\WinRAR [2012.09.19 15:31:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.09.19 15:31:00 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.09.19 15:30:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.09.19 15:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis [2012.09.19 15:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Carambis [2012.09.19 15:29:06 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.09.19 15:24:52 | 000,000,000 | R--D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.09.19 15:24:52 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Searches [2012.09.19 15:24:52 | 000,000,000 | R--D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.09.19 15:24:40 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Identities [2012.09.19 15:24:37 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Contacts [2012.09.19 15:24:36 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\VirtualStore [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Vorlagen [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\AppData\Local\Verlauf [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\AppData\Local\Temporary Internet Files [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Startmenü [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\SendTo [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Recent [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Netzwerkumgebung [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Lokale Einstellungen [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Documents\Eigene Videos [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Documents\Eigene Musik [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Eigene Dateien [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Documents\Eigene Bilder [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Druckumgebung [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Cookies [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\AppData\Local\Anwendungsdaten [2012.09.19 15:24:24 | 000,000,000 | -HSD | C] -- C:\Users\Sharky\Anwendungsdaten [2012.09.19 15:24:23 | 000,000,000 | --SD | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Videos [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Saved Games [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Pictures [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Music [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Links [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Favorites [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Downloads [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Documents [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\Desktop [2012.09.19 15:24:23 | 000,000,000 | R--D | C] -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.09.19 15:24:23 | 000,000,000 | -H-D | C] -- C:\Users\Sharky\AppData [2012.09.19 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Temp [2012.09.19 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Local\Microsoft [2012.09.19 15:24:23 | 000,000,000 | ---D | C] -- C:\Users\Sharky\AppData\Roaming\Media Center Programs [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Programme [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.09.19 15:24:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.09.19 15:16:35 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.09.19 15:14:10 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.09.19 15:13:43 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Users\Sharky\AppData\Roaming\*.tmp files -> C:\Users\Sharky\AppData\Roaming\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.09.20 21:03:40 | 000,000,168 | ---- | M] () -- C:\Users\Sharky\defogger_reenable [2012.09.20 20:48:21 | 000,050,477 | ---- | M] () -- C:\Users\Sharky\Desktop\Defogger.exe [2012.09.20 20:19:07 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.20 20:09:32 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Sharky\Desktop\OTL.exe [2012.09.20 18:48:50 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.09.20 18:48:50 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.09.20 18:48:50 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.09.20 18:48:50 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.09.20 18:48:50 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.09.20 18:48:10 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2012.09.20 18:48:10 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2012.09.20 18:36:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.09.20 13:22:25 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.09.20 13:21:42 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.09.20 11:40:40 | 000,015,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.09.20 11:40:40 | 000,015,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.09.20 11:14:08 | 145,968,464 | ---- | M] (Microsoft Corporation) -- C:\Users\Sharky\Desktop\wlsetup-all_de_2009_14.0.8117.416.exe [2012.09.20 11:04:14 | 000,000,161 | ---- | M] () -- C:\Users\Public\Desktop\Suche im Internet.url [2012.09.20 10:53:13 | 000,002,070 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.20 09:54:48 | 2039,566,335 | -HS- | M] () -- C:\hiberfil.sys [2012.09.20 09:13:56 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.20 09:11:26 | 000,415,877 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2012.09.20 09:07:23 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2012.09.19 16:58:00 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.09.19 16:34:27 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.09.19 16:34:27 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.09.19 16:28:37 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012.09.19 16:22:26 | 000,566,832 | ---- | M] (EgisTec) -- C:\Windows\SysNative\NBMatS1SDK.dll [2012.09.19 16:22:26 | 000,469,552 | ---- | M] (EgisTec) -- C:\Windows\SysWow64\NBMatS1SDK.dll [2012.09.19 16:22:18 | 000,036,400 | ---- | M] (EgisTec) -- C:\Windows\SysNative\drivers\FPSensor.sys [2012.09.19 16:14:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2012.09.19 16:13:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.09.19 16:06:09 | 000,680,402 | ---- | M] () -- C:\Windows\SysNative\oem12.inf [2012.09.19 16:05:37 | 003,888,128 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvsrv64.dll [2012.09.19 16:05:37 | 003,552,768 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmihvui64.dll [2012.09.19 16:05:37 | 002,978,296 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\BCMWL664.SYS [2012.09.19 16:05:37 | 000,095,472 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\bcmwlcoi.dll [2012.09.19 16:05:37 | 000,006,656 | ---- | M] () -- C:\Windows\SysNative\bcmwlrc.dll [2012.09.19 15:52:55 | 000,001,134 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.09.19 15:38:53 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Driver Updater.lnk [2012.09.19 15:35:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.09.19 15:32:02 | 000,005,115 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe [2012.09.19 15:18:36 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.09.19 15:17:18 | 000,056,735 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.09.19 15:17:18 | 000,056,735 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.09.19 15:15:49 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.09.07 20:26:05 | 000,132,832 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.07 20:26:05 | 000,098,848 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.09.07 20:26:05 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.08.31 00:12:46 | 062,164,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [1 C:\Users\Sharky\AppData\Roaming\*.tmp files -> C:\Users\Sharky\AppData\Roaming\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.09.20 21:03:40 | 000,000,168 | ---- | C] () -- C:\Users\Sharky\defogger_reenable [2012.09.20 20:49:27 | 000,050,477 | ---- | C] () -- C:\Users\Sharky\Desktop\Defogger.exe [2012.09.20 18:48:10 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2012.09.20 18:48:10 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2012.09.20 13:22:25 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.09.20 11:04:14 | 000,000,161 | ---- | C] () -- C:\Users\Public\Desktop\Suche im Internet.url [2012.09.20 10:53:13 | 000,002,070 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.20 09:13:56 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.20 09:07:42 | 000,415,877 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml [2012.09.20 09:07:23 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk [2012.09.19 16:58:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.09.19 16:34:29 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.09.19 16:28:01 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012.09.19 16:25:21 | 000,214,552 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat [2012.09.19 16:25:21 | 000,001,256 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat [2012.09.19 16:25:21 | 000,000,628 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat [2012.09.19 16:25:21 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat [2012.09.19 16:25:21 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat [2012.09.19 16:25:21 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat [2012.09.19 16:25:21 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat [2012.09.19 16:23:36 | 000,952,683 | ---- | C] () -- C:\Windows\SysNative\VMC3KAPI.dll [2012.09.19 16:14:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2012.09.19 16:13:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.09.19 16:07:31 | 000,402,016 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2012.09.19 16:07:31 | 000,402,016 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2012.09.19 16:07:31 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe [2012.09.19 16:07:31 | 000,195,855 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2012.09.19 16:07:31 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe [2012.09.19 16:07:31 | 000,018,618 | ---- | C] () -- C:\Windows\atiogl.xml [2012.09.19 16:06:15 | 000,680,402 | ---- | C] () -- C:\Windows\SysNative\oem12.inf [2012.09.19 16:05:52 | 000,006,656 | ---- | C] () -- C:\Windows\SysNative\bcmwlrc.dll [2012.09.19 16:01:43 | 000,293,087 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf [2012.09.19 16:01:43 | 000,049,567 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat [2012.09.19 15:52:55 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.19 15:52:55 | 000,001,134 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.09.19 15:38:53 | 000,001,184 | ---- | C] () -- C:\Users\Public\Desktop\Driver Updater.lnk [2012.09.19 15:35:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.09.19 15:32:02 | 000,005,115 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe [2012.09.19 15:24:58 | 000,001,409 | ---- | C] () -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.09.19 15:24:53 | 000,001,443 | ---- | C] () -- C:\Users\Sharky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.09.19 15:17:12 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.09.19 15:17:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.09.19 15:15:49 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.09.19 15:13:43 | 2039,566,335 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini ========== LOP Check ========== [2012.09.19 15:38:40 | 000,000,000 | ---D | M] -- C:\Users\Sharky\AppData\Roaming\Carambis [2012.09.20 09:07:39 | 000,000,000 | ---D | M] -- C:\Users\Sharky\AppData\Roaming\CheckPoint [2012.09.20 13:22:47 | 000,000,000 | ---D | M] -- C:\Users\Sharky\AppData\Roaming\DAEMON Tools Lite [2012.09.20 11:04:14 | 000,000,000 | ---D | M] -- C:\Users\Sharky\AppData\Roaming\ICQ Search [2012.09.20 18:58:26 | 000,000,000 | ---D | M] -- C:\Users\Sharky\AppData\Roaming\Ubisoft ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.09.2012 20:24:54 - Run 1
OTL by OldTimer - Version 3.2.64.0 Folder = C:\Users\Sharky\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
7,87 Gb Total Physical Memory | 5,69 Gb Available Physical Memory | 72,27% Memory free
15,73 Gb Paging File | 13,34 Gb Available in Paging File | 84,81% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447,16 Gb Total Space | 404,16 Gb Free Space | 90,38% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 105,14 Gb Free Space | 22,57% Space Free | Partition Type: NTFS
Drive F: | 229,81 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: NB418 | User Name: Sharky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D23E3C7-0A01-466C-B306-F60A3C83325E}" = lport=139 | protocol=6 | dir=in | app=system |
"{0F0ABE0C-AEC1-42DC-B87D-51288BE1CD27}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1ABA4FA7-225E-4B08-93FD-FBD2E724F0EC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{295E3557-136A-442C-8965-94E6FC2F60D4}" = rport=10243 | protocol=6 | dir=out | app=system |
"{2B0434B4-6C03-4C0A-BDB8-71748965266B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3B2D0940-5AD7-4EB0-B789-FEBB2C6B34D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{48E93EF3-0D1C-4D5A-A360-B748BD6C5A01}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DB1DA45-0766-471C-9C02-B4872D17B5DD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5FC6D316-407B-4B10-8EDB-4BCBFFC4FC32}" = lport=2869 | protocol=6 | dir=in | app=system |
"{673FE76E-26FF-4330-8641-86780CC4B7C3}" = lport=137 | protocol=17 | dir=in | app=system |
"{6740153D-A9D6-4324-93B2-0909002E81D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7B45E69F-31CB-41D8-B7ED-7200675D6C92}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E3A30C7-1238-4A4F-80D2-161EB60273E1}" = lport=445 | protocol=6 | dir=in | app=system |
"{947BBEC1-0F9B-4DD5-81BA-CFBFD9760A0B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9488F639-FDC7-4FE7-9A54-52C5762AE889}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A84D98EA-E779-4AD4-92A3-AE658B84959E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{AD406E80-1161-4C03-A549-B9B583BFE8E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{B1BCDD83-D805-4F9D-B0B7-A4E81D653B98}" = rport=137 | protocol=17 | dir=out | app=system |
"{B3C2A888-3621-40CF-A443-67F28A006527}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D43C1525-8DEE-4CF9-A424-E8405092D856}" = rport=445 | protocol=6 | dir=out | app=system |
"{D477903B-45F3-467F-A43D-277298A5A595}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E87EBB1D-C10B-400C-AB21-68E5E27CBC50}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{EFEE81F2-5942-4632-BC84-0F10F18EC540}" = rport=138 | protocol=17 | dir=out | app=system |
"{F66E349D-4772-4F99-863D-E31BEDC720A9}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B592FE5-9C53-408A-AF12-4CE217619D2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F1508F8-7CFB-4570-93D5-A643B549C22A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{26AD868F-14D9-4F6F-8D15-6D27F580886A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3FD52F1B-0A78-4963-B920-E6C3C606015D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{434F3C8C-40F4-4EB1-B96F-FB35E674627C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{63103A37-C4AE-413B-BEE4-CE0070D2FF36}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{6D6312BD-1D11-4AE2-B465-2698516FF11F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7672BCE8-89DB-4AE3-A0C7-EC40AD46CAF0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7E4B7B50-5BE7-42ED-9A68-99D26AE7F1B3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9379BFD8-B551-4AF0-8149-C1BA8E102F35}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96E9FF7E-890B-4710-8B0A-64367B961751}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9B9FFB0E-36F4-49BA-B550-9DA03BF9AAF4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9D3C5A70-EACF-4743-AC54-3CBCB9B423B7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9F9146A4-2E72-4F59-A205-B24ED812118A}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{A176CC93-D690-4F91-89FA-08D54A6F0169}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B18D7B90-9F5E-42A2-AB2C-3E641B208C68}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8AE7B6C-C143-4209-A01A-2BA12F351F3E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BDA09B6C-B66F-477D-B288-DD1ABCA46160}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C2FFDDDC-462E-43E4-8119-5BAC0C1099CA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C61796EE-043D-4AD8-8D57-C65B3B2F3217}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C75D3922-96D6-4CA1-9F5B-F8115401B50E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E253C7B6-1D83-47E5-8458-B3030C187C7C}" = protocol=6 | dir=out | app=system |
"{E60091F0-5CB4-4496-AC23-11FC88B877F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7CAF15E-4060-4803-BE38-4C04BC910C66}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F95B75BA-69CD-423C-ADBA-77AA55D429A1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{46DBD179-D24A-A447-6645-62493CC11138}" = ATI Catalyst Install Manager
"{8947C7C8-9D0D-DEE2-731D-89BA0A644A47}" = ATI AVIVO64 Codecs
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{97B94038-CA0C-E7B4-AE88-B546981FEAA5}" = ccc-utility64
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042" = ENE CIR Receiver Driver
"3932CA781A7894D20116FDF60F878301800EA8AB" = Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)
"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Broadcom 802.11 Network Adapter" = Broadcom 802.11 Network Adapter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR
"ZoneAlarm LTD Toolbar" = ZoneAlarm LTD Toolbar
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002BE8E6-E6D0-6132-D5A7-64B658F1A71A}" = CCC Help Italian
"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2A3429CF-6DD6-586E-0D0B-9ED221EB5E17}" = CCC Help English
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33013398-9228-42D7-A92A-38CA478F4D57}" = ZoneAlarm Security
"{34A0D249-747E-4D6C-803D-329C120C6B79}" = Catalyst Control Center - Branding
"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404
"{452181AA-2603-8DD4-8D9D-A72FDAB36F57}" = CCC Help Chinese Traditional
"{4B53E9EE-83BA-8140-A557-A4237F393437}" = CCC Help Danish
"{4C89179D-2777-5988-E302-49118D39DE88}" = CCC Help Polish
"{4D9C300B-F96A-4618-4392-33161F46A1CF}" = CCC Help Thai
"{503A899B-81B6-82E1-924A-C6FE58FDE83A}" = CCC Help Finnish
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{57ED6B51-443C-C6B5-CE1B-0412C4C7113D}" = Catalyst Control Center Localization All
"{5DE6F8A4-953C-30C7-2F5E-F486CE51DD1B}" = CCC Help Portuguese
"{625DACC6-B0FA-5BD7-1233-722F25FA4C9F}" = CCC Help Czech
"{62848FBF-E78D-59E1-C073-D508788102C8}" = CCC Help Chinese Standard
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{664D7CF2-36A0-3FAA-6C5C-EF22BE573AFD}" = CCC Help Hungarian
"{6749B472-63E5-49B4-964A-4B76A33BC768}" = ZoneAlarm Firewall
"{70578F65-5F92-DEED-DAC8-87632A1F455C}" = Catalyst Control Center Core Implementation
"{730F81C7-F639-885E-E5DE-CD2603A2F30B}" = CCC Help Dutch
"{7355CD58-2668-FD9C-677D-AC1F504D4C6E}" = CCC Help Turkish
"{79E699D5-AEC9-FD43-5473-1C4A5FA1EDE3}" = ccc-core-static
"{7E1357FE-43E9-4904-1225-27F97CB8AD18}" = CCC Help Korean
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{99B364F5-8051-4118-BFAA-FF466F151748}" = TT1281 Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig
"{A33395A7-51B0-9943-F6B7-760CA5E91D93}" = CCC Help French
"{ABD06DD3-6E99-FC67-8ABE-CD209C390712}" = CCC Help German
"{ADB51AB1-8838-1A26-3950-8F054143FBBE}" = Catalyst Control Center InstallProxy
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B8BA5929-B0C9-BFA9-35F5-69B19A9F447B}" = Catalyst Control Center Graphics Light
"{BB49EE1D-49D9-4195-8761-0195012AF68D}" = Catalyst Control Center Graphics Previews Vista
"{C305418B-308D-7E56-2034-F05725257D6A}" = CCC Help Spanish
"{C5219CF1-0B5F-9BA5-0685-286B91207700}" = CCC Help Russian
"{C5848384-07A0-2707-E3FC-CF32F3EE3226}" = CCC Help Swedish
"{C5D1A05C-92EA-8987-88EC-9EFB4A04D166}" = CCC Help Japanese
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CF59E394-B243-8A9C-0687-E7B711D3BAE7}" = Catalyst Control Center Graphics Full New
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Fingerprint Solution
"{E2962129-715A-4EA7-4AF1-60BAD25EFA22}" = CCC Help Greek
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F656F23B-0293-5ABB-D5B9-54344C72EA92}" = Catalyst Control Center Graphics Full Existing
"{F7F85A7C-CD0D-B40F-FCB6-821D4101C45E}" = CCC Help Norwegian
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Driver Updater" = Carambis Driver Updater
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}" = Acer Bio Protection
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"S2TNG" = Die Siedler II - Die nächste Generation
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.09.2012 06:17:20 | Computer Name = nb418 | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Die Anwendung oder der Dienst "Ad-Aware" konnte nicht neu gestartet
werden.
Error - 20.09.2012 11:53:08 | Computer Name = nb418 | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\Users\Sharky\downloads\SoftonicDownloader_fuer_windows-live-messenger.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 20.09.2012 12:40:54 | Computer Name = nb418 | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Programme\iTunesSetup.exe".
Fehler in Manifest- oder Richtliniendatei "E:\Programme\iTunesSetup.exe" in Zeile
0. Ungültige XML-Syntax.
Error - 20.09.2012 12:41:01 | Computer Name = nb418 | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Programme\iTunesSetup.exe".
Fehler in Manifest- oder Richtliniendatei "E:\Programme\iTunesSetup.exe" in Zeile
0. Ungültige XML-Syntax.
Error - 20.09.2012 13:03:27 | Computer Name = nb418 | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\SoftonicDownloader_fuer_free-youtube-download.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 20.09.2012 13:03:28 | Computer Name = nb418 | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Downloads\SoftonicDownloader_fuer_windows-live-messenger.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Error - 20.09.2012 13:04:48 | Computer Name = nb418 | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "E:\Programme\iTunesSetup.exe".
Fehler in Manifest- oder Richtliniendatei "E:\Programme\iTunesSetup.exe" in Zeile
0. Ungültige XML-Syntax.
Error - 20.09.2012 13:19:30 | Computer Name = nb418 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Cracktro.exe, Version: 0.0.0.0, Zeitstempel:
0x38a66ae8 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdb3b Ausnahmecode: 0xc0000409 Fehleroffset: 0x0007045d ID des fehlerhaften Prozesses:
0x494 Startzeit der fehlerhaften Anwendung: 0x01cd975417f67c5d Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Ubisoft\Funatics\Die Siedler II - Die nächste
Generation\bin\Cracktro.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
563dc0af-0347-11e2-bcb7-026133316c51
Error - 20.09.2012 13:19:38 | Computer Name = nb418 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Cracktro.exe, Version: 0.0.0.0, Zeitstempel:
0x38a66ae8 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
0x4a5bdb3b Ausnahmecode: 0xc0000409 Fehleroffset: 0x0007045d ID des fehlerhaften Prozesses:
0x18d0 Startzeit der fehlerhaften Anwendung: 0x01cd97541ce8d86f Pfad der fehlerhaften
Anwendung: F:\Genesis\Cracktro.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
5ae18f58-0347-11e2-bcb7-026133316c51
Error - 20.09.2012 13:37:07 | Computer Name = nb418 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ICQ7.exe, Version: 14.0.0.162, Zeitstempel:
0x4626b2f4 Name des fehlerhaften Moduls: MoveIt.dll_unloaded, Version: 0.0.0.0,
Zeitstempel: 0x4fa119ef Ausnahmecode: 0xc0000005 Fehleroffset: 0x6ae1cfde ID des fehlerhaften
Prozesses: 0x175c Startzeit der fehlerhaften Anwendung: 0x01cd975675139eed Pfad der
fehlerhaften Anwendung: C:\Users\Sharky\AppData\Local\Temp\{F6676389-957E-47B4-87AA-124AAA151540}\ICQ7.exe
Pfad
des fehlerhaften Moduls: MoveIt.dll Berichtskennung: cbd5e50b-0349-11e2-bcb7-026133316c51
[ System Events ]
Error - 20.09.2012 03:07:49 | Computer Name = nb418 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "TrueVector Internet Monitor" ist als interaktiver Dienst
gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error - 20.09.2012 03:53:48 | Computer Name = nb418 | Source = DCOM | ID = 10010
Description =
Error - 20.09.2012 03:57:15 | Computer Name = nb418 | Source = Service Control Manager | ID = 7022
Description = Der Dienst "GFI VIPRE Antivirus Service" wurde nicht richtig gestartet.
Error - 20.09.2012 04:34:29 | Computer Name = nb418 | Source = Tcpip | ID = 4199
Description = Das System hat einen Adressenkonflikt der IP-Adresse 0.0.0.0 mit dem
Computer mit der Netzwerkhardwareadresse 00-00-00-00-00-00 ermittelt. Netzwerkvorgänge
könnten daher auf diesem System unterbrochen werden.
Error - 20.09.2012 05:05:16 | Computer Name = nb418 | Source = Service Control Manager | ID = 7030
Description = Der Dienst "ICQ Service" ist als interaktiver Dienst gekennzeichnet.
Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
< End of report >
|
|
20.09.2012, 20:33
| #2 |
| /// Malware-holic   | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner hi
__________________mit einfach mal ein paar dateien löschen ist es eben meist nicht getan. öffne avira, verwaltung, quarantäne, poste dort alle fundmeldungen mit pfadangabe. falls dort nichts mehr ist, öffne avira, berichte, poste logs mit funden. avira, ereignisse, poste fundmeldungen. öffne Malwarebytes berichte poste logs mit funden
__________________ |
|
20.09.2012, 20:37
| #3 |
| | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner ich hab ja leider das Notebook neu aufgesetzt -.- wenn ich jetzt mit Malwarebytes durchscanne findets nichts.
__________________ |
|
20.09.2012, 20:39
| #4 |
| /// Malware-holic | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner sorry hatte ich überlesen. bestand das problem mit den nicht funktionirenen seiten gleich nach dem neu aufsetzen?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.09.2012, 20:41
| #5 |
| | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner kein Problem, das Problem bestand schon vorher |
|
20.09.2012, 21:00
| #6 |
| /// Malware-holic | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner wie meinst du vorher, ich wollte ja wissen, ob es gleich nach der formatierung bestand.
__________________ --> Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner |
|
20.09.2012, 21:08
| #7 |
| | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner das problem bestand vor der formatierung und gleich danach auch und jetzt immer noch ^^ |
|
21.09.2012, 16:52
| #8 |
| /// Malware-holic | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner ok wir formatieren noch mal.außerdem solltest du deinen router resetten. 1. Datenrettung:
ich werde außerdem noch weitere punkte dazu posten. 4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
22.09.2012, 18:04
| #9 |
| | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner bin gerade dabei das win 7 image nochmal auf nem sauberen pc runterzuladen... was kann da mit dem router sein, dass der nur gewisse Seiten nicht lädt? ist nämlich nicht nur bei diesem notebook so sondern auch bei dem meiner Schwester, hatte auch Rooter reset gemacht etc ging nichts... dann hab ich beim Firefox probiert einen Proxy einzustellen und jetzt gehen plötzlich wieder alle seiten^^ auch wenn ich mit anderem Internet drin bin (hab noch nen Mobilen Internet Stick für unterwegs) gehen auch alle Seiten ganz normal... kann da was von betreiberseite nicht stimmen oder kann die Malware sich auf eine IP konzentrieren? |
|
24.09.2012, 17:39
| #10 |
| /// Malware-holic | Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner eigendlich nicht. schon mal beim internet anbieter angefragt?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Gewisse Internetseiten nicht mehr aufrufbar, Polizei Trojaner |
| ad-aware, antivir, autorun, avira, bho, dateien gelöscht, error, fehler, festplatte, firefox, flash player, genesis, google, helper, home, install.exe, ip-adresse, logfile, mozilla, neu aufgesetzt, nicht möglich, ntdll.dll, problem, realtek, registry, richtlinie, security, software, svchost.exe, trojaner, usb, windows, windows xp |
Linear-Darstellung
