| |
| |||||||
Log-Analyse und Auswertung: Ständige disconnects, hier logfileWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.11.2012, 09:47
| #1 |
| |  Ständige disconnects, hier logfile Hallo, ich bin wirklich verzweifelt: Habe alle 10 Minuten kurze disconnects...innerhalb von einer Minute verbindet sich das Internet automatisch wieder. Es muss an irgendetwas am PC liegen, auf dem anderen passiert das nicht. Habe Antivir drauf, der findet keinen Virus/Trojaner. Ich hoffe ihr könnt mir helfen. Hier das Logfile: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:41:19, on 06.11.2012 Platform: Unknown Windows (WinNT 6.01.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Thunder Master\THPanel.exe C:\Windows\System32\StikyNot.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe C:\Users\Anna Yeliz\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" O4 - HKLM\..\Run: [STCAgent] "C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe" O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [THPanel] "C:\Program Files\Thunder Master\THPanel.exe" /A O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O15 - Trusted Zone: *.clonewarsadventures.com O15 - Trusted Zone: *.freerealms.com O15 - Trusted Zone: *.soe.com O15 - Trusted Zone: *.sony.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Browser-Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Connect\BackService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- End of file - 9751 bytes Liebe  Grüße |
|
07.11.2012, 14:18
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Ständige disconnects, hier logfile Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Mach bitte einen CustomScan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ |
|
09.11.2012, 12:50
| #3 |
| | Ständige disconnects, hier logfile Hallo,
__________________vielen lieben Dank für Die Rückmeldung. Ich habe mich ganz an Deine Anleitung gehalten. Ich wäre für eine Analyse sehr dankbar. Liebe Grüße Code:
ATTFilter OTL logfile created on: 09.11.2012 12:33:45 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Anna Yeliz\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,48 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 74,62% Memory free 6,96 Gb Paging File | 5,79 Gb Available in Paging File | 83,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 931,41 Gb Total Space | 833,74 Gb Free Space | 89,51% Space Free | Partition Type: NTFS Drive F: | 4,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive G: | 465,76 Gb Total Space | 351,27 Gb Free Space | 75,42% Space Free | Partition Type: NTFS Computer Name: ANNAYELIZ | User Name: Anna Yeliz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.09 12:32:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anna Yeliz\Downloads\OTL.exe PRC - [2012.10.30 11:59:43 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2012.10.30 11:59:31 | 000,560,416 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe PRC - [2012.10.30 11:59:29 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.10.30 11:59:29 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.10.10 08:38:50 | 001,573,584 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2012.09.19 18:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2012.08.04 21:06:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2012.08.04 19:49:04 | 000,864,104 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe PRC - [2012.08.04 19:48:56 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe PRC - [2012.08.04 12:30:44 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.07.18 15:00:54 | 002,050,416 | ---- | M] (Palit Microsystems Ltd.) -- C:\Programme\Thunder Master\THPanel.exe PRC - [2012.03.15 06:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe PRC - [2012.01.27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe PRC - [2011.12.16 13:08:36 | 001,834,264 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe PRC - [2011.12.16 13:08:34 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2011.12.16 13:08:32 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe PRC - [2011.12.08 15:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\iCLS Client\HeciServer.exe PRC - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.11.15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Programme\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe PRC - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Programme\Splashtop\Splashtop Connect\BackService.exe PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 02:14:41 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\StikyNot.exe PRC - [2009.07.14 02:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2006.10.26 23:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe ========== Modules (No Company Name) ========== MOD - [2012.08.27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.08.27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2009.07.14 09:47:13 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2009.07.14 09:47:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2009.07.14 05:45:49 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6e033d390dc7e9567b6960b0f530cf30\System.Management.ni.dll MOD - [2009.07.14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll MOD - [2009.07.14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll MOD - [2009.07.14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll MOD - [2009.07.14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll MOD - [2009.07.14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll MOD - [2009.07.14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll ========== Services (SafeList) ========== SRV - [2012.10.30 11:59:43 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.10.30 11:59:31 | 000,560,416 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) SRV - [2012.10.30 11:59:29 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.10.27 19:03:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.10.24 14:14:09 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.08.04 21:06:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.08.04 12:30:44 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.03.15 06:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Programme\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService) SRV - [2011.12.16 13:08:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2011.12.16 13:08:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2011.12.08 15:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.08.30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS) SRV - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Programme\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService) SRV - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv) SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2006.10.26 23:47:54 | 000,065,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service) SRV - [2006.10.26 18:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - [2012.10.30 11:59:45 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2012.10.14 06:37:54 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV - [2012.10.13 20:12:33 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv) DRV - [2012.10.13 20:12:23 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv) DRV - [2012.09.24 08:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2012.09.13 09:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2012.08.27 14:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2012.08.11 08:49:42 | 000,024,880 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135) DRV - [2012.08.04 21:06:00 | 010,787,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2012.01.27 10:39:34 | 000,791,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc) DRV - [2012.01.27 10:39:34 | 000,348,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub) DRV - [2012.01.27 10:39:34 | 000,013,592 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs) DRV - [2011.11.09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI) DRV - [2011.11.02 09:48:36 | 000,019,056 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger) DRV - [2011.01.31 16:03:44 | 000,734,824 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WNA1000M.sys -- (RTL8192cu) DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.com/ IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 FF EC 45 66 A9 CD 01 [binary data] IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Programme\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.) IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\SearchScopes\{331ACA89-9940-4ef4-B3CE-8C96898FB6B3}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\SearchScopes\{C5911FD8-01BB-43AA-B5B4-E90E0B7153F1}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=40200155-0d65-4fbc-9fe7-96a09f477678&apn_sauid=7167EB16-A90B-42B7-A36E-E5A3EB295486 IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\SearchScopes\{E2F16FFC-9356-4e60-A236-C04D2D6068DB}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:splashtopconnect IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 FF EC 45 66 A9 CD 01 [binary data] IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Programme\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.) IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..\SearchScopes\{331ACA89-9940-4ef4-B3CE-8C96898FB6B3}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..\SearchScopes\{E2F16FFC-9356-4e60-A236-C04D2D6068DB}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms} IE - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} [2012.10.13 19:56:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}: C:\Program Files\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} [2012.10.13 19:56:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.27 19:03:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.27 19:03:17 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.27 19:03:15 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.27 19:03:17 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.11 03:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 03:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.11 03:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 03:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 03:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 03:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Programme\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IMSS] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.) O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.) O4 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000..\Run: [THPanel] C:\Program Files\Thunder Master\THPanel.exe (Palit Microsystems Ltd.) O4 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001..\Run: [THPanel] C:\Program Files\Thunder Master\THPanel.exe (Palit Microsystems Ltd.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites) O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in ) O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in ) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1000\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-3638105372-379373305-3450886275-1001\..Trusted Domains: sony.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{67393528-2D0D-4A0E-9D28-9D6AC38FF7C9}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CFE51DBD-DB30-4358-92ED-182EEDC412E2}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2010.04.20 21:37:17 | 000,054,544 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2010.03.27 05:03:00 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2011.06.15 08:58:33 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ] O32 - Unable to obtain root file information for disk G:\ O33 - MountPoints2\{61d8bd8e-1552-11e2-970f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{61d8bd8e-1552-11e2-970f-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe O33 - MountPoints2\{d41202d4-156d-11e2-b4bf-902b3460085b}\Shell - "" = AutoRun O33 - MountPoints2\{d41202d4-156d-11e2-b4bf-902b3460085b}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2010.04.20 21:37:17 | 000,054,544 | R--- | M] (Electronic Arts) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig - StartUpFolder: C:^Users^Anna Yeliz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^T-Online Messenger.lnk - C:\T-Online\Messenger\TOM.exe - (MessageVine.com) MsConfig - StartUpReg: IAStorIcon - hkey= - key= - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) MsConfig - StartUpReg: nosvwfzosqeqrqw - hkey= - key= - File not found MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation) MsConfig - StartUpReg: SweetIM - hkey= - key= - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) MsConfig - StartUpReg: Sweetpacks Communicator - hkey= - key= - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) MsConfig - State: "startup" - 2 NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: NTDS - File not found SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: NTDS - File not found SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com) Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.11.07 11:04:14 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\Desktop\Bewerbungen Regie [2012.10.31 13:26:54 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Apple Computer [2012.10.31 13:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.10.31 13:26:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2012.10.31 13:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.10.31 13:25:01 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.10.31 13:25:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2012.10.31 13:25:01 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2012.10.31 13:22:10 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Apple [2012.10.31 13:22:09 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update [2012.10.31 13:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2012.10.31 13:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2012.10.31 13:21:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2012.10.31 11:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache [2012.10.28 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\Documents\Bücherei [2012.10.28 17:09:39 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cimaware OfficeFIX 6 [2012.10.28 17:09:39 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Cimaware [2012.10.28 17:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kernel for Word Evaluation Ver [2012.10.28 17:04:23 | 000,000,000 | ---D | C] -- C:\Program Files\Kernel for Word Evaluation Ver [2012.10.27 19:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012.10.25 14:03:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2 [2012.10.25 14:03:14 | 000,000,000 | ---D | C] -- C:\Program Files\Guild Wars 2 [2012.10.25 14:02:48 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\Documents\Guild Wars 2 [2012.10.24 18:54:52 | 000,000,000 | ---D | C] -- C:\Windows\pss [2012.10.24 16:32:20 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\T-Online 4.0 [2012.10.24 16:32:19 | 001,056,768 | ---- | C] (eHelp Corporation.) -- C:\Windows\System32\Roboex32.dll [2012.10.24 16:32:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\fun communications [2012.10.24 16:32:03 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\OLE2.DLL [2012.10.24 16:32:03 | 000,219,648 | ---- | C] (Borland International) -- C:\Windows\System\BC450RTL.DLL [2012.10.24 16:32:03 | 000,177,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\TYPELIB.DLL [2012.10.24 16:32:03 | 000,164,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\OLE2DISP.DLL [2012.10.24 16:32:03 | 000,150,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\OLE2NLS.DLL [2012.10.24 16:32:03 | 000,146,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\MFCOLEUI.DLL [2012.10.24 16:32:03 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\COMPOBJ.DLL [2012.10.24 16:32:03 | 000,057,856 | ---- | C] (FUN Kommunikationssysteme GmbH Karlsruhe) -- C:\Windows\System\TRUN32I.EXE [2012.10.24 16:32:03 | 000,057,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\OLE2CONV.DLL [2012.10.24 16:32:03 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\OLE2PROX.DLL [2012.10.24 16:32:03 | 000,027,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\CTL3DV2.DLL [2012.10.24 16:32:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Online 4.0 [2012.10.24 16:31:20 | 000,000,000 | ---D | C] -- C:\T-Online [2012.10.24 16:31:20 | 000,000,000 | ---D | C] -- \T-Online [2012.10.24 14:15:16 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2012.10.24 14:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.10.24 14:12:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.10.24 14:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2012.10.22 15:24:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer [2012.10.22 15:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\Tracker Software [2012.10.21 14:02:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.21 14:02:44 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\DoNotTrackPlus [2012.10.21 14:02:42 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\AskToolbar [2012.10.19 23:44:56 | 000,114,176 | ---- | C] (CPUID) -- C:\Windows\System32\PCWizard.cpl [2012.10.19 23:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [2012.10.19 23:44:56 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID [2012.10.18 17:05:12 | 000,000,000 | ---D | C] -- C:\ProgramData\sdoveatwsxzlcov [2012.10.18 10:11:37 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Ibibi_HB [2012.10.18 10:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TSR Workshop [2012.10.18 10:11:24 | 000,000,000 | ---D | C] -- C:\Program Files\The Sims Resource [2012.10.16 09:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2012.10.16 09:24:48 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll [2012.10.16 09:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2012.10.16 09:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2012.10.16 09:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012.10.16 09:22:22 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.10.16 09:22:22 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2012.10.16 09:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8 [2012.10.16 09:19:54 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Microsoft Help [2012.10.16 09:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2012.10.16 09:19:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2012.10.16 09:19:30 | 000,000,000 | RH-D | C] -- C:\MSOCache [2012.10.16 09:19:30 | 000,000,000 | RH-D | C] -- \MSOCache [2012.10.15 10:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2012.10.15 10:08:55 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM [2012.10.15 10:08:55 | 000,000,000 | ---D | C] -- C:\Program Files\SweetIM [2012.10.14 23:51:22 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\Documents\Updater5 [2012.10.14 18:45:41 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steamless Portal Pack [2012.10.14 18:35:15 | 000,000,000 | ---D | C] -- C:\Program Files\Steamless Portal Pack [2012.10.14 17:58:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disney Interactive [2012.10.14 17:57:49 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax [2012.10.14 17:57:49 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.dll [2012.10.14 17:57:48 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\strmdll.dll [2012.10.14 17:57:48 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.dll [2012.10.14 17:57:48 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.exe [2012.10.14 17:57:46 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll [2012.10.14 17:57:46 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll [2012.10.14 17:57:46 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv [2012.10.14 17:57:45 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2012.10.14 17:57:45 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2012.10.14 17:57:45 | 000,000,000 | ---D | C] -- C:\Programm Dateien [2012.10.14 17:57:45 | 000,000,000 | ---D | C] -- \Programm Dateien [2012.10.14 17:57:27 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe [2012.10.14 16:07:25 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\Documents\Electronic Arts [2012.10.14 16:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2012.10.14 16:04:31 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2012.10.14 08:27:05 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.10.14 07:48:23 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\SCE [2012.10.14 07:48:23 | 000,000,000 | ---D | C] -- C:\Crash [2012.10.14 07:48:23 | 000,000,000 | ---D | C] -- \Crash [2012.10.14 07:47:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2012.10.14 06:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.10.14 06:37:54 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.10.14 06:37:52 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite [2012.10.14 06:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.10.14 06:36:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.14 06:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.10.14 06:36:47 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.14 06:36:46 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.14 06:36:46 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.14 06:36:38 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.14 06:36:38 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.14 06:36:38 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.14 06:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.10.13 21:08:17 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.13 21:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.10.13 21:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.10.13 20:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.13 20:48:58 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2012.10.13 20:48:47 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.10.13 20:48:46 | 000,133,824 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.10.13 20:48:46 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.10.13 20:48:46 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.10.13 20:48:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.13 20:48:46 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.10.13 20:45:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.10.13 20:45:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.10.13 20:45:02 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012.10.13 20:31:22 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2012.10.13 20:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel Corporation [2012.10.13 20:09:11 | 000,017,488 | ---- | C] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys [2012.10.13 20:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE [2012.10.13 20:03:34 | 000,000,000 | ---D | C] -- C:\Program Files\AMD [2012.10.13 20:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE [2012.10.13 20:02:10 | 000,013,592 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iusb3hcs.sys [2012.10.13 20:02:07 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll [2012.10.13 20:02:02 | 000,348,440 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iusb3hub.sys [2012.10.13 20:02:00 | 000,791,832 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iusb3xhc.sys [2012.10.13 20:00:10 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2012.10.13 19:59:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2012.10.13 19:59:28 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2012.10.13 19:59:28 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2012.10.13 19:59:27 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2012.10.13 19:59:27 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2012.10.13 19:59:27 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2012.10.13 19:59:26 | 002,393,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2012.10.13 19:59:25 | 000,617,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2012.10.13 19:59:25 | 000,083,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2012.10.13 19:59:25 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll [2012.10.13 19:59:24 | 003,381,352 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2012.10.13 19:59:22 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2012.10.13 19:59:21 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2012.10.13 19:59:21 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2012.10.13 19:59:21 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2012.10.13 19:59:21 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2012.10.13 19:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.10.13 19:59:20 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2012.10.13 19:59:20 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2012.10.13 19:59:17 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2012.10.13 19:59:17 | 000,681,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll [2012.10.13 19:59:16 | 000,750,680 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll [2012.10.13 19:59:16 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2012.10.13 19:59:16 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2012.10.13 19:59:16 | 000,070,232 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll [2012.10.13 19:59:16 | 000,054,360 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll [2012.10.13 19:59:16 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll [2012.10.13 19:59:08 | 002,189,888 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2012.10.13 19:59:04 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2012.10.13 19:59:04 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2012.10.13 19:59:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2012.10.13 19:59:03 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.10.13 19:59:02 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2012.10.13 19:59:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012.10.13 19:58:27 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll [2012.10.13 19:58:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012.10.13 19:58:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent [2012.10.13 19:58:21 | 000,000,000 | ---D | C] -- C:\Intel [2012.10.13 19:58:21 | 000,000,000 | ---D | C] -- \Intel [2012.10.13 19:58:19 | 000,046,080 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys [2012.10.13 19:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.10.13 19:58:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} [2012.10.13 19:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Splashtop [2012.10.13 19:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Splashtop [2012.10.13 19:45:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2012.10.13 19:30:14 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Macromedia [2012.10.13 19:29:25 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Microsoft Games [2012.10.13 19:17:06 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.13 19:17:06 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.13 19:17:06 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2012.10.13 19:01:05 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2012.10.13 18:57:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.10.13 18:47:37 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Mozilla [2012.10.13 18:47:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.10.13 18:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.10.13 18:40:07 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\ElevatedDiagnostics [2012.10.13 18:30:39 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll [2012.10.13 18:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\ECOLAN [2012.10.13 18:23:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.10.13 18:16:44 | 000,000,000 | ---D | C] -- C:\Program Files\Spiel und Spaß [2012.10.13 18:05:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.13 18:02:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2012.10.13 18:01:45 | 003,963,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2012.10.13 18:01:45 | 002,836,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2012.10.13 18:01:45 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.10.13 18:01:45 | 000,108,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2012.10.13 18:01:45 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.10.13 18:01:22 | 000,000,000 | ---D | C] -- C:\temp [2012.10.13 18:01:22 | 000,000,000 | ---D | C] -- \temp [2012.10.13 18:01:21 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.10.13 18:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.10.13 18:00:52 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.13 18:00:52 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.13 18:00:52 | 015,291,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.10.13 18:00:52 | 012,465,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.13 18:00:52 | 010,787,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.13 18:00:52 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.13 18:00:52 | 006,100,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.13 18:00:52 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.13 18:00:52 | 002,422,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2012.10.13 18:00:52 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.13 18:00:52 | 001,010,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.10.13 18:00:52 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.13 18:00:52 | 000,884,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll [2012.10.13 18:00:52 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll [2012.10.13 18:00:52 | 000,414,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvEncodeAPI.dll [2012.10.13 18:00:52 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll [2012.10.13 18:00:52 | 000,149,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys [2012.10.13 18:00:52 | 000,028,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll [2012.10.13 18:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.10.13 17:59:52 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012.10.13 17:59:52 | 000,000,000 | ---D | C] -- \NVIDIA [2012.10.13 17:59:44 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2012.10.13 17:59:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2012.10.13 17:59:44 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2012.10.13 17:59:44 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2012.10.13 17:59:44 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2012.10.13 17:59:44 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2012.10.13 17:59:44 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2012.10.13 17:59:44 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2012.10.13 17:59:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2012.10.13 17:59:44 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2012.10.13 17:59:43 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2012.10.13 17:59:43 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2012.10.13 17:59:43 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2012.10.13 17:59:43 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2012.10.13 17:59:43 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2012.10.13 17:59:43 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2012.10.13 17:59:43 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2012.10.13 17:59:43 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2012.10.13 17:59:43 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2012.10.13 17:59:43 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2012.10.13 17:59:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2012.10.13 17:59:43 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2012.10.13 17:59:43 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2012.10.13 17:59:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2012.10.13 17:59:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2012.10.13 17:59:43 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2012.10.13 17:59:43 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2012.10.13 17:59:43 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2012.10.13 17:59:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2012.10.13 17:59:43 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2012.10.13 17:59:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2012.10.13 17:59:43 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2012.10.13 17:59:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2012.10.13 17:59:43 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2012.10.13 17:59:43 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2012.10.13 17:59:43 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2012.10.13 17:59:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2012.10.13 17:59:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2012.10.13 17:59:42 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2012.10.13 17:59:42 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2012.10.13 17:59:42 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2012.10.13 17:59:42 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2012.10.13 17:59:42 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2012.10.13 17:59:42 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2012.10.13 17:59:42 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2012.10.13 17:59:42 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2012.10.13 17:59:42 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2012.10.13 17:59:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2012.10.13 17:59:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2012.10.13 17:59:42 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2012.10.13 17:59:42 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2012.10.13 17:59:42 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2012.10.13 17:59:41 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2012.10.13 17:59:41 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2012.10.13 17:59:41 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2012.10.13 17:59:41 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2012.10.13 17:59:41 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2012.10.13 17:59:41 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2012.10.13 17:59:41 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2012.10.13 17:59:41 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2012.10.13 17:59:41 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2012.10.13 17:59:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2012.10.13 17:59:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2012.10.13 17:59:41 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2012.10.13 17:59:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2012.10.13 17:59:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2012.10.13 17:59:41 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2012.10.13 17:59:41 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2012.10.13 17:59:41 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2012.10.13 17:59:41 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2012.10.13 17:59:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2012.10.13 17:59:41 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2012.10.13 17:59:41 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2012.10.13 17:59:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2012.10.13 17:59:41 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2012.10.13 17:59:41 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2012.10.13 17:59:41 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2012.10.13 17:59:41 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2012.10.13 17:59:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2012.10.13 17:59:40 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2012.10.13 17:59:40 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2012.10.13 17:59:40 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2012.10.13 17:59:40 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2012.10.13 17:59:40 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2012.10.13 17:59:40 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2012.10.13 17:59:40 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2012.10.13 17:59:39 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2012.10.13 17:59:39 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2012.10.13 17:59:39 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2012.10.13 17:59:39 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2012.10.13 17:59:39 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2012.10.13 17:58:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunder Master [2012.10.13 17:58:44 | 000,000,000 | ---D | C] -- C:\Program Files\Thunder Master [2012.10.13 17:50:23 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Diagnostics [2012.10.13 17:49:33 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012.10.13 17:49:26 | 000,000,000 | ---D | C] -- C:\Program Files\MonitorDriver [2012.10.13 17:48:49 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Adobe [2012.10.13 17:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.10.13 17:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.10.13 17:48:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.13 17:48:12 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.10.13 17:44:30 | 000,000,000 | ---D | C] -- C:\Samsung [2012.10.13 17:44:30 | 000,000,000 | ---D | C] -- \Samsung [2012.10.13 17:33:37 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.10.13 17:33:37 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Searches [2012.10.13 17:33:37 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.10.13 17:33:29 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Contacts [2012.10.13 17:33:24 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\VirtualStore [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Videos [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Saved Games [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Pictures [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Music [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Links [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Favorites [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Downloads [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Documents [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\Desktop [2012.10.13 17:33:21 | 000,000,000 | R--D | C] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Vorlagen [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\AppData\Local\Verlauf [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\AppData\Local\Temporary Internet Files [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Startmenü [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\SendTo [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Recent [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Netzwerkumgebung [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Lokale Einstellungen [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Documents\Eigene Videos [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Documents\Eigene Musik [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Eigene Dateien [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Documents\Eigene Bilder [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Druckumgebung [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Cookies [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\AppData\Local\Anwendungsdaten [2012.10.13 17:33:21 | 000,000,000 | -HSD | C] -- C:\Users\Anna Yeliz\Anwendungsdaten [2012.10.13 17:33:21 | 000,000,000 | -H-D | C] -- C:\Users\Anna Yeliz\AppData [2012.10.13 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Temp [2012.10.13 17:33:21 | 000,000,000 | ---D | C] -- C:\Users\Anna Yeliz\AppData\Local\Microsoft [2012.10.13 17:31:59 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- \Recovery [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Programme [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- \Programme [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- \Dokumente und Einstellungen [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.10.13 17:30:47 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.10.13 17:24:13 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.10.13 17:24:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.10.13 17:24:00 | 000,000,000 | -HSD | C] -- \System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.09 11:16:27 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.09 11:16:27 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.09 11:16:03 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.11.09 11:16:03 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.11.09 11:16:03 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.11.09 11:16:03 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.11.09 11:11:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.09 11:11:19 | 2802,503,680 | -HS- | M] () -- C:\hiberfil.sys [2012.10.30 11:59:45 | 000,133,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.10.25 14:03:15 | 000,000,902 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2012.10.24 16:34:58 | 000,412,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.24 16:33:22 | 000,002,414 | ---- | M] () -- C:\Windows\tonlinst.ini [2012.10.24 16:33:08 | 000,012,073 | ---- | M] () -- C:\Windows\TOHELP4.ISU [2012.10.24 16:32:05 | 000,095,680 | ---- | M] () -- C:\Windows\TOSO40.ISU [2012.10.24 14:15:16 | 000,000,213 | ---- | M] () -- C:\Users\Anna Yeliz\Desktop\Portal 2.url [2012.10.24 14:12:57 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2012.10.23 11:30:37 | 002,586,446 | ---- | M] () -- C:\Users\Anna Yeliz\Documents\Homöopathischer Fragebogen nach Risch Anna Yeliz Schentke.pdf [2012.10.22 20:59:59 | 002,455,144 | ---- | M] () -- C:\Users\Anna Yeliz\Documents\Homöopathischer Fragebogen nach Risch1.pdf [2012.10.22 15:24:16 | 000,001,171 | ---- | M] () -- C:\Users\Anna Yeliz\Documents\PDF-Viewer.lnk [2012.10.22 12:30:56 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.10.18 17:05:11 | 000,076,347 | ---- | M] () -- C:\ProgramData\xtcqxjblmeuqxnl [2012.10.18 10:47:38 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.17 10:25:30 | 000,064,258 | ---- | M] () -- C:\Users\Anna Yeliz\Documents\SIGHI-Lebensmittelliste_HIT.pdf [2012.10.17 10:25:12 | 000,118,105 | ---- | M] () -- C:\Users\Anna Yeliz\Documents\SIGHI-Merkblatt_histaminarmeErnaehrung.pdf [2012.10.14 17:58:12 | 000,001,169 | ---- | M] () -- C:\Windows\disney.ini [2012.10.14 17:57:45 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll [2012.10.14 17:57:45 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll [2012.10.14 17:57:26 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012.10.14 17:57:26 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012.10.14 06:37:54 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys [2012.10.14 06:36:31 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.14 06:36:31 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.14 06:36:31 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.14 06:36:31 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.14 06:36:31 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.14 06:36:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.13 20:12:33 | 000,024,944 | ---- | M] () -- C:\Windows\System32\drivers\GVTDrv.sys [2012.10.13 20:12:33 | 000,000,004 | ---- | M] () -- C:\Windows\System32\GVTunner.ref [2012.10.13 20:12:23 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) -- C:\Windows\gdrv.sys [2012.10.13 20:02:14 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012.10.13 19:54:48 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini [2012.10.13 19:17:06 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.13 19:17:06 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.13 18:40:38 | 000,001,655 | ---- | M] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_prof [2012.10.13 18:40:38 | 000,000,854 | ---- | M] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_sta [2012.10.13 18:32:56 | 000,001,001 | ---- | M] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_wsc [2012.10.13 17:48:36 | 000,002,049 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2012.10.13 17:48:36 | 000,002,007 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2012.10.13 17:27:55 | 000,057,050 | ---- | M] () -- C:\Windows\System32\license.rtf [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.31 13:22:09 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2012.10.31 11:25:11 | 000,002,569 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk [2012.10.28 17:04:23 | 000,835,584 | ---- | C] () -- C:\Windows\System32\AxImage.ocx [2012.10.25 14:03:15 | 000,000,902 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk [2012.10.24 16:33:06 | 000,012,073 | ---- | C] () -- C:\Windows\TOHELP4.ISU [2012.10.24 16:32:27 | 000,091,648 | ---- | C] () -- C:\Windows\osl364mi.dll [2012.10.24 16:32:27 | 000,000,083 | ---- | C] () -- C:\Windows\uno.ini [2012.10.24 16:32:26 | 000,287,744 | ---- | C] () -- C:\Windows\uno364mi.dll [2012.10.24 16:32:26 | 000,109,568 | ---- | C] () -- C:\Windows\vos364mi.dll [2012.10.24 16:32:03 | 000,157,696 | ---- | C] () -- C:\Windows\System\STORAGE.DLL [2012.10.24 16:32:03 | 000,027,026 | ---- | C] () -- C:\Windows\System\OLE2.REG [2012.10.24 16:31:55 | 000,095,680 | ---- | C] () -- C:\Windows\TOSO40.ISU [2012.10.24 16:31:13 | 000,002,414 | ---- | C] () -- C:\Windows\tonlinst.ini [2012.10.24 14:15:16 | 000,000,213 | ---- | C] () -- C:\Users\Anna Yeliz\Desktop\Portal 2.url [2012.10.24 14:12:57 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2012.10.23 11:30:37 | 002,586,446 | ---- | C] () -- C:\Users\Anna Yeliz\Documents\Homöopathischer Fragebogen nach Risch Anna Yeliz Schentke.pdf [2012.10.22 20:59:59 | 002,455,144 | ---- | C] () -- C:\Users\Anna Yeliz\Documents\Homöopathischer Fragebogen nach Risch1.pdf [2012.10.22 15:24:16 | 000,001,171 | ---- | C] () -- C:\Users\Anna Yeliz\Documents\PDF-Viewer.lnk [2012.10.22 12:30:56 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2012.10.18 17:05:06 | 000,076,347 | ---- | C] () -- C:\ProgramData\xtcqxjblmeuqxnl [2012.10.18 10:47:38 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.10.17 10:25:30 | 000,064,258 | ---- | C] () -- C:\Users\Anna Yeliz\Documents\SIGHI-Lebensmittelliste_HIT.pdf [2012.10.17 10:25:12 | 000,118,105 | ---- | C] () -- C:\Users\Anna Yeliz\Documents\SIGHI-Merkblatt_histaminarmeErnaehrung.pdf [2012.10.15 10:12:19 | 000,001,947 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.10.15 10:12:19 | 000,001,891 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.10.15 10:12:19 | 000,001,870 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.10.14 17:57:46 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll [2012.10.14 17:57:46 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd [2012.10.14 17:57:28 | 000,001,169 | ---- | C] () -- C:\Windows\disney.ini [2012.10.14 17:57:26 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012.10.14 17:57:26 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2012.10.14 17:57:26 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012.10.14 17:57:26 | 000,000,000 | RHS- | C] () -- \IO.SYS [2012.10.14 07:47:53 | 000,002,496 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online Live.lnk [2012.10.13 20:09:19 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys [2012.10.13 20:09:19 | 000,000,004 | ---- | C] () -- C:\Windows\System32\GVTunner.ref [2012.10.13 20:02:24 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe [2012.10.13 20:02:24 | 000,019,056 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys [2012.10.13 20:02:14 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_iusb3hcs_01009.Wdf [2012.10.13 20:00:10 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2012.10.13 19:59:53 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll [2012.10.13 19:59:20 | 000,215,644 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012.10.13 19:56:27 | 000,001,402 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk [2012.10.13 19:54:48 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2012.10.13 18:47:34 | 000,001,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.13 18:35:12 | 000,001,655 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_prof [2012.10.13 18:35:12 | 000,000,854 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_sta [2012.10.13 18:32:56 | 000,001,001 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Local\RT2860_{58C3A407-E2F5-489D-92A6-730F88F03350}_wsc [2012.10.13 18:30:39 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat [2012.10.13 18:01:45 | 003,485,076 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin [2012.10.13 18:00:52 | 000,012,956 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012.10.13 17:48:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk [2012.10.13 17:48:36 | 000,002,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk [2012.10.13 17:48:36 | 000,002,007 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk [2012.10.13 17:33:39 | 000,001,409 | ---- | C] () -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.10.13 17:27:41 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.10.13 17:27:32 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.10.13 17:24:00 | 2802,503,680 | -HS- | C] () -- C:\hiberfil.sys [2012.10.13 17:24:00 | 2802,503,680 | -HS- | C] () -- \hiberfil.sys [2012.08.04 12:31:06 | 000,429,416 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe [2011.12.08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll [2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat [2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys [2007.11.07 07:12:28 | 000,232,960 | ---- | C] () -- \VC_RED.MSI [2007.11.07 07:09:22 | 001,442,522 | ---- | C] () -- \VC_RED.cab [2007.11.07 07:03:18 | 000,562,688 | ---- | C] () -- \install.exe [2007.11.07 07:03:18 | 000,097,296 | ---- | C] () -- \install.res.1036.dll [2007.11.07 07:03:18 | 000,096,272 | ---- | C] () -- \install.res.3082.dll [2007.11.07 07:03:18 | 000,096,272 | ---- | C] () -- \install.res.1031.dll [2007.11.07 07:03:18 | 000,095,248 | ---- | C] () -- \install.res.1040.dll [2007.11.07 07:03:18 | 000,091,152 | ---- | C] () -- \install.res.1033.dll [2007.11.07 07:03:18 | 000,081,424 | ---- | C] () -- \install.res.1041.dll [2007.11.07 07:03:18 | 000,079,888 | ---- | C] () -- \install.res.1042.dll [2007.11.07 07:03:18 | 000,076,304 | ---- | C] () -- \install.res.1028.dll [2007.11.07 07:03:18 | 000,075,792 | ---- | C] () -- \install.res.2052.dll [2007.11.07 07:00:40 | 000,005,686 | ---- | C] () -- \vcredist.bmp [2007.11.07 07:00:40 | 000,001,110 | ---- | C] () -- \globdata.ini [2007.11.07 07:00:40 | 000,000,843 | ---- | C] () -- \install.ini ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.10.31 13:20:11 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012.10.14 07:48:23 | 000,000,000 | ---D | M] -- C:\Crash [2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.10.13 17:30:47 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.10.13 19:58:21 | 000,000,000 | ---D | M] -- C:\Intel [2012.10.16 09:19:30 | 000,000,000 | RH-D | M] -- C:\MSOCache [2012.10.13 17:59:52 | 000,000,000 | ---D | M] -- C:\NVIDIA [2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.10.31 13:25:01 | 000,000,000 | R--D | M] -- C:\Program Files [2012.10.31 13:25:01 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.10.14 17:57:45 | 000,000,000 | ---D | M] -- C:\Programm Dateien [2012.10.13 17:30:47 | 000,000,000 | -HSD | M] -- C:\Programme [2012.10.13 17:30:47 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.10.13 17:44:42 | 000,000,000 | ---D | M] -- C:\Samsung [2012.11.09 12:34:59 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.10.24 16:33:20 | 000,000,000 | ---D | M] -- C:\T-Online [2012.10.13 18:01:22 | 000,000,000 | ---D | M] -- C:\temp [2012.10.13 18:03:36 | 000,000,000 | R--D | M] -- C:\Users [2012.10.24 18:54:52 | 000,000,000 | ---D | M] -- C:\Windows < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.10.13 18:50:45 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Adobe [2012.11.01 09:46:52 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Apple Computer [2012.10.13 20:54:18 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Avira [2012.10.14 16:03:39 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\DAEMON Tools Lite [2012.10.13 17:33:30 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Identities [2012.10.13 17:49:26 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\InstallShield [2012.10.13 20:12:26 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Intel Corporation [2012.10.13 18:50:46 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\LolClient [2012.10.13 18:50:45 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Macromedia [2009.07.14 09:56:41 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Media Center Programs [2012.10.17 09:54:49 | 000,000,000 | --SD | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft [2012.10.13 18:47:43 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Mozilla [2012.10.21 14:02:53 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\MysteryStudio [2012.10.20 12:14:33 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\NVIDIA [2012.11.07 22:35:40 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Skype [2012.10.13 19:58:03 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\Splashtop [2012.10.18 09:39:01 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\The Sims Resource [2012.10.18 10:11:37 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\TSRWorkshop [2012.10.14 06:53:27 | 000,000,000 | ---D | M] -- C:\Users\Anna Yeliz\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2012.10.14 16:06:41 | 000,010,134 | R--- | M] () -- C:\Users\Anna Yeliz\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe < %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles > < %SYSTEMROOT%\System32\config\*.sav > < %SYSTEMROOT%\*. /mp /s > < %SYSTEMROOT%\system32\*.dll /lockedfiles > < > < End of report > |
|
09.11.2012, 19:54
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Ständige disconnects, hier logfileZitat:
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Ständige disconnects, hier logfile |
| adobe, antivir, avg, avira, avira searchfree toolbar, bho, bonjour, browser, browser-schutz, desktop, echtzeit-scanner, explorer, firefox, hijack, hijackthis, internet, internet explorer, logfile, mozilla, nvidia, nvidia update, opera, plug-in, realtek, security, senden, software, sweetpacks, system, usb, usb 3.0, windows |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
