| |
| |||||||
Log-Analyse und Auswertung: Hohe Arbeitsspeicherauslastung des Windows Installer (msiexec.exe) unter Win 8Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.11.2012, 11:03
| #1 |
| |  Hohe Arbeitsspeicherauslastung des Windows Installer (msiexec.exe) unter Win 8 Hallo, ich habe schon gegoogelt und konnte leider keine guten Antworten auf meine Frage finden. Seit zwei Tagen startet auf meinem Rechner ohne Vorwarnung der Windows Installer und nimmt extrem viel Arbeitsspeicher unter Beschlag (90%). Zuerst habe ich gedacht, dass das Ganze mit Steam zusammenhängt, da ich vor zwei Tagen dort ein Spiel gekauft und installiert haben, doch auch nach schließen des Steam Prozesses nach einem Neustart tritt das Problem auf. Screenshot: Logfiles habe ich angehängt. OTL.txt: OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.11.2012 10:25:58 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\BENUTZERNAME_000\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16420) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 3.11 Gb Available Physical Memory | 77.70% Memory free 8.68 Gb Paging File | 6.42 Gb Available in Paging File | 73.95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1396.92 Gb Total Space | 1170.80 Gb Free Space | 83.81% Space Free | Partition Type: NTFS Computer Name: BENUTZERNAME-PC | User Name: BENUTZERNAME | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.11.16 10:24:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BENUTZERNAME_000\Downloads\OTL.exe PRC - [2012.11.09 14:45:42 | 007,227,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.11.05 15:04:26 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.11.05 15:04:26 | 000,711,112 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2012.10.10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe PRC - [2012.09.28 15:27:48 | 001,652,736 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\SLSTaskbar.exe PRC - [2012.09.24 18:06:20 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2012.07.26 04:20:55 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe PRC - [2012.07.20 19:08:04 | 008,186,368 | ---- | M] () -- C:\xampp\mysql\bin\mysqld.exe PRC - [2012.06.14 16:20:22 | 000,109,064 | ---- | M] (Wajam) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe ========== Modules (No Company Name) ========== MOD - [2012.11.05 15:04:26 | 000,997,320 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.11.05 15:04:26 | 000,566,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll MOD - [2012.11.05 15:04:26 | 000,134,600 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll MOD - [2012.10.31 23:15:05 | 000,460,312 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll MOD - [2012.10.31 23:15:04 | 012,455,448 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll MOD - [2012.10.31 23:15:02 | 004,007,448 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll MOD - [2012.10.31 23:13:47 | 000,587,288 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\libglesv2.dll MOD - [2012.10.31 23:13:46 | 000,123,928 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\libegl.dll MOD - [2012.10.31 23:13:35 | 000,156,712 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\avutil-51.dll MOD - [2012.10.31 23:13:34 | 000,274,984 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\avformat-54.dll MOD - [2012.10.31 23:13:32 | 002,168,360 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\avcodec-54.dll MOD - [2012.10.11 17:13:23 | 000,070,144 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll MOD - [2012.10.10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe MOD - [2012.10.10 12:23:16 | 002,068,504 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.09.28 15:43:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2012.09.20 10:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.09.20 07:32:59 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2012.09.20 07:32:58 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2012.09.20 07:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 07:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.09.20 07:30:38 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.07.26 04:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2012.07.26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 04:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 04:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 04:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.07.26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 04:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 04:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.11.05 15:04:26 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0) SRV - [2012.10.28 20:23:48 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012.10.10 12:24:19 | 002,309,656 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager) SRV - [2012.09.24 18:06:20 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2012.09.20 09:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.09.11 17:13:02 | 001,494,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc) SRV - [2012.07.26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.20 19:08:04 | 008,186,368 | ---- | M] () [Disabled | Running] -- C:\xampp\mysql\bin\mysqld.exe -- (mysql) SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.06.14 16:20:22 | 000,109,064 | ---- | M] (Wajam) [Auto | Running] -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe -- (WajamUpdater) SRV - [2012.05.18 19:07:26 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service) SRV - [2012.05.18 18:24:50 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc) SRV - [2012.02.11 07:55:04 | 000,129,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.01.09 20:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.11.12 21:42:45 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.11.02 00:07:02 | 000,208,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa) DRV:64bit: - [2012.10.26 19:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012.10.26 04:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota) DRV:64bit: - [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 03:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.05 03:32:50 | 000,111,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2012.10.02 02:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.09.21 02:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.20 09:31:29 | 000,068,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2012.09.20 08:55:33 | 000,445,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2012.09.20 08:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2012.09.20 08:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 08:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 08:55:30 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.09.20 08:55:29 | 000,028,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.09.20 08:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 08:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.09.20 08:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2012.09.20 08:03:06 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2012.09.20 08:03:03 | 000,055,528 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.09.20 07:09:11 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2012.09.20 07:08:27 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.09.14 02:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2012.08.21 17:56:38 | 000,091,648 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService) DRV:64bit: - [2012.07.26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 06:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2012.07.26 06:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2012.07.26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 05:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2012.07.26 05:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2012.07.26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.07.26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 03:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.07.26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 03:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.07.26 03:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:64bit: - [2012.07.26 03:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2012.07.26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 03:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2012.07.26 03:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2012.07.26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.06.02 15:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2012.05.22 10:53:16 | 000,694,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2011.08.29 21:12:58 | 000,295,272 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\VMM.sys -- (vmm) DRV:64bit: - [2010.01.25 12:24:00 | 000,015,104 | ---- | M] (ROCCAT Development, Inc.) [+] Mouse [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\KovaPlusFltr.sys -- (KovaPlusFltr) DRV:64bit: - [2009.05.06 07:01:12 | 000,015,872 | ---- | M] (ROCCAT Development, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\ArvoFltr.sys -- (ArvoFltr) DRV - [2012.04.09 10:13:58 | 000,057,472 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2) DRV - [2012.03.30 00:47:50 | 000,071,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a22c80cc000000000000485d608abde5 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a22c80cc000000000000485d608abde5 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481020 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EF 37 E6 50 D8 98 CD 01 [binary data] IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110823&tt=120912_pcp_3812_7&babsrc=SP_ss&mntrId=a22c80cc000000000000485d608abde5 IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={DF5BE9D0-A49A-47DA-9DDE-E56DBCEFB6B9}&mid=4aaf39853af347d09dddbd2b2b2561e9-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&pr=fr&d=2012-09-22 22:13:37&v=12.2.5.34&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.5: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: C:\Program Files (x86)\Downloader\npdd.dll (Metaboli) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.5: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll () FF - HKLM\Software\MozillaPlugins\@neoaxisgroup.com/NeoAxisWebPlayer: C:\Program Files (x86)\NeoAxis Web Player\Plugins\npNeoAxisWebPlayer.dll (NeoAxis Group Ltd.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@neoaxisgroup.com/NeoAxisWebPlayer: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\BENUTZERNAME_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\BENUTZERNAME_000\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\BENUTZERNAME_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5 [2012.11.05 15:04:42 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.10 19:41:13 | 000,000,000 | ---D | M] [2012.09.22 21:00:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions ========== Chrome ========== CHR - homepage: hxxp://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a22c80cc000000000000485d608abde5 CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://search.babylon.com/?affID=110823&tt=120912_pcp_3812_7&babsrc=HP_ss&mntrId=a22c80cc000000000000485d608abde5 CHR - plugin: Shockwave Flash (Enabled) = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Google Update (Enabled) = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - Extension: Babylon Toolbar = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\ CHR - Extension: Grooveshark Germany unlocker = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\ CHR - Extension: Grooveshark Germany unlocker = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig CHR - Extension: AdBlock = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\ CHR - Extension: ProxMate - unblock the Internet! = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.1.3_0\ CHR - Extension: Wajam = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\ CHR - Extension: AVG Secure Search = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\ CHR - Extension: AVG Secure Search = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.5_0\.bak CHR - Extension: Battlefield Play4Free = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.80.5_0\ CHR - Extension: Settings Protector = C:\Users\BENUTZERNAME_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\ O1 HOSTS File: ([2012.07.26 06:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation) O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found. O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [ROC_ROC_NT] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk = C:\Users\BENUTZERNAME_000\AppData\Local\GamersFirst\LIVE!\Live.exe (GamersFirst) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation) O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E64F2D1B-2FC0-4648-BDB6-7FC00ADDFF02}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\osf - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll () O20 - AppInit_DLLs: (c:\progra~3\browse~1\22643~1.41\{16cdf~1\browse~1.dll) - File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.16 10:31:45 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.11.14 17:04:59 | 000,000,000 | ---D | C] -- C:\Games [2012.11.14 16:59:34 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\Nexus Mod Manager [2012.11.14 16:59:34 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Black_Tree_Gaming [2012.11.14 16:58:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager [2012.11.14 16:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Nexus Mod Manager [2012.11.13 17:13:10 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Skyrim [2012.11.13 17:11:28 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\My Games [2012.11.12 21:48:28 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\CRE [2012.11.12 21:48:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2012.11.12 21:48:12 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Conduit [2012.11.12 21:48:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo_DE [2012.11.12 21:48:06 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Ashampoo [2012.11.12 21:47:49 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\ashampoo [2012.11.12 21:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo [2012.11.12 21:47:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [2012.11.12 21:47:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo [2012.11.12 21:44:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite [2012.11.12 21:44:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Astroburn Lite [2012.11.12 21:44:26 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Astroburn Lite [2012.11.12 21:44:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Astroburn Lite [2012.11.12 21:42:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.11.12 21:42:45 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.11.12 21:42:40 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\DAEMON Tools Lite [2012.11.12 21:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.11.12 21:19:11 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Temporary Projects [2012.11.12 21:16:47 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\_UpgradeReport_Files [2012.11.12 21:16:36 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\Backup [2012.11.12 21:16:07 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\CustomWindowDemo [2012.11.12 21:16:06 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\CustomWindow [2012.11.09 14:49:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2012.11.06 21:49:05 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\VirtualBox VMs [2012.11.06 21:48:34 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\.VirtualBox [2012.11.06 21:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012.11.06 21:47:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.11.06 21:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012.11.05 15:25:27 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool [2012.11.05 15:24:13 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\e-academy Inc [2012.11.04 15:23:53 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Crosire [2012.11.04 14:53:23 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\WinRAR [2012.11.04 14:44:23 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\dayzserver [2012.11.04 12:36:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.11.04 12:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT [2012.11.04 12:36:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.11.04 12:35:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center [2012.11.02 13:46:07 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Crosire [2012.11.02 00:10:35 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\ArmA 2 OA [2012.11.02 00:07:02 | 000,208,736 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgwfpa.sys [2012.11.01 21:55:19 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\ArmA 2 [2012.11.01 21:55:19 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\ArmA 2 [2012.11.01 21:53:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx [2012.11.01 20:21:55 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.11.01 20:21:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive [2012.11.01 20:08:51 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\DayZCommander [2012.11.01 20:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dotjosh Studios [2012.11.01 20:01:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive [2012.11.01 19:52:36 | 000,000,000 | ---D | C] -- C:\temp [2012.11.01 17:09:37 | 000,000,000 | ---D | C] -- C:\Arma2 [2012.11.01 17:04:47 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Downloader [2012.11.01 17:04:28 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader [2012.11.01 17:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Downloader [2012.11.01 16:26:49 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\GamersFirst LIVE! [2012.11.01 16:26:42 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GamersFirst [2012.11.01 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\GamersFirst [2012.11.01 14:46:20 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\epoch [2012.10.31 15:59:10 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\vlc [2012.10.31 15:59:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.10.31 15:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.10.29 17:43:05 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\OnLearn [2012.10.29 16:46:52 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\MonoDevelop-Unity-2.8 [2012.10.29 16:46:41 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\MonoDevelop-Unity-2.8 [2012.10.29 15:39:24 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Apple Computer [2012.10.29 15:39:24 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Apple Computer [2012.10.29 15:36:36 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\EpochGame [2012.10.29 15:27:34 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Unity [2012.10.29 15:26:49 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\PACE Anti-Piracy [2012.10.29 15:26:49 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\PACE Anti-Piracy [2012.10.29 15:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy [2012.10.29 15:26:13 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\Unity [2012.10.29 15:25:11 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects [2012.10.29 15:25:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity [2012.10.29 15:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unity [2012.10.26 04:17:44 | 000,020,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgboota.sys [2012.10.25 22:08:15 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\Electronic Arts [2012.10.25 22:05:17 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\DAoC Portal [2012.10.25 22:05:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAoCPortal [2012.10.25 22:05:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAoC Portal [2012.10.25 22:02:59 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Electronic Arts [2012.10.25 21:22:21 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2012.10.25 21:22:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2012.10.25 18:13:51 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\NeoAxis Engine Non-Commercial SDK 1.21 [2012.10.25 18:13:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoAxis Engine Non-Commercial SDK 1.21 [2012.10.25 18:11:57 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\NeoAxis [2012.10.25 18:08:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2012.10.25 17:58:45 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\NeoAxis Web Player [2012.10.25 17:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NeoAxis Web Player [2012.10.24 21:32:50 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\CryENGINE_FreeSDK_v3_3_5_Sample_Assets [2012.10.24 21:16:26 | 000,000,000 | ---D | C] -- C:\Program Files\cryengine [2012.10.24 20:21:26 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Apache Friends [2012.10.24 20:21:18 | 000,000,000 | ---D | C] -- C:\xampp [2012.10.24 19:56:02 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\PuTTYPortable [2012.10.23 21:49:57 | 000,000,000 | ---D | C] -- C:\VSPath [2012.10.23 21:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL [2012.10.23 21:49:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MySQL [2012.10.23 21:32:48 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\Test Client Projects [2012.10.23 20:45:43 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\triton [2012.10.23 20:10:14 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\FileZilla [2012.10.23 20:10:00 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\FileZilla-3.5.3 [2012.10.22 21:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Expression [2012.10.22 21:13:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WPF Toolkit [2012.10.22 21:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK [2012.10.22 21:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression [2012.10.22 21:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2012.10.22 21:03:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2012.10.22 21:03:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA [2012.10.22 20:15:12 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Documents\Visual Studio 2010 [2012.10.22 20:15:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express [2012.10.22 20:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 10.0 [2012.10.22 20:11:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 7.1 [2012.10.22 20:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XDE [2012.10.22 20:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0 [2012.10.22 20:09:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [2012.10.22 17:52:13 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.22 13:02:44 | 000,154,464 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys [2012.10.20 06:54:06 | 000,000,000 | -HSD | C] -- C:\found.001 [2012.10.19 17:52:34 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\seite [2012.10.19 17:51:58 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\Desktop\Zimmer.aspx_files [2012.10.19 15:41:27 | 000,000,000 | ---D | C] -- C:\Users\BENUTZERNAME_000\AppData\Local\NuGet [2012.10.19 09:43:42 | 000,000,000 | -HSD | C] -- C:\found.000 [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.16 09:52:18 | 000,001,154 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2198801515-3451817550-3881079996-1001UA.job [2012.11.16 09:33:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.15 21:53:56 | 001,950,946 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.15 21:53:56 | 000,831,016 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.15 21:53:56 | 000,775,658 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.15 21:53:56 | 000,188,906 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.15 21:53:56 | 000,158,882 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.15 21:47:12 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2012.11.15 21:47:11 | 3435,372,544 | -HS- | M] () -- C:\hiberfil.sys [2012.11.15 17:52:01 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2198801515-3451817550-3881079996-1001Core.job [2012.11.14 16:58:59 | 000,000,890 | ---- | M] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk [2012.11.13 15:32:37 | 000,000,219 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Counter-Strike Global Offensive.url [2012.11.13 14:33:49 | 000,282,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2012.11.13 14:33:49 | 000,282,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.11.13 14:33:40 | 000,234,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0 [2012.11.12 21:56:55 | 1848,246,271 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\mydiscimage.iso [2012.11.12 21:48:38 | 000,000,009 | ---- | M] () -- C:\END [2012.11.12 21:47:43 | 000,001,327 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk [2012.11.12 21:44:33 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk [2012.11.12 21:42:54 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.11.12 21:42:45 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.11.12 21:23:03 | 000,037,376 | -H-- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\CustomWindow.v11.suo [2012.11.12 21:16:47 | 000,060,950 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\UpgradeLog.htm [2012.11.12 21:16:47 | 000,024,188 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\UpgradeLog.XML [2012.11.12 21:16:47 | 000,001,428 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\CustomWindow.sln [2012.11.12 08:21:46 | 465,912,810 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.11.10 10:56:03 | 000,002,469 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Google Chrome.lnk [2012.11.09 14:49:09 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk [2012.11.06 21:47:45 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.11.05 21:08:10 | 000,001,410 | ---- | M] () -- C:\Users\Public\Desktop\DayZ Commander.lnk [2012.11.05 15:25:28 | 000,002,504 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Windows 7 USB DVD Download Tool.lnk [2012.11.05 15:24:13 | 000,003,167 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Secure Download Manager.lnk [2012.11.04 15:28:03 | 000,142,192 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat [2012.11.02 13:49:23 | 236,162,332 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Serverfiles.zip [2012.11.02 00:07:02 | 000,208,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgwfpa.sys [2012.11.01 21:49:14 | 009,848,595 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Windows6.0-KB971512-x64.msu [2012.11.01 20:27:17 | 000,001,969 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Downloader.lnk [2012.11.01 16:26:42 | 000,001,179 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012.11.01 16:26:42 | 000,001,149 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\GamersFirst LIVE!.lnk [2012.10.31 15:59:06 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.30 14:35:47 | 000,459,448 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.10.29 15:25:11 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Unity.lnk [2012.10.29 15:17:08 | 000,059,632 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\where stars shine the brightest.ttf [2012.10.29 15:16:27 | 000,871,476 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\a song for jennifer.ttf [2012.10.29 15:16:27 | 000,254,112 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\a song for jennifer bold.ttf [2012.10.26 04:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgboota.sys [2012.10.25 22:05:07 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\DAoCPortal.lnk [2012.10.25 21:22:21 | 000,001,261 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Dark Age of Camelot.lnk [2012.10.25 18:34:27 | 003,145,782 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Documents\a.bmp [2012.10.25 18:09:49 | 001,888,230 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.10.24 20:21:26 | 000,000,614 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\XAMPP Control Panel.lnk [2012.10.24 20:19:16 | 000,000,600 | ---- | M] () -- C:\Users\BENUTZERNAME_000\AppData\Local\PUTTY.RND [2012.10.23 20:23:46 | 000,047,741 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\db128891x1435290.gz [2012.10.23 20:16:22 | 000,002,819 | ---- | M] () -- C:\Users\BENUTZERNAME_000\routing.php [2012.10.23 20:11:36 | 002,860,735 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\WCFSetup.tar.gz [2012.10.23 20:11:36 | 000,019,831 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\install.php [2012.10.23 20:11:36 | 000,002,349 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\test.php [2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys [2012.10.19 17:51:58 | 000,022,977 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Zimmer.aspx.htm [2012.10.19 12:36:43 | 000,153,302 | ---- | M] () -- C:\Users\BENUTZERNAME_000\Desktop\Logo_einfach[1].png [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.14 16:58:59 | 000,000,890 | ---- | C] () -- C:\Users\Public\Desktop\Nexus Mod Manager.lnk [2012.11.13 15:32:37 | 000,000,219 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Counter-Strike Global Offensive.url [2012.11.12 21:49:51 | 1848,246,271 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\mydiscimage.iso [2012.11.12 21:48:37 | 000,000,009 | ---- | C] () -- C:\END [2012.11.12 21:47:43 | 000,001,327 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2012.lnk [2012.11.12 21:44:33 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Astroburn Lite.lnk [2012.11.12 21:42:54 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2012.11.12 21:19:11 | 000,037,376 | -H-- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\CustomWindow.v11.suo [2012.11.12 21:16:47 | 000,060,950 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\UpgradeLog.htm [2012.11.12 21:16:47 | 000,024,188 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\UpgradeLog.XML [2012.11.06 21:47:45 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.11.05 15:25:28 | 000,002,504 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Windows 7 USB DVD Download Tool.lnk [2012.11.04 15:28:03 | 000,142,192 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2012.11.02 13:48:09 | 236,162,332 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Serverfiles.zip [2012.11.01 20:08:12 | 000,001,410 | ---- | C] () -- C:\Users\Public\Desktop\DayZ Commander.lnk [2012.11.01 17:04:42 | 000,001,969 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Downloader.lnk [2012.11.01 16:26:42 | 000,001,179 | ---- | C] () -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk [2012.11.01 16:26:42 | 000,001,149 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\GamersFirst LIVE!.lnk [2012.10.31 15:59:06 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.10.29 15:25:11 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Unity.lnk [2012.10.25 22:05:07 | 000,002,585 | ---- | C] () -- C:\Users\Public\Desktop\DAoCPortal.lnk [2012.10.25 21:22:21 | 000,001,261 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Dark Age of Camelot.lnk [2012.10.25 18:34:26 | 003,145,782 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Documents\a.bmp [2012.10.24 21:44:58 | 000,001,254 | ---- | C] () -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editor.lnk [2012.10.24 20:21:26 | 000,000,614 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\XAMPP Control Panel.lnk [2012.10.24 20:19:16 | 000,000,600 | ---- | C] () -- C:\Users\BENUTZERNAME_000\AppData\Local\PUTTY.RND [2012.10.23 21:39:22 | 001,888,230 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.10.23 20:24:01 | 000,169,715 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\db128891x1435290 [2012.10.23 20:23:45 | 000,047,741 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\db128891x1435290.gz [2012.10.23 20:16:22 | 000,002,819 | ---- | C] () -- C:\Users\BENUTZERNAME_000\routing.php [2012.10.22 17:52:03 | 465,912,810 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.10.19 17:51:57 | 000,022,977 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Zimmer.aspx.htm [2012.10.19 12:36:40 | 000,153,302 | ---- | C] () -- C:\Users\BENUTZERNAME_000\Desktop\Logo_einfach[1].png [2012.10.09 22:31:26 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll [2012.09.23 15:09:50 | 000,282,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.09.23 15:09:43 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.09.22 16:28:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.07.28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2012.11.05 16:52:45 | 000,000,091 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\Net\FTP\L.pm [2012.11.05 16:52:55 | 000,000,459 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\AHex\N.pl [2012.11.05 16:52:55 | 000,004,873 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Alpha\N.pl [2012.11.05 16:52:55 | 000,003,857 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Bc\L.pl [2012.11.05 16:52:55 | 000,000,449 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\BidiC\N.pl [2012.11.05 16:52:55 | 000,001,474 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\BidiM\N.pl [2012.11.05 16:52:55 | 000,001,444 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Cased\N.pl [2012.11.05 16:52:55 | 000,000,421 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Ccc\L.pl [2012.11.05 16:52:55 | 000,000,739 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CE\N.pl [2012.11.05 16:52:55 | 000,003,112 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CI\N.pl [2012.11.05 16:52:55 | 000,001,109 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CompEx\N.pl [2012.11.05 16:52:55 | 000,004,686 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWCF\N.pl [2012.11.05 16:52:55 | 000,001,322 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWCM\N.pl [2012.11.05 16:52:55 | 000,006,298 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWKCF\N.pl [2012.11.05 16:52:55 | 000,004,594 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWL\N.pl [2012.11.05 16:52:55 | 000,004,797 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWT\N.pl [2012.11.05 16:52:55 | 000,004,787 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\CWU\N.pl [2012.11.05 16:52:55 | 000,000,619 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Dash\N.pl [2012.11.05 16:52:55 | 000,000,520 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Dep\N.pl [2012.11.05 16:52:55 | 000,000,583 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\DI\N.pl [2012.11.05 16:52:55 | 000,001,566 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Dia\N.pl [2012.11.05 16:52:55 | 000,002,424 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Ea\N.pl [2012.11.05 16:52:55 | 000,000,629 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Ext\N.pl [2012.11.05 16:52:55 | 000,005,171 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Gc\L.pl [2012.11.05 16:52:55 | 000,001,315 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Gc\N.pl [2012.11.05 16:52:55 | 000,000,437 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\GCB\L.pl [2012.11.05 16:52:55 | 000,006,006 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\GrBase\N.pl [2012.11.05 16:52:55 | 000,002,504 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\GrExt\N.pl [2012.11.05 16:52:55 | 000,000,489 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Hex\N.pl [2012.11.05 16:52:55 | 000,000,529 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Hyphen\N.pl [2012.11.05 16:52:55 | 000,005,176 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\IDC\N.pl [2012.11.05 16:52:55 | 000,000,557 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Ideo\N.pl [2012.11.05 16:52:55 | 000,004,484 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\IDS\N.pl [2012.11.05 16:52:55 | 000,000,449 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\IDSB\N.pl [2012.11.05 16:52:55 | 000,000,439 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\IDST\N.pl [2012.11.05 16:52:56 | 000,000,439 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\JoinC\N.pl [2012.11.05 16:52:56 | 000,002,714 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Jt\U.pl [2012.11.05 16:52:56 | 000,000,476 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\LOE\N.pl [2012.11.05 16:52:56 | 000,005,094 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Lower\N.pl [2012.11.05 16:52:56 | 000,001,431 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Math\N.pl [2012.11.05 16:52:56 | 000,000,631 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\NChar\N.pl [2012.11.05 16:52:56 | 000,002,356 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\NFDQC\N.pl [2012.11.05 16:52:56 | 000,002,693 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\NFKCQC\N.pl [2012.11.05 16:52:56 | 000,003,897 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\NFKDQC\N.pl [2012.11.05 16:52:56 | 000,001,817 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OAlpha\N.pl [2012.11.05 16:52:56 | 000,000,533 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\ODI\N.pl [2012.11.05 16:52:56 | 000,000,593 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OGrExt\N.pl [2012.11.05 16:52:56 | 000,000,469 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OIDC\N.pl [2012.11.05 16:52:56 | 000,000,459 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OIDS\N.pl [2012.11.05 16:52:56 | 000,000,559 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OLower\N.pl [2012.11.05 16:52:56 | 000,001,354 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OMath\N.pl [2012.11.05 16:52:56 | 000,000,449 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\OUpper\N.pl [2012.11.05 16:52:56 | 000,000,691 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\PatSyn\N.pl [2012.11.05 16:52:56 | 000,000,479 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\PatWS\N.pl [2012.11.05 16:52:56 | 000,000,549 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\QMark\N.pl [2012.11.05 16:52:56 | 000,000,456 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Radical\N.pl [2012.11.05 16:52:56 | 000,000,762 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\SD\N.pl [2012.11.05 16:52:56 | 000,000,539 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Space\N.pl [2012.11.05 16:52:56 | 000,000,902 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\STerm\N.pl [2012.11.05 16:52:56 | 000,001,100 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Term\N.pl [2012.11.05 16:52:56 | 000,000,543 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\UIdeo\N.pl [2012.11.05 16:52:56 | 000,005,021 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\Upper\N.pl [2012.11.05 16:52:56 | 000,000,461 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\VS\N.pl [2012.11.05 16:52:56 | 000,005,234 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\XIDC\N.pl [2012.11.05 16:52:56 | 000,004,542 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-2198801515-3451817550-3881079996-1001\$RGC8FMB\perl\lib\unicore\lib\XIDS\N.pl [2012.11.01 20:21:41 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.09.20 07:32:51 | 019,775,488 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.09.20 06:54:47 | 017,559,552 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.09.26 17:26:21 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Acreon [2012.11.12 21:48:09 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Ashampoo [2012.11.12 21:44:26 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Astroburn Lite [2012.09.22 21:16:49 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\AVG2013 [2012.09.22 21:00:41 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Babylon [2012.09.22 21:01:11 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\BabylonToolbar [2012.11.02 13:46:07 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Crosire [2012.11.12 21:43:11 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\DAEMON Tools Lite [2012.10.28 21:14:55 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\DAoC Portal [2012.09.22 17:50:29 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\e-academy Inc [2012.10.25 22:02:59 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Electronic Arts [2012.10.23 21:26:42 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\FileZilla [2012.10.19 10:33:13 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\KompoZer [2012.10.29 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\MonoDevelop-Unity-2.8 [2012.10.10 21:19:15 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Notepad++ [2012.09.22 19:39:20 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\NuGet [2012.10.29 15:27:27 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\PACE Anti-Piracy [2012.09.22 21:13:45 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\TuneUp Software [2012.10.16 15:02:43 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Ubisoft [2012.10.29 15:42:30 | 000,000,000 | ---D | M] -- C:\Users\BENUTZERNAME_000\AppData\Roaming\Unity ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 1185 bytes -> C:\Users\BENUTZERNAME_000\AppData\Local\Temp:3rZ4klmT6wmxlM0VdJbUhxsr < End of report > [/CODE] Mein Betriebssystem ist Windows 8 64-bit. Vielen Dank und viele Grüße, Gilneus Geändert von gilneus (16.11.2012 um 11:27 Uhr) |
|
18.11.2012, 00:27
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Hohe Arbeitsspeicherauslastung des Windows Installer (msiexec.exe) unter Win 8 Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Schon irgendwelche Scans mit anderen Tools gemacht? Log mit Funden da? Siehe => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
| Themen zu Hohe Arbeitsspeicherauslastung des Windows Installer (msiexec.exe) unter Win 8 |
| adblock, avg, avg secure search, avg security toolbar, babylontoolbar, bho, black, browser, browser manager, cid, defender, downloader, excel, firefox, format, frage, ftp, google, helper, homepage, hängt, internet, internet explorer, logfile, msiexec.exe, nexus, performance, problem, realtek, recycle.bin, registry, secure search, security, software, virtualbox, visual studio, vtoolbarupdater, wajam, win 8, windows |
Linear-Darstellung
