| Problem: MSN meldet sich seit einiger zeit automatisch ab Hi ich habe folgendes Problem: Seit einiger Zeit meldet sich mein MSN automatisch ab. Ich bin 5 sec online und werde dann sofort wieder rausgeschmissen. Ich glaube das ein Virus dadrann schult sein könnte weil ich bevor das problem aufgetaucht ist ein paar "zwielichtige" Dateien runtergeladen habe.
Hier mal die Logs:
MBAM: Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4550
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
05.09.2010 18:25:23
mbam-log-2010-09-05 (18-25-23).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133350
Laufzeit: 3 Minute(n), 12 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
| OTL: Zitat:
OTL logfile created on: 05.09.2010 18:31:00 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Anton\Desktop\MFTools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 127,18 Gb Free Space | 54,61% Space Free | Partition Type: NTFS
Drive D: | 66,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANTON-PC
Current User Name: Anton
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan ========== Processes (SafeList) ==========
PRC - [2010.09.05 18:13:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Anton\Desktop\MFTools\OTL.exe
PRC - [2010.09.02 18:32:26 | 002,065,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgtray.exe
PRC - [2010.09.02 18:32:24 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe
PRC - [2010.09.02 18:32:03 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe
PRC - [2010.09.02 18:32:03 | 000,723,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
PRC - [2010.09.02 18:32:02 | 000,842,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgam.exe
PRC - [2010.09.02 18:32:01 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
PRC - [2010.09.02 18:31:49 | 000,596,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe
PRC - [2010.09.02 18:31:48 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010.08.08 22:08:42 | 000,215,104 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2010.08.08 21:45:31 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.06.28 09:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.01.21 22:08:28 | 000,117,800 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSS.exe
PRC - [2010.01.21 22:08:24 | 000,293,928 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\EVGAPrecision.exe
PRC - [2008.12.02 21:34:40 | 000,070,144 | ---- | M] (AlcaTech) -- C:\Windows\SysWOW64\mmrtkrnl.exe ========== Modules (SafeList) ==========
MOD - [2010.09.05 18:13:44 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Anton\Desktop\MFTools\OTL.exe
MOD - [2010.06.30 08:21:47 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
MOD - [2009.11.07 03:57:14 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\EVGA Precision\Bundle\OSDServer\RTSSHooks.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009.07.14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009.07.14 03:16:16 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2009.07.14 03:16:16 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\thumbcache.dll
MOD - [2009.07.14 03:16:15 | 000,363,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\StructuredQuery.dll
MOD - [2009.07.14 03:16:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srvcli.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\slc.dll
MOD - [2009.07.14 03:16:13 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\SearchFolder.dll
MOD - [2009.07.14 03:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\RpcRtRemote.dll
MOD - [2009.07.14 03:16:11 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntshrui.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\EhStorShell.dll
MOD - [2009.07.14 03:15:07 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cscapi.dll
MOD - [2009.07.14 03:14:52 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\actxprxy.dll
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrB.exe -- (PnkBstrB)
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010.08.26 14:40:32 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.07.29 22:27:24 | 002,287,488 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.09.02 22:58:35 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.02 18:32:24 | 002,331,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgfws9.exe -- (avgfws9)
SRV - [2010.09.02 18:32:03 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.09.02 18:32:01 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.09.02 18:31:48 | 005,897,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010.08.26 14:45:00 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.08.26 14:40:24 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.08.08 22:08:42 | 000,215,104 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2010.08.08 21:45:31 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.07.03 18:31:06 | 000,395,048 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.06.28 09:20:30 | 000,173,352 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.06.07 17:05:06 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2009.08.01 23:00:00 | 000,065,536 | ---- | M] (CodeGear) [Auto | Running] -- C:\Program Files (x86)\Embarcadero\RAD Studio\7.0\bin\BSQLServer.exe -- (BlackfishSQL) ========== Driver Services (SafeList) ==========
DRV:64bit: - [2010.09.02 18:33:12 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSwa.sys -- (AVGIDSErHrw7a)
DRV:64bit: - [2010.09.02 18:33:11 | 000,056,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (AvgRkx64)
DRV:64bit: - [2010.09.02 18:33:10 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2010.09.02 18:33:07 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2010.09.02 18:33:06 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2010.09.02 18:31:42 | 000,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2010.07.06 21:10:57 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.02.03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.14 19:16:46 | 001,306,624 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10664.sys -- (USBMULCD)
DRV:64bit: - [2009.05.09 01:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2005.03.29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010.09.02 18:31:50 | 000,132,688 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSDriver.sys -- (AVGIDSDriverw7a)
DRV - [2010.09.02 18:31:49 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN764\AVGIDSFilter.sys -- (AVGIDSFilterw7a)
DRV - [2010.02.24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.01.21 22:08:22 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\EVGA Precision\RTCore64.sys -- (RTCore64)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D2 7D 5A AA CA 1A CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}:2.2
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.845
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: nasanightlaunch@example.com:0.6.20100805
FF - prefs.js..extensions.enabledItems: fzamaan@gmail.com:1.25
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2010.08.17 11:38:21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010.09.02 18:31:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.05 11:03:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.05 11:03:30 | 000,000,000 | ---D | M]
[2010.09.03 23:20:32 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\mozilla\Extensions
[2010.09.05 11:13:10 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\lak0e96z.default\extensions
[2010.08.19 00:42:18 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\lak0e96z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.04 15:47:17 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\lak0e96z.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.09.04 15:43:29 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\lak0e96z.default\extensions\fzamaan@gmail.com
[2010.09.04 15:42:44 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\mozilla\Firefox\Profiles\lak0e96z.default\extensions\nasanightlaunch@example.com
[2010.08.30 14:58:06 | 000,001,574 | ---- | M] () -- C:\Users\Anton\AppData\Roaming\Mozilla\FireFox\Profiles\lak0e96z.default\searchplugins\bing.xml
[2010.09.03 23:22:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.22 22:50:39 | 000,000,865 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activation.guitar-pro.com
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.DLL (C-Media Corporation)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EVGAPrecision] C:\Program Files (x86)\EVGA Precision\EVGAPrecisionWrapper.exe ()
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Realtime Audio Engine] C:\Windows\SysWow64\mmrtkrnl.exe (AlcaTech)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Steam] c:\program files (x86)\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.03.15 17:15:36 | 000,000,038 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{c7b64b1f-86b4-11df-b84d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c7b64b1f-86b4-11df-b84d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2009.07.21 10:25:07 | 000,930,472 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave2 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 90 Days ==========
[2010.09.05 18:20:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.09.05 18:19:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010.09.05 18:14:33 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Malwarebytes
[2010.09.05 18:14:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.05 18:14:23 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.05 18:14:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.05 18:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.05 18:14:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2010.09.05 18:13:08 | 000,000,000 | ---D | C] -- C:\Users\Anton\Desktop\MFTools
[2010.09.05 15:05:09 | 000,000,000 | ---D | C] -- C:\Windows\de
[2010.09.05 14:57:05 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.09.05 11:04:25 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.09.05 11:04:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.09.05 11:04:25 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.09.05 11:03:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.09.04 21:06:52 | 000,000,000 | R-SD | C] -- C:\Users\Anton\Documents\My Stationery
[2010.09.04 19:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.09.04 19:58:14 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.04 08:56:14 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\vlc
[2010.09.03 23:22:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.09.02 21:23:32 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010.09.02 18:33:12 | 000,027,216 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSwa.sys
[2010.09.02 18:33:12 | 000,013,048 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010.09.02 18:33:11 | 000,056,008 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2010.09.02 18:33:10 | 000,317,520 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010.09.02 18:33:07 | 000,269,904 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.09.02 18:33:05 | 000,035,536 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010.09.02 18:33:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\Avg
[2010.09.02 18:31:42 | 000,029,976 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys
[2010.09.02 18:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010.09.02 18:30:29 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010.08.31 17:01:42 | 000,000,000 | ---D | C] -- C:\Users\Anton\Desktop\iPod Photo Cache
[2010.08.28 07:22:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2010.08.25 21:24:09 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\76561198015317694
[2010.08.22 23:14:04 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\aicon
[2010.08.22 22:49:42 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Guitar Pro 6
[2010.08.20 20:04:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Guitar Pro 6
[2010.08.20 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\KLC
[2010.08.20 19:39:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guitar Pro 6
[2010.08.18 20:17:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CB052CFF-327B-4C15-93F6-9526BA789D9F}
[2010.08.18 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.08.17 23:12:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.08.17 14:37:36 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\My Weblog Posts
[2010.08.17 14:37:35 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Windows Live Writer
[2010.08.17 14:37:35 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Windows Live Writer
[2010.08.17 14:32:55 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\My Received Files
[2010.08.17 12:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010.08.17 11:39:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.08.17 11:35:23 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Windows Live
[2010.08.15 19:45:45 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\EA Games
[2010.08.13 17:01:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E160FB76-707C-491F-B8A0-C3220F6D3C1C}
[2010.08.13 17:00:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{55368B49-3888-4F1E-8356-388D0A20BF77}
[2010.08.13 16:58:48 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Embarcadero
[2010.08.13 16:58:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CodeGear Shared
[2010.08.13 16:53:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\{BBD31133-40F8-4B57-9BA6-DB76C03D153B}
[2010.08.12 23:23:10 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\2K Games
[2010.08.12 14:32:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.08.09 21:57:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2D559015-4C05-4AE5-8C8B-7E13E1EAB09D}
[2010.08.09 07:42:38 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\storage
[2010.08.09 02:10:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts
[2010.08.08 22:34:27 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\My Games
[2010.08.08 21:45:20 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\PunkBuster
[2010.08.08 17:47:18 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\StarCraft II
[2010.08.08 17:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.08.08 17:47:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.08.08 02:16:56 | 000,253,952 | ---- | C] (Flo) -- C:\Users\Anton\Desktop\Vista-ShutdownTimer.exe
[2010.08.08 01:04:02 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Xilisoft
[2010.08.08 01:03:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2010.08.04 23:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.04 23:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.08.04 23:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.08.04 23:03:18 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Adobe
[2010.08.04 01:00:20 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\4A Games
[2010.08.04 00:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\METRO 2033
[2010.08.01 20:01:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hobbyist Software
[2010.07.31 21:07:36 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\4A Games
[2010.07.31 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\bizarre creations
[2010.07.14 23:45:44 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\SEGA Corporation
[2010.07.14 23:45:36 | 000,000,000 | ---D | C] -- C:\ProgramData\SEGA Corporation
[2010.07.13 17:49:58 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\NFS Most Wanted
[2010.07.13 13:05:26 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Square Enix
[2010.07.12 14:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2010.07.12 14:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.07.12 10:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunesControl
[2010.07.12 10:47:25 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\iTunesControl
[2010.07.11 18:51:59 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Downloads
[2010.07.11 18:51:57 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\DMCache
[2010.07.11 18:46:03 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\gtk-2.0
[2010.07.11 14:00:16 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Activision
[2010.07.09 20:36:33 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Ubisoft
[2010.07.09 11:38:36 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Tific
[2010.07.09 11:38:33 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Symantec
[2010.07.09 10:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\explauncher
[2010.07.09 10:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\launcher
[2010.07.09 10:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.07.09 10:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paragon Software
[2010.07.09 01:34:13 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2010.07.09 01:34:04 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\TrackMania
[2010.07.08 23:44:47 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\NVIDIA
[2010.07.08 23:33:51 | 000,000,000 | ---D | C] -- C:\Users\Anton\Gitarre
[2010.07.08 20:07:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.07.08 12:08:59 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\DivX
[2010.07.08 12:08:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.07.08 12:08:38 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.07.08 12:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.07.08 12:05:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.07.08 12:05:19 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.07.07 23:21:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2010.07.07 22:53:53 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.07.07 22:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.07.07 22:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.07.07 22:52:09 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.07.07 22:51:17 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.07.07 22:51:17 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.07.07 22:51:08 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.07.07 22:36:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EVGA Precision
[2010.07.07 16:05:36 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Mozilla
[2010.07.07 16:05:36 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Mozilla
[2010.07.07 13:23:42 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\TeamViewer
[2010.07.07 13:23:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.07.06 22:35:08 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Ubisoft
[2010.07.06 22:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.07.06 22:18:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2010.07.06 22:18:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.07.06 21:25:52 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Microsoft Games
[2010.07.06 21:10:25 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
[2010.07.06 21:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.07.06 20:55:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.07.06 20:55:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.07.06 20:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.07.06 17:21:50 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.07.06 16:58:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTML Help Workshop
[2010.07.06 16:49:52 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Visual Studio 2008
[2010.07.06 16:49:51 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Microsoft Help
[2010.07.06 16:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.07.06 12:56:48 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\LogMeIn Hamachi
[2010.07.06 12:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.07.06 12:53:21 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Ascaron Entertainment
[2010.07.06 12:53:12 | 000,000,000 | RH-D | C] -- C:\Users\Anton\AppData\Roaming\SecuROM
[2010.07.05 17:19:01 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\PokerStars.NET
[2010.07.05 17:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET
[2010.07.04 17:46:46 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Meine empfangenen Dateien
[2010.07.04 17:29:34 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Verlauf
[2010.07.04 13:14:56 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\CrashDumps
[2010.07.04 12:15:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\~2
[2010.07.04 11:39:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\~1
[2010.07.04 11:32:01 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\RAD Studio
[2010.07.04 11:05:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6A883631-DE6E-4096-9348-4D606A536BCB}
[2010.07.04 11:05:27 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\CodeGear
[2010.07.04 11:03:32 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\DBPack_Rad_Studio_2010_UP5_Downloads
[2010.07.04 11:03:29 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2563F97A-045F-4E4C-9DB1-D5D26C269882}
[2010.07.04 11:01:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\RAD Studio
[2010.07.04 11:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Embarcadero
[2010.07.04 11:01:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Embarcadero
[2010.07.04 11:01:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Borland Shared
[2010.07.04 10:25:25 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Rad_Studio_2010_UP4_Downloads
[2010.07.04 10:25:10 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
[2010.07.04 09:25:17 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.07.04 09:25:14 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.07.04 09:25:14 | 000,030,016 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.07.04 09:25:14 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.07.04 09:25:13 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.07.04 09:24:54 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\TuneUp Software
[2010.07.04 09:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2010
[2010.07.04 09:24:26 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.07.04 09:24:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.07.03 23:18:49 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\rewire.dll
[2010.07.03 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Image-Line
[2010.07.03 23:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugins
[2010.07.03 23:18:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Outsim
[2010.07.03 23:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2010.07.03 22:44:29 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Diagnostics
[2010.07.03 22:32:34 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\AlcaTech
[2010.07.03 22:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AlcaTech
[2010.07.03 22:13:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.07.03 22:01:41 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Macromedia
[2010.07.03 22:01:41 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Adobe
[2010.07.03 21:59:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.07.03 20:42:13 | 000,000,000 | ---D | C] -- C:\Users\Anton\Documents\Spiele
[2010.07.03 20:42:11 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Gas Powered Games
[2010.07.03 20:20:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Supreme Commander 2
[2010.07.03 20:10:15 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.07.03 20:10:15 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.07.03 20:10:15 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.07.03 20:10:15 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.07.03 20:10:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2010.07.03 20:08:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.07.03 20:08:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.07.03 19:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010.07.03 19:27:19 | 000,360,580 | ---- | C] (eSellerate Inc.) -- C:\Windows\eSellerateEngine.dll
[2010.07.03 19:27:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Album Cover Finder
[2010.07.03 19:20:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.07.03 19:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.07.03 19:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.07.03 19:19:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.07.03 19:19:10 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.07.03 19:19:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.07.03 19:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Messenger Plus! Live
[2010.07.03 19:09:29 | 000,000,000 | ---D | C] -- C:\Users\Anton\Tracing
[2010.07.03 19:05:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.07.03 19:05:09 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.07.03 19:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.07.03 18:45:59 | 008,126,464 | R--- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CM106.dll
[2010.07.03 18:45:58 | 000,200,704 | R--- | C] (C-Media) -- C:\Windows\SysWow64\cmpa106.dll
[2010.07.03 18:45:41 | 001,306,624 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\CM10664.sys
[2010.07.03 18:45:41 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltr106.dll
[2010.07.03 18:44:37 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\skypePM
[2010.07.03 18:44:02 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Skype
[2010.07.03 18:41:13 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.07.03 18:41:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.07.03 18:41:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.07.03 18:37:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.07.03 18:28:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.07.03 18:28:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.07.03 18:19:20 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Apple Computer
[2010.07.03 18:19:20 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Apple Computer
[2010.07.03 18:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.07.03 18:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.07.03 18:18:51 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Apple
[2010.07.03 18:18:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.07.03 18:17:42 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.07.03 18:08:14 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\WinRAR
[2010.07.03 18:08:00 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2010.07.03 18:07:10 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.07.03 18:06:57 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.07.03 18:02:59 | 000,000,000 | R--D | C] -- C:\Users\Anton\Searches
[2010.07.03 18:02:53 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Identities
[2010.07.03 18:02:51 | 000,000,000 | R--D | C] -- C:\Users\Anton\Contacts
[2010.07.03 18:02:51 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\VirtualStore
[2010.07.03 18:02:45 | 000,000,000 | --SD | C] -- C:\Users\Anton\AppData\Roaming\Microsoft
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Videos
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Saved Games
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Pictures
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Music
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Links
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Favorites
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Downloads
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Documents
[2010.07.03 18:02:45 | 000,000,000 | R--D | C] -- C:\Users\Anton\Desktop
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Vorlagen
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\AppData\Local\Verlauf
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\AppData\Local\Temporary Internet Files
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Startmenü
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\SendTo
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Recent
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Netzwerkumgebung
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Lokale Einstellungen
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Documents\Eigene Videos
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Documents\Eigene Musik
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Eigene Dateien
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Documents\Eigene Bilder
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Druckumgebung
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Cookies
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\AppData\Local\Anwendungsdaten
[2010.07.03 18:02:45 | 000,000,000 | -HSD | C] -- C:\Users\Anton\Anwendungsdaten
[2010.07.03 18:02:45 | 000,000,000 | -H-D | C] -- C:\Users\Anton\AppData
[2010.07.03 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Temp
[2010.07.03 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Local\Microsoft
[2010.07.03 18:02:45 | 000,000,000 | ---D | C] -- C:\Users\Anton\AppData\Roaming\Media Center Programs
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.07.03 18:02:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.07.03 17:10:51 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.07.03 17:08:29 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.07.03 17:08:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 90 Days ==========
[2010.09.05 18:33:05 | 006,291,456 | -HS- | M] () -- C:\Users\Anton\ntuser.dat
[2010.09.05 18:26:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.05 18:26:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.05 18:26:42 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.05 18:25:41 | 004,429,962 | -H-- | M] () -- C:\Users\Anton\AppData\Local\IconCache.db
[2010.09.05 18:24:43 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.05 18:24:43 | 000,019,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.05 18:19:43 | 000,000,978 | ---- | M] () -- C:\Users\Anton\Desktop\NTREGOPT.lnk
[2010.09.05 18:19:43 | 000,000,959 | ---- | M] () -- C:\Users\Anton\Desktop\ERUNT.lnk
[2010.09.05 18:14:26 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.05 18:08:18 | 000,388,197 | ---- | M] () -- C:\Users\Anton\Desktop\Load.exe
[2010.09.05 14:17:33 | 064,339,327 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010.09.05 11:04:35 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.09.04 17:42:28 | 000,000,020 | ---- | M] () -- C:\Windows\TùÍ
[2010.09.03 23:22:21 | 000,001,993 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.03 22:58:30 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.09.02 22:58:35 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.09.02 22:58:35 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.09.02 18:33:13 | 000,013,048 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\avgrssta.dll
[2010.09.02 18:33:13 | 000,001,908 | ---- | M] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010.09.02 18:33:12 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSwa.sys
[2010.09.02 18:33:11 | 000,056,008 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2010.09.02 18:33:10 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010.09.02 18:33:07 | 000,269,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2010.09.02 18:33:06 | 000,035,536 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2010.09.02 18:33:05 | 000,616,965 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2010.09.02 18:33:05 | 000,113,461 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2010.09.02 18:31:42 | 000,029,976 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys
[2010.08.30 19:15:56 | 000,001,531 | ---- | M] () -- C:\Users\Anton\Desktop\iwbtgbeta(slomo).exe.lnk
[2010.08.28 07:47:00 | 000,001,192 | ---- | M] () -- C:\Users\Anton\Desktop\Mafia II.lnk
[2010.08.26 14:45:36 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2010.08.26 14:40:38 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2010.08.26 14:40:34 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2010.08.26 14:40:32 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2010.08.26 14:40:24 | 000,030,016 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2010.08.25 21:23:54 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.08.25 21:23:54 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.08.25 21:23:54 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.08.25 21:23:54 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.08.25 17:16:34 | 000,000,857 | ---- | M] () -- C:\Windows\Cm106.ini.imi
[2010.08.23 15:21:40 | 000,000,748 | ---- | M] () -- C:\Windows\Cm106.ini.cfl
[2010.08.23 15:21:30 | 000,000,133 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2010.08.23 15:21:20 | 000,000,693 | ---- | M] () -- C:\Windows\System\Cm106.ini
[2010.08.20 21:11:24 | 000,001,022 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2010.08.15 19:29:45 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2010.08.13 17:11:46 | 000,001,276 | ---- | M] () -- C:\Users\Anton\Desktop\Delphi 2010.lnk
[2010.08.13 15:21:00 | 000,088,664 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.12 14:33:02 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.08.11 13:01:44 | 000,266,992 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.08.08 22:08:42 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.08 22:08:42 | 000,215,104 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.08 21:45:31 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.08 02:16:58 | 000,253,952 | ---- | M] (Flo) -- C:\Users\Anton\Desktop\Vista-ShutdownTimer.exe
[2010.08.08 01:03:31 | 000,002,196 | ---- | M] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2010.08.04 23:04:17 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.04 00:48:28 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.04 00:48:28 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.08.04 00:48:28 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.04 00:48:28 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.08.04 00:48:28 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.07.31 11:52:52 | 000,000,219 | ---- | M] () -- C:\Users\Anton\Desktop\Alien Swarm.url
[2010.07.09 11:48:41 | 000,524,288 | -HS- | M] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.09 11:48:41 | 000,524,288 | -HS- | M] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.09 11:48:41 | 000,065,536 | -HS- | M] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TM.blf
[2010.07.08 11:32:48 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.07 23:21:45 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.07.07 23:21:44 | 000,000,000 | ---- | M] () -- C:\Windows\initdebug.nfo
[2010.07.07 13:23:32 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.07.06 21:10:57 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.07.06 17:21:51 | 000,000,562 | ---- | M] () -- C:\Users\Anton\Desktop\Fraps.lnk
[2010.07.04 10:07:49 | 000,057,960 | ---- | M] () -- C:\Users\Anton\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.03 23:34:52 | 000,000,221 | ---- | M] () -- C:\Users\Anton\Desktop\Call of Duty Modern Warfare 2.url
[2010.07.03 23:34:52 | 000,000,221 | ---- | M] () -- C:\Users\Anton\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
[2010.07.03 19:27:20 | 000,001,043 | ---- | M] () -- C:\Users\Anton\Desktop\Album Cover Finder.lnk
[2010.07.03 19:05:38 | 000,000,020 | ---- | M] () -- C:\Windows\xöÇ
[2010.07.03 18:41:14 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.03 18:32:03 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.07.03 18:26:08 | 000,033,134 | ---- | M] () -- C:\Users\Anton\AppData\Roaming\UserTile.png
[2010.07.03 18:10:21 | 000,524,288 | -HS- | M] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.03 18:10:21 | 000,524,288 | -HS- | M] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.03 18:10:21 | 000,065,536 | -HS- | M] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.03 18:09:43 | 000,303,434 | RHS- | M] () -- C:\RMZOJ
[2010.07.03 18:09:43 | 000,000,020 | RHS- | M] () -- C:\winx.ld
[2010.07.03 18:06:58 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.07.03 18:04:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010.07.03 18:02:45 | 000,000,020 | -HS- | M] () -- C:\Users\Anton\ntuser.ini
[2010.07.03 17:12:26 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.07.03 17:12:26 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.07.03 17:11:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.06.08 01:58:00 | 000,065,128 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.06.08 01:58:00 | 000,056,936 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.06.08 01:58:00 | 000,012,507 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb ========== Files Created - No Company Name ==========
[2010.09.05 18:19:43 | 000,000,978 | ---- | C] () -- C:\Users\Anton\Desktop\NTREGOPT.lnk
[2010.09.05 18:19:43 | 000,000,959 | ---- | C] () -- C:\Users\Anton\Desktop\ERUNT.lnk
[2010.09.05 18:14:26 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.09.05 18:08:17 | 000,388,197 | ---- | C] () -- C:\Users\Anton\Desktop\Load.exe
[2010.09.05 17:09:59 | 000,034,421 | ---- | C] () -- C:\Users\Anton\Desktop\potlog.pdf
[2010.09.05 15:10:05 | 000,366,978 | ---- | C] () -- C:\Users\Anton\Desktop\FORMELSAMMLUNGAnalysis.pdf
[2010.09.05 11:04:35 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.09.04 17:42:28 | 000,000,020 | ---- | C] () -- C:\Windows\TùÍ
[2010.09.03 23:22:21 | 000,001,993 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.09.03 22:58:30 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.09.02 18:33:13 | 000,001,908 | ---- | C] () -- C:\Users\Public\Desktop\AVG 9.0.lnk
[2010.09.02 18:33:05 | 064,339,327 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010.09.02 18:33:05 | 000,616,965 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavifw.avm
[2010.09.02 18:33:05 | 000,113,461 | ---- | C] () -- C:\Windows\SysNative\drivers\Avg\iavichjw.avm
[2010.08.30 16:54:38 | 000,001,531 | ---- | C] () -- C:\Users\Anton\Desktop\iwbtgbeta(slomo).exe.lnk
[2010.08.28 07:47:00 | 000,001,192 | ---- | C] () -- C:\Users\Anton\Desktop\Mafia II.lnk
[2010.08.20 21:03:55 | 000,001,022 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Pro 6.lnk
[2010.08.15 19:29:45 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2010.08.13 17:11:46 | 000,001,276 | ---- | C] () -- C:\Users\Anton\Desktop\Delphi 2010.lnk
[2010.08.13 15:21:00 | 000,088,664 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.08.12 14:33:02 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.08.09 20:38:02 | 000,008,704 | -HS- | C] () -- C:\Users\Anton\AppData\Roaming\Thumbs.db
[2010.08.08 21:45:36 | 000,215,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.08.08 21:45:36 | 000,215,104 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.08.08 21:45:31 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.08.08 01:03:30 | 000,002,196 | ---- | C] () -- C:\Users\Public\Desktop\Xilisoft Video Converter Ultimate 6.lnk
[2010.08.04 23:04:16 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.31 11:52:52 | 000,000,219 | ---- | C] () -- C:\Users\Anton\Desktop\Alien Swarm.url
[2010.07.09 11:38:31 | 000,524,288 | -HS- | C] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TMContainer00000000000000000002.regtrans-ms
[2010.07.09 11:38:31 | 000,524,288 | -HS- | C] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TMContainer00000000000000000001.regtrans-ms
[2010.07.09 11:38:31 | 000,065,536 | -HS- | C] () -- C:\Users\Anton\ntuser.dat{9c46dda7-8b3d-11df-904b-002215bf886f}.TM.blf
[2010.07.08 11:32:48 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.07 23:21:44 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.07.07 23:21:44 | 000,000,000 | ---- | C] () -- C:\Windows\initdebug.nfo
[2010.07.07 22:51:17 | 000,012,507 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.07.07 13:23:32 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.07.06 21:10:57 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.07.06 17:21:50 | 000,000,562 | ---- | C] () -- C:\Users\Anton\Desktop\Fraps.lnk
[2010.07.04 11:32:24 | 000,000,535 | ---- | C] () -- C:\Users\Anton\regwizard.log
[2010.07.04 11:03:30 | 000,189,958 | ---- | C] () -- C:\Users\Anton\sanct.log
[2010.07.04 09:25:08 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2010.07.04 09:25:08 | 000,002,219 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities.lnk
[2010.07.03 23:34:52 | 000,000,221 | ---- | C] () -- C:\Users\Anton\Desktop\Call of Duty Modern Warfare 2 - Multiplayer.url
[2010.07.03 23:34:51 | 000,000,221 | ---- | C] () -- C:\Users\Anton\Desktop\Call of Duty Modern Warfare 2.url
[2010.07.03 19:27:20 | 000,001,043 | ---- | C] () -- C:\Users\Anton\Desktop\Album Cover Finder.lnk
[2010.07.03 19:05:38 | 000,000,020 | ---- | C] () -- C:\Windows\xöÇ
[2010.07.03 18:46:08 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll
[2010.07.03 18:46:07 | 000,491,520 | R--- | C] () -- C:\Windows\System\cmau106.dll
[2010.07.03 18:46:07 | 000,389,120 | R--- | C] () -- C:\Windows\SysNative\CM106.cpl
[2010.07.03 18:46:07 | 000,221,184 | R--- | C] () -- C:\Windows\System\cm106eye.exe
[2010.07.03 18:45:58 | 000,779,776 | R--- | C] () -- C:\Windows\SysNative\Cmeau106.exe
[2010.07.03 18:45:58 | 000,003,262 | R--- | C] () -- C:\Windows\Trustlogo.ico
[2010.07.03 18:45:58 | 000,003,262 | R--- | C] () -- C:\Windows\Taskbaricon.ICO
[2010.07.03 18:45:58 | 000,003,262 | R--- | C] () -- C:\Windows\Mic.ico
[2010.07.03 18:45:58 | 000,000,748 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2010.07.03 18:45:58 | 000,000,133 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2010.07.03 18:45:39 | 000,000,857 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2010.07.03 18:45:38 | 000,354,304 | R--- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2010.07.03 18:45:38 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg
[2010.07.03 18:41:14 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.07.03 18:28:55 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.07.03 18:26:08 | 000,033,134 | ---- | C] () -- C:\Users\Anton\AppData\Roaming\UserTile.png
[2010.07.03 18:09:43 | 000,303,434 | RHS- | C] () -- C:\RMZOJ
[2010.07.03 18:09:43 | 000,000,020 | RHS- | C] () -- C:\winx.ld
[2010.07.03 18:06:58 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.07.03 18:06:57 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.07.03 18:04:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_NuidFltr_01005.Wdf
[2010.07.03 18:02:45 | 006,291,456 | -HS- | C] () -- C:\Users\Anton\ntuser.dat
[2010.07.03 18:02:45 | 000,524,288 | -HS- | C] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.07.03 18:02:45 | 000,524,288 | -HS- | C] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.07.03 18:02:45 | 000,262,144 | -HS- | C] () -- C:\Users\Anton\ntuser.dat.LOG1
[2010.07.03 18:02:45 | 000,065,536 | -HS- | C] () -- C:\Users\Anton\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.07.03 18:02:45 | 000,000,020 | -HS- | C] () -- C:\Users\Anton\ntuser.ini
[2010.07.03 18:02:45 | 000,000,000 | -HS- | C] () -- C:\Users\Anton\ntuser.dat.LOG2
[2010.07.03 17:11:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010.07.03 17:08:08 | 3220,529,152 | -HS- | C] () -- C:\hiberfil.sys
[2009.08.19 23:00:00 | 000,375,296 | ---- | C] () -- C:\Windows\SysWow64\wsihk32.dll
[2009.08.19 23:00:00 | 000,131,584 | ---- | C] () -- C:\Windows\SysWow64\wsiwin32.dll
[2009.08.19 23:00:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes140.dll
[2009.08.19 23:00:00 | 000,027,136 | ---- | C] () -- C:\Windows\SysWow64\BDSShellRes.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007.12.28 09:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.11.29 17:45:10 | 000,000,806 | R--- | C] () -- C:\Windows\cm106.ini ========== LOP Check ==========
[2010.08.22 23:14:04 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\aicon
[2010.07.03 22:32:34 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\AlcaTech
[2010.07.31 21:04:12 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\bizarre creations
[2010.07.04 11:32:01 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\CodeGear
[2010.07.06 22:16:17 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
[2010.07.11 18:56:52 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\DMCache
[2010.08.13 16:58:48 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Embarcadero
[2010.07.11 18:46:03 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\gtk-2.0
[2010.08.22 22:49:58 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Guitar Pro 6
[2010.07.12 10:47:43 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\iTunesControl
[2010.07.14 23:45:44 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\SEGA Corporation
[2010.07.07 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\TeamViewer
[2010.07.09 11:38:36 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Tific
[2010.07.04 09:24:54 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\TuneUp Software
[2010.07.06 22:35:08 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Ubisoft
[2010.08.17 14:43:22 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Windows Live Writer
[2010.08.08 01:04:02 | 000,000,000 | ---D | M] -- C:\Users\Anton\AppData\Roaming\Xilisoft
[2009.07.14 07:08:49 | 000,028,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >
[2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2010.07.03 18:06:58 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.09.05 18:26:42 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.05 18:26:46 | 4294,041,600 | -HS- | M] () -- C:\pagefile.sys
[2010.07.03 18:09:43 | 000,303,434 | RHS- | M] () -- C:\RMZOJ
[2010.07.03 18:09:43 | 000,000,020 | RHS- | M] () -- C:\winx.ld < %systemroot%\system32\*.wt > < %systemroot%\system32\*.ruy > < %systemroot%\Fonts\*.com >
[2009.07.14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009.07.14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009.07.14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009.07.14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont < %systemroot%\Fonts\*.dll > < %systemroot%\Fonts\*.ini >
[2009.06.10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini < %systemroot%\Fonts\*.ini2 > < %systemroot%\system32\spool\prtprocs\w32x86\*.* > < %systemroot%\REPAIR\*.bak1 > < %systemroot%\REPAIR\*.ini > < %systemroot%\system32\*.jpg > < %systemroot%\*.scr >
[2010.08.10 19:39:02 | 000,297,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR < %systemroot%\*._sy > < %APPDATA%\Adobe\Update\*.* > < %ALLUSERSPROFILE%\Favorites\*.* > < %APPDATA%\Microsoft\*.* > < %PROGRAMFILES%\*.* >
[2009.07.14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini < %APPDATA%\Update\*.* > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\system32\user32.dll /md5 >
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll < %systemroot%\system32\ws2_32.dll /md5 >
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll < %systemroot%\system32\ws2help.dll /md5 >
[2009.07.14 03:11:26 | 000,004,608 | ---- | M] (Microsoft Corporation) MD5=808AABDF9337312195CAFF76D1804786 -- C:\Windows\SysWOW64\ws2help.dll < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > ========== Alternate Data Streams ==========
@Alternate Data Stream - 55920 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
< End of report >
| Extra: Zitat:
OTL Extras logfile created on: 05.09.2010 18:31:00 - Run 1
OTL by OldTimer - Version 3.2.11.0 Folder = C:\Users\Anton\Desktop\MFTools
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,88 Gb Total Space | 127,18 Gb Free Space | 54,61% Space Free | Partition Type: NTFS
Drive D: | 66,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ANTON-PC
Current User Name: Anton
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0 ========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"svchost2.exe" = C:\windows\svchost2.exe -- File not found
"svchost2.exe" = C:\windows\svchost2.exe -- File not found ========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{40B38ACD-8720-48F0-B5B0-29C37ADCDECB}" = Windows Live Language Selector
"{5F02C14D-A630-4771-8409-0BA89FCCA8D6}" = iTunes
"{79A68C93-ED14-4E92-A960-FBB5B6578562}" = Windows Live MIME IFilter
"{9151385C-9B53-4058-8DC6-6257BE5CB4E9}" = Windows Live ID Sign-in Assistant
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"C-Media CM106 Like Sound Driver" = Trust USB Audio
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1" = Guitar Pro 6
"{19910E33-E495-42F9-84FF-7569931CC021}_is1" = Mafia 2
"{19DD26A7-F0DD-472E-887F-44128C31163C}" = Windows Live Messenger
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3274D32D-3DA2-4AB9-9BD0-B4EDC6E03B7F}" = Windows Live Essentials-Betaversion
"{380B7FE0-32A3-439A-B65C-B4ED55CADBF4}" = Windows Live Fotogalerie-Betaversion
"{3932CA01-E514-48A1-8D2D-B9DA712C58B5}" = Windows Live Writer
"{394A36B7-A693-48FD-AA14-DC17E291A378}" = Windows Live Writer
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{41A15ABD-081B-43DC-91A5-8727265E8D77}" = Windows Live Photo Common
"{488A77D4-7D18-4030-881D-37E7C5AE02FF}" = iTunesControl 0.52
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4ACDC413-AF13-3934-8D8A-1F8CEF70D1A5}" = Microsoft Document Explorer 2008 Language Pack - DEU
"{4F88F5D8-767A-4EB4-9AFA-A7CBCC69D767}" = Windows Live SOXE
"{52CDDA92-56B6-4BA5-BD8D-E13B186008CB}" = D3DX10
"{54488589-76BC-4A3F-AC4F-71EBAD657850}" = Windows Live Communications Platform
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5EE59813-493A-4C10-A2BF-3647670CD7D6}" = Windows Live UX Platform Language Pack
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{66069562-D3AF-4515-B1FD-7EE4DE5CE7D2}" = Windows Live PIMT Platform
"{6753B40C-0FBD-3BED-8A9D-0ACAC2DCD85D}" = Microsoft Document Explorer 2008
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E432D8D-D78A-44A8-9FE8-B8942F7FD01F}" = Windows Live UX Platform
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{91973772-A002-446D-8A67-B410553AD8F9}" = Windows Live SOXE Definitions
"{94B8E8AF-7F52-4AEB-8731-450942059E89}" = Boost Libraries for C++Builder 2010
"{95A4E899-87EF-43C7-99E3-9ED5342FBF12}" = Windows Live Movie Maker
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9D6FAA1A-D87C-4F3E-B6C0-2646DC238CCF}" = Windows Live Mail
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.3
"{AD58D257-F7A6-4AB5-B5E1-364EAC098B94}" = Embarcadero RAD Studio 2010
"{ADFCF98D-9CB4-414F-B2F0-AF96E0302A3C}" = Windows Live Photo Common-Betaversion
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B9D682DD-724A-4F18-B714-1B6AB423FD08}" = Windows Live Writer
"{B9FF6943-D487-4C97-AF8D-DF0A46E692BF}" = Mirror's Edge Time Trails Pur
"{C0A30BAA-295D-4F7F-8776-FD09FD57E2E2}" = Windows Live Installer
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C7A6AD68-9152-482B-9769-6E08231F0BD7}" = Windows Live Messenger
"{CED9B1E8-FFCB-4497-9DFC-F0B20146896E}" = Windows Live Mail
"{CF092689-6ADF-4C86-A8DA-31B0B448A36C}" = Junk Mail filter update
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D75608C0-FBE2-4A0D-9A7A-871F08305949}" = Windows Live Writer Resources
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E716CF3C-1F40-4373-9271-07DAA12EA0AD}" = Embarcadero Delphi and C++Builder 2010 Database Pack
"{E966F0CC-76B3-11D3-945B-00C04FB1760A}" = BDE_ENT
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EE7F36D6-F67D-486A-A9D5-01DE1B6F6933}" = Windows Live Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F4FC05EB-94A9-418A-ABC4-A2FBBB4F6C15}" = Embarcadero Delphi and C++Builder 2010 Help System
"{FCE7CF00-581E-4B9B-8794-24A196BBFBC0}" = Windows Live Photo Gallery
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Album Cover Finder_is1" = Album Cover Finder v.6.8.0
"AVG9Uninstall" = AVG 9.0
"Boost Libraries for C++Builder 2010" = Boost Libraries for C++Builder 2010
"DivX Setup.divx.com" = DivX-Setup
"Embarcadero Delphi and C++Builder 2010 Database Pack" = Embarcadero Delphi and C++Builder 2010 Database Pack
"Embarcadero Delphi and C++Builder 2010 Help System" = Embarcadero Delphi and C++Builder 2010 Help System
"Embarcadero RAD Studio 2010" = Embarcadero RAD Studio 2010
"ERUNT_is1" = ERUNT 1.1j
"Fraps" = Fraps (remove only)
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft Document Explorer 2008" = Microsoft Document Explorer 2008
"Microsoft Document Explorer 2008 Language Pack - DEU" = Microsoft Document Explorer 2008 Language Pack - DEU
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Precision" = EVGA Precision 1.9.1
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 10180" = Call of Duty: Modern Warfare 2
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"Steam App 18800" = Zero Gear Demo
"Steam App 50280" = Mafia II - Demo
"Steam App 630" = Alien Swarm
"TeamViewer 5" = TeamViewer 5
"TuneUp Utilities" = TuneUp Utilities
"VLC media player" = VLC media player 1.1.4
"VLC Setup Helper_is1" = VLC Setup Helper 3.00
"WinLiveSuite" = Windows Live Essentials-Betaversion
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6 ========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.09.2010 10:34:04 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 03.09.2010 17:42:40 | Computer Name = Anton-PC | Source = Application Hang | ID = 1002
Description = Programm GuitarPro.exe, Version 0.0.0.0 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 70c Startzeit:
01cb4bb0b0d5a40d Endzeit: 4 Anwendungspfad: C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe
Berichts-ID:
Error - 04.09.2010 10:14:10 | Computer Name = Anton-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: stdrt.exe, Version: 3.0.239.0, Zeitstempel:
0x4462f982 Name des fehlerhaften Moduls: oggflt.sft, Version: 1.0.1.0, Zeitstempel:
0x4460ff48 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00016300 ID des fehlerhaften Prozesses:
0x65c Startzeit der fehlerhaften Anwendung: 0x01cb4c3b5f8af8ac Pfad der fehlerhaften
Anwendung: C:\Users\Anton\AppData\Local\Temp\mrt6B12.tmp\stdrt.exe Pfad des fehlerhaften
Moduls: C:\Users\Anton\AppData\Local\Temp\mrt6B12.tmp\oggflt.sft Berichtskennung:
af2e9110-b82e-11df-a6b2-00242146da1b
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 360: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 412: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 220: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 492: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 224: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 05:02:41 | Computer Name = Anton-PC | Source = Bonjour Service | ID = 100
Description = 484: ERROR: read_msg errno 10054 (Eine vorhandene Verbindung wurde
vom Remotehost geschlossen.)
Error - 05.09.2010 08:56:09 | Computer Name = Anton-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Windows Live Messenger" konnte nicht
heruntergefahren werden.
[ System Events ]
Error - 16.08.2010 09:09:10 | Computer Name = Anton-PC | Source = bowser | ID = 8003
Description =
Error - 23.08.2010 05:29:56 | Computer Name = Anton-PC | Source = DCOM | ID = 10010
Description =
Error - 30.08.2010 17:37:46 | Computer Name = Anton-PC | Source = DCOM | ID = 10010
Description =
Error - 02.09.2010 09:17:45 | Computer Name = Anton-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?09.?2010 um 15:15:29 unerwartet heruntergefahren.
Error - 02.09.2010 11:55:28 | Computer Name = Anton-PC | Source = NetBT | ID = 4321
Description = Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit
IP-Adresse 5.35.184.40 registriert werden. Der Computer mit IP-Adresse 5.37.29.255
hat nicht zugelassen, dass dieser Computer diesen Namen verwendet.
Error - 04.09.2010 05:12:19 | Computer Name = Anton-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 05.09.2010 05:02:51 | Computer Name = Anton-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 05.09.2010 05:03:01 | Computer Name = Anton-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist
bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 05.09.2010 05:04:01 | Computer Name = Anton-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Apple Mobile Device" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
Error - 05.09.2010 12:15:33 | Computer Name = Anton-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "AVG9IDSAgent" wurde unerwartet beendet. Dies ist bereits 1
Mal passiert.
< End of report >
| Hoffe jemand kann mir helfen und mir sagen ob es ein virus ist/war. Ich benutzte überigens die MSN Beta 2011 und habe schon einen AVG scan gemacht. Das hat aber nichts gebracht -> es wurde nichts gefunden. |