| |
| |||||||
Log-Analyse und Auswertung: cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.11.2010, 01:43
| #1 | |
 |  cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Hallo, Habe seit einiger Zeit obwohl kaum etwas läuft 70-99% CPU Auslastung. Habe Windows geupdaet. AVG laufen lassen, Spybot laufen lassen. Nichts großartiges gefunden. Im Taskmanager ist mir die cmd.exe aufgefallen. Diese verursachte so um die 11% CPU (zumindest laut Taskmanager) und ist mir vorher nie wirlich aufgefallen. Auch ist sie in mehreren Instanzen vorhanden (bis jetzt bis zu 3 mal)  Wenn ich sie beende sinkt die Auslastung auf die norm zurück. Sie befindet sich im Ordner Syswow64. Den habe ich mal mit Malwarebytes überprüft. Nichts wurde gefunden. Ausserdem habe ich mal gelesen, dass die hale.exe schadhaft sein könnte. (Ja ich weiß warum ich die habe.)  Ist da was dran? Hab ich ein ernsthaftes Problem und was kann ich tun ? HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:30:50, on 04.11.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\System32\hale.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\RocketDock\RocketDock.exe F:\Program Files (x86)\Rainlendar2\Rainlendar2.exe F:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe F:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Windows\SysWOW64\cmd.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Foxit Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Rainlendar2] f:\Program Files (x86)\Rainlendar2\Rainlendar2.exe O4 - HKCU\..\Run: [Steam] "F:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Evernote Clipper.lnk = ? O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing) O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9129 bytes OTL Logfile: Code:
ATTFilter OTL logfile created on: 05.11.2010 07:57:50 - Run 2 OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\c\Downloads 64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 48,83 Gb Total Space | 17,44 Gb Free Space | 35,72% Space Free | Partition Type: NTFS Drive D: | 48,83 Gb Total Space | 13,85 Gb Free Space | 28,37% Space Free | Partition Type: NTFS Drive E: | 48,83 Gb Total Space | 14,12 Gb Free Space | 28,91% Space Free | Partition Type: NTFS Drive F: | 490,70 Gb Total Space | 249,63 Gb Free Space | 50,87% Space Free | Partition Type: NTFS Drive G: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 391,16 Gb Total Space | 203,93 Gb Free Space | 52,14% Space Free | Partition Type: NTFS Drive I: | 24,66 Gb Total Space | 1,66 Gb Free Space | 6,73% Space Free | Partition Type: NTFS Drive J: | 153,38 Gb Total Space | 8,73 Gb Free Space | 5,69% Space Free | Partition Type: NTFS Computer Name: C-PC | User Name: c | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\c\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - F:\Program Files (x86)\Steam\steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\CCleaner\CCleaner.exe (Piriform Ltd) PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - F:\Program Files (x86)\Rainlendar2\Rainlendar2.exe () PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe () ========== Modules (SafeList) ========== MOD - C:\Users\c\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe (SiSoftware) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x64\sandra.sys (SiSoftware) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 F8 D9 21 EF 7A CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: john@velvetcache.org:1.3.2 FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.73 FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2 FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908 FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.6.9 FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.4 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.12.0.36949 FF - prefs.js..extensions.enabledItems: {62b958b4-9962-4fc2-9983-01a9a42d6f2d}:0.4.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1151 FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010.11.03 01:52:56 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.28 23:12:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.28 23:12:06 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: f:\Program Files (x86)\Mozilla Thunderbird\components [2010.10.30 14:34:52 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: f:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.10.20 14:56:03 | 000,000,000 | ---D | M] [2010.10.12 19:11:35 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Extensions [2010.10.12 19:11:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2010.11.04 20:50:48 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions [2010.10.15 02:12:37 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30} [2010.10.15 22:55:54 | 000,000,000 | ---D | M] (Browse Images) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{62b958b4-9962-4fc2-9983-01a9a42d6f2d} [2010.03.12 17:36:27 | 000,000,000 | ---D | M] (WOT) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2010.03.12 17:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696} [2010.11.03 22:25:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.03.12 17:36:27 | 000,000,000 | ---D | M] (Tiny Menu) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904} [2010.03.12 17:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{dc572301-7619-498c-a57d-39143191b318} [2010.03.12 17:36:27 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\john@velvetcache.org [2010.10.15 22:34:52 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\piclens@cooliris.com [2010.10.16 19:26:01 | 000,000,000 | ---D | M] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\toolbar@ask.com [2010.10.12 20:00:24 | 000,002,314 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\forestle-de.xml [2010.10.12 20:01:16 | 000,001,590 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\scroogle-ssl-german-search.xml [2010.10.12 20:01:10 | 000,001,549 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\scroogle-ssl-search.xml [2010.11.03 02:05:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.10.12 19:04:57 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.13 17:28:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.10.13 17:28:48 | 000,423,656 | ---- | M] (Oracle) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.10.13 14:09:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll [2010.09.14 22:32:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.14 22:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.14 22:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.14 22:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.14 22:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.10.26 18:40:40 | 000,423,309 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123fporn.info O1 - Hosts: 14590 more lines... O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (Foxit Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [Rainlendar2] f:\Program Files (x86)\Rainlendar2\Rainlendar2.exe () O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [Steam] F:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008.05.21 21:21:24 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2009.02.04 22:54:01 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - G:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - G:\Autorun.inf -- [ UDF ] O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell - "" = AutoRun O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell\AutoRun\command - "" = K:\OblivionLauncher.exe -- File not found O33 - MountPoints2\{c7e04925-2e53-11df-b465-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{c7e04925-2e53-11df-b465-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.04 23:36:07 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Malwarebytes [2010.11.04 23:36:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.11.04 23:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.11.04 23:35:59 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.11.04 23:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.11.04 23:27:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2010.11.04 22:24:08 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2010.11.04 22:24:08 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2010.11.04 22:24:08 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2010.11.04 22:24:07 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2010.11.04 22:24:07 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2010.11.04 22:24:07 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2010.11.04 22:24:07 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.11.04 22:24:07 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2010.11.04 22:20:23 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.11.04 22:20:23 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.11.04 22:20:23 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.11.04 22:20:23 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.11.04 22:20:23 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.11.04 22:20:23 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.11.04 22:20:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.11.04 22:20:22 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.11.04 22:20:22 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.11.04 22:20:22 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.11.04 22:20:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.11.04 22:20:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.11.04 22:20:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.11.04 22:20:22 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.11.04 22:20:14 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2010.11.04 22:20:14 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2010.11.04 22:20:08 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2010.11.04 22:20:07 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2010.11.04 22:20:06 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2010.11.04 22:20:06 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2010.11.04 22:20:05 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.11.04 22:20:05 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.11.04 22:20:05 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.11.04 22:20:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010.11.04 22:20:03 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2010.11.04 22:20:02 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.11.04 22:20:02 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.11.04 22:20:02 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.11.04 22:20:02 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.11.04 22:20:02 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.11.04 22:20:00 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2010.11.04 22:20:00 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2010.11.04 22:19:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.11.04 22:19:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.11.04 22:19:46 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2010.11.04 22:19:43 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.11.04 22:19:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.11.04 22:18:52 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2010.11.04 22:17:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2010.11.04 22:11:22 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\ElevatedDiagnostics [2010.11.04 19:18:27 | 000,000,000 | ---D | C] -- C:\Program Files\SiSoftware [2010.11.04 17:00:14 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\40 Years of X-men [2010.11.03 10:03:28 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Paint.NET [2010.11.03 01:58:26 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\AVG10 [2010.11.03 01:53:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010.11.03 01:53:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2010.11.03 01:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010.11.03 01:52:52 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2010.11.03 01:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.11.03 01:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2010.11.01 20:45:19 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Evernote [2010.11.01 20:45:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote [2010.10.30 03:26:14 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\REAPER Media [2010.10.29 04:00:05 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Oblivion [2010.10.29 02:36:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2010.10.29 02:36:17 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Google [2010.10.29 01:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASIO4ALL v2 [2010.10.26 18:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy) [2010.10.26 18:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy) [2010.10.26 18:24:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.10.26 18:19:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner [2010.10.24 23:57:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7D55A338-9946-4B03-9D84-8FD1472DA229} [2010.10.24 23:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments [2010.10.24 23:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments [2010.10.24 23:54:55 | 002,045,952 | ---- | C] (Native Instruments Software Synthesis GmbH) -- C:\Windows\SysWow64\bconvert.dll [2010.10.24 23:54:55 | 000,393,216 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_IRC_1_2.dll [2010.10.24 23:54:55 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll [2010.10.24 23:54:55 | 000,061,440 | ---- | C] (Native Instruments Software GmbH) -- C:\Windows\SysWow64\NI_DFD_1_5.dll [2010.10.22 03:21:30 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Rockstar Games [2010.10.22 00:13:25 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2010.10.21 23:57:22 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\title_update_7_DE [2010.10.21 23:32:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010.10.21 23:32:23 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Rockstar Games [2010.10.21 23:31:25 | 000,000,000 | RH-D | C] -- C:\Users\c\AppData\Roaming\SecuROM [2010.10.21 21:44:18 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2010.10.20 14:56:43 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Apple Computer [2010.10.20 14:56:43 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Apple Computer [2010.10.20 14:56:39 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll [2010.10.20 14:56:39 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll [2010.10.20 14:56:39 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2010.10.20 14:56:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2010.10.20 14:56:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.10.20 14:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.10.20 14:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2010.10.20 14:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2010.10.20 14:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2010.10.20 14:55:50 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Apple [2010.10.20 14:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2010.10.20 14:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2010.10.20 14:55:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2010.10.20 14:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2010.10.20 14:55:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2010.10.20 14:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2010.10.19 15:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.10.19 00:50:36 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\.minecraft [2010.10.18 20:56:52 | 000,045,056 | ---- | C] (Novation DMS Ltd.) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys [2010.10.18 20:56:52 | 000,010,240 | ---- | C] (Novation DMS Ltd.) -- C:\Windows\SysNative\nvnusbaudio_coinst.dll [2010.10.18 20:56:52 | 000,000,000 | ---D | C] -- C:\Program Files\Novation [2010.10.18 19:20:27 | 000,000,000 | ---D | C] -- C:\Users\c\.rainlendar2 [2010.10.17 16:07:11 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\FileZilla [2010.10.16 16:29:36 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Disney Interactive Studios [2010.10.16 16:14:03 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.10.16 16:14:03 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.10.16 16:14:02 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.10.16 16:13:53 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010.10.16 16:12:44 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\InstallShield [2010.10.15 22:35:03 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Cooliris [2010.10.15 18:38:08 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\LolClient [2010.10.15 17:13:33 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\The Path [2010.10.15 17:13:33 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\The Path [2010.10.15 05:34:44 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.10.15 05:34:44 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.10.15 05:34:42 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.10.15 03:34:50 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\StarCraft II [2010.10.15 03:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.10.15 03:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010.10.15 03:27:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2010.10.14 01:40:32 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\NVIDIA [2010.10.14 01:40:11 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\2K Games [2010.10.14 01:35:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010.10.14 01:11:53 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\ElastikRenderCache [2010.10.13 23:42:49 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Native Instruments [2010.10.13 23:42:49 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Native Instruments [2010.10.13 23:40:45 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Yellow Tools [2010.10.13 23:40:14 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Blue Cat Audio [2010.10.13 23:36:47 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Addictive Drums [2010.10.13 23:25:20 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\REAPER [2010.10.13 19:55:55 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\WinRAR [2010.10.13 17:37:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP [2010.10.13 17:31:45 | 001,053,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71u.dll [2010.10.13 17:31:45 | 000,771,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100_clr0400.dll [2010.10.13 17:31:45 | 000,722,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vb40032.dll [2010.10.13 17:31:45 | 000,487,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp70.dll [2010.10.13 17:31:45 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll [2010.10.13 17:31:45 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr70.dll [2010.10.13 17:31:45 | 000,200,704 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Windows\SysWow64\ssleay32.dll [2010.10.13 17:31:45 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\openal32.dll [2010.10.13 17:31:45 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl71.dll [2010.10.13 17:31:45 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvci70.dll [2010.10.13 17:31:44 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll [2010.10.13 17:31:44 | 001,024,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70.dll [2010.10.13 17:31:44 | 001,017,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70u.dll [2010.10.13 17:31:44 | 000,799,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdia100.dll [2010.10.13 17:31:44 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71DEU.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71ITA.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71FRA.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71ESP.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70ITA.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70FRA.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70ESP.dll [2010.10.13 17:31:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70DEU.dll [2010.10.13 17:31:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71ENU.dll [2010.10.13 17:31:44 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70ENU.dll [2010.10.13 17:31:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71KOR.dll [2010.10.13 17:31:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71JPN.dll [2010.10.13 17:31:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70KOR.dll [2010.10.13 17:31:44 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70JPN.dll [2010.10.13 17:31:44 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71CHT.dll [2010.10.13 17:31:44 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70CHT.dll [2010.10.13 17:31:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71CHS.dll [2010.10.13 17:31:44 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc70CHS.dll [2010.10.13 17:31:43 | 002,887,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\libmmd.dll [2010.10.13 17:31:43 | 001,872,666 | ---- | C] (Red Hat) -- C:\Windows\SysWow64\cygwin1.dll [2010.10.13 17:31:43 | 001,066,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl32.ocx [2010.10.13 17:31:43 | 001,017,344 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Windows\SysWow64\libeay32.dll [2010.10.13 17:31:43 | 000,935,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vb40016.dll [2010.10.13 17:31:43 | 000,898,048 | ---- | C] (GNU <www.gnu.org>) -- C:\Windows\SysWow64\libiconv2.dll [2010.10.13 17:31:43 | 000,443,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MShflxgd.ocx [2010.10.13 17:31:43 | 000,398,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vbrun300.dll [2010.10.13 17:31:43 | 000,356,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\vbrun200.dll [2010.10.13 17:31:43 | 000,278,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdatgrd.ocx [2010.10.13 17:31:43 | 000,258,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msflxgrd.ocx [2010.10.13 17:31:43 | 000,252,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdatlst.ocx [2010.10.13 17:31:43 | 000,221,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tabctl32.ocx [2010.10.13 17:31:43 | 000,218,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\richtx32.ocx [2010.10.13 17:31:43 | 000,189,440 | ---- | C] (The OpenSSL Project, hxxp://www.openssl.org/) -- C:\Windows\SysWow64\libssl32.dll [2010.10.13 17:31:43 | 000,178,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmask32.ocx [2010.10.13 17:31:43 | 000,136,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx [2010.10.13 17:31:43 | 000,129,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstdfmt.dll [2010.10.13 17:31:43 | 000,127,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mswinsck.ocx [2010.10.13 17:31:43 | 000,119,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomm32.ocx [2010.10.13 17:31:43 | 000,107,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msstkprp.dll [2010.10.13 17:31:43 | 000,101,888 | ---- | C] (GNU <www.gnu.org>) -- C:\Windows\SysWow64\libintl3.dll [2010.10.13 17:31:43 | 000,100,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\picclp32.ocx [2010.10.13 17:31:43 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\atl70.dll [2010.10.13 17:31:43 | 000,080,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sysinfo.ocx [2010.10.13 17:31:43 | 000,032,768 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System\plugin.dll [2010.10.13 17:31:42 | 001,069,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx [2010.10.13 17:31:42 | 000,659,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomct2.ocx [2010.10.13 17:31:42 | 000,614,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comctl32.ocx [2010.10.13 17:31:42 | 000,415,552 | ---- | C] (Microsoft Corporation ) -- C:\Windows\SysWow64\comct332.ocx [2010.10.13 17:31:42 | 000,317,320 | ---- | C] (AutoIt Team) -- C:\Windows\SysWow64\AutoItX3.dll [2010.10.13 17:31:42 | 000,222,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dblist32.ocx [2010.10.13 17:31:42 | 000,215,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mci32.ocx [2010.10.13 17:31:42 | 000,170,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comct232.ocx [2010.10.13 17:31:42 | 000,155,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx [2010.10.13 17:31:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe [2010.10.13 17:30:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2010.10.13 17:30:28 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2010.10.13 17:30:19 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.10.13 17:30:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010.10.13 17:30:19 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2010.10.13 17:30:19 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2010.10.13 17:30:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.10.13 17:30:19 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2010.10.13 17:30:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010.10.13 17:30:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.10.13 17:30:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.10.13 17:30:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_43.dll [2010.10.13 17:30:15 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2010.10.13 17:30:15 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2010.10.13 17:30:15 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2010.10.13 17:30:08 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2010.10.13 17:30:08 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2010.10.13 17:30:07 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2010.10.13 17:30:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2010.10.13 17:29:37 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.10.13 17:29:37 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.10.13 17:29:37 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010.10.13 17:29:37 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.10.13 17:29:37 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2010.10.13 17:29:37 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.10.13 17:29:37 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.10.13 17:29:37 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.10.13 17:29:37 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2010.10.13 17:29:37 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2010.10.13 17:29:37 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2010.10.13 17:29:37 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2010.10.13 17:29:37 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2010.10.13 17:29:37 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010.10.13 17:29:37 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010.10.13 17:29:37 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010.10.13 17:29:37 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010.10.13 17:29:37 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010.10.13 17:29:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.10.13 17:29:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.10.13 17:29:37 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.10.13 17:29:37 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2010.10.13 17:29:37 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.10.13 17:29:37 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2010.10.13 17:29:37 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.10.13 17:29:37 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.10.13 17:29:37 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010.10.13 17:29:37 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010.10.13 17:29:37 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010.10.13 17:29:37 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.10.13 17:29:37 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010.10.13 17:29:37 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.10.13 17:29:37 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.10.13 17:29:37 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.10.13 17:29:37 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.10.13 17:29:36 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_40.dll [2010.10.13 17:29:36 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_41.dll [2010.10.13 17:29:36 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_38.dll [2010.10.13 17:29:36 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_42.dll [2010.10.13 17:29:36 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_43.dll [2010.10.13 17:29:36 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010.10.13 17:29:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.10.13 17:29:36 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.10.13 17:29:36 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.10.13 17:29:36 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.10.13 17:29:36 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.10.13 17:29:36 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_2.dll [2010.10.13 17:29:36 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010.10.13 17:29:35 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2010.10.13 17:29:35 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_37.dll [2010.10.13 17:29:34 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010.10.13 17:29:34 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010.10.13 17:29:34 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2010.10.13 17:29:34 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2010.10.13 17:29:34 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010.10.13 17:29:34 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010.10.13 17:29:33 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010.10.13 17:29:33 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010.10.13 17:29:33 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010.10.13 17:29:33 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010.10.13 17:29:33 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010.10.13 17:29:33 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010.10.13 17:29:33 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2010.10.13 17:29:33 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2010.10.13 17:29:33 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2010.10.13 17:29:33 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2010.10.13 17:29:32 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2010.10.13 17:29:32 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.10.13 17:29:32 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.10.13 17:29:32 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.10.13 17:29:32 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.10.13 17:29:32 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2010.10.13 17:29:32 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010.10.13 17:29:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010.10.13 17:29:32 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2010.10.13 17:29:32 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010.10.13 17:29:31 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2010.10.13 17:29:31 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.10.13 17:29:31 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2010.10.13 17:29:31 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2010.10.13 17:29:31 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.10.13 17:29:30 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcompiler_36.dll [2010.10.13 17:29:30 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcompiler_35.dll [2010.10.13 17:29:30 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.10.13 17:29:30 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.10.13 17:29:30 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcompiler_34.dll [2010.10.13 17:29:30 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcompiler_33.dll [2010.10.13 17:29:24 | 000,468,480 | ---- | C] (Oracle) -- C:\Windows\SysNative\deployJava1.dll [2010.10.13 17:29:24 | 000,183,296 | ---- | C] (Oracle) -- C:\Windows\SysNative\javaws.exe [2010.10.13 17:29:24 | 000,165,888 | ---- | C] (Oracle) -- C:\Windows\SysNative\javaw.exe [2010.10.13 17:29:24 | 000,165,888 | ---- | C] (Oracle) -- C:\Windows\SysNative\java.exe [2010.10.13 17:29:18 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010.10.13 17:28:52 | 000,153,376 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaws.exe [2010.10.13 17:28:52 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\javaw.exe [2010.10.13 17:28:52 | 000,145,184 | ---- | C] (Oracle) -- C:\Windows\SysWow64\java.exe [2010.10.13 17:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.10.13 14:10:34 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Foxit Software [2010.10.13 14:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com [2010.10.13 14:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software [2010.10.13 04:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.10.13 04:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.10.13 04:53:08 | 000,423,656 | ---- | C] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll [2010.10.12 20:23:53 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\My Games [2010.10.12 19:39:58 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2010.10.12 19:39:58 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2010.10.12 19:39:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2010.10.12 19:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2010.10.12 19:39:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2010.10.12 19:39:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2010.10.12 19:39:10 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.10.12 19:39:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.10.12 19:39:10 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.10.12 19:39:10 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.10.12 19:39:10 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.10.12 19:39:10 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.10.12 19:39:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.10.12 19:39:10 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.10.12 19:39:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.10.12 19:39:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.10.12 19:39:10 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.10.12 19:39:10 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.10.12 19:39:10 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.10.12 19:39:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.10.12 19:39:10 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.10.12 19:39:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.10.12 19:39:10 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.10.12 19:39:10 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.10.12 19:39:09 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.10.12 19:39:09 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.10.12 19:39:09 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2010.10.12 19:39:09 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.10.12 19:39:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.10.12 19:39:09 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2010.10.12 19:39:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.10.12 19:39:09 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.10.12 19:39:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.10.12 19:39:09 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2010.10.12 19:39:09 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2010.10.12 19:39:09 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2010.10.12 19:39:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.10.12 19:39:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.10.12 19:39:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.10.12 19:39:08 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010.10.12 19:39:08 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010.10.12 19:39:08 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2010.10.12 19:39:08 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2010.10.12 19:39:08 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010.10.12 19:39:08 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010.10.12 19:39:08 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010.10.12 19:39:08 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2010.10.12 19:39:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010.10.12 19:39:08 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010.10.12 19:39:08 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2010.10.12 19:39:08 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010.10.12 19:39:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2010.10.12 19:39:08 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2010.10.12 19:39:08 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2010.10.12 19:39:08 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010.10.12 19:39:08 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010.10.12 19:39:08 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010.10.12 19:39:08 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2010.10.12 19:39:08 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010.10.12 19:39:07 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010.10.12 19:39:07 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010.10.12 19:39:07 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010.10.12 19:39:07 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010.10.12 19:39:07 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010.10.12 19:39:05 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010.10.12 19:39:05 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010.10.12 19:39:05 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010.10.12 19:39:05 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010.10.12 19:39:05 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010.10.12 19:39:05 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010.10.12 19:39:05 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010.10.12 19:39:04 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2010.10.12 19:39:04 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010.10.12 19:11:34 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Thunderbird [2010.10.12 19:11:34 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Local\Thunderbird [2010.10.12 19:10:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock [2010.10.12 19:06:40 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\skypePM [2010.10.12 19:05:02 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Skype [2010.10.12 19:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.10.12 19:04:42 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.10.12 19:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.10.12 19:02:25 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2010.10.12 18:54:47 | 000,347,680 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.10.12 18:54:47 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2010.10.12 18:54:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2010.10.12 18:54:08 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2010.10.12 18:54:01 | 002,601,816 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2010.10.12 18:54:01 | 002,032,232 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2010.10.12 18:54:01 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2010.10.12 18:54:01 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2010.10.12 18:54:01 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll [2010.10.12 18:54:01 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2010.10.12 18:54:01 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2010.10.12 18:54:01 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2010.10.12 18:54:01 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2010.10.12 18:54:00 | 002,618,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2010.10.12 18:54:00 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2010.10.12 18:54:00 | 001,213,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2010.10.12 18:54:00 | 000,607,832 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2010.10.12 18:54:00 | 000,531,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2010.10.12 18:54:00 | 000,476,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2010.10.12 18:54:00 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2010.10.12 18:54:00 | 000,330,656 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2010.10.12 18:54:00 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2010.10.12 18:54:00 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2010.10.12 18:54:00 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2010.10.12 18:54:00 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2010.10.12 18:54:00 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2010.10.12 18:54:00 | 000,080,984 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2010.10.12 18:54:00 | 000,076,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2010.10.12 18:54:00 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2010.10.12 18:54:00 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2010.10.12 18:54:00 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2010.10.12 18:53:59 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2010.10.12 18:53:59 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2010.10.12 18:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010.10.12 18:53:58 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010.10.12 18:53:57 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2010.10.12 18:53:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2010.10.12 18:53:15 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2010.10.12 18:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2010.10.12 18:53:07 | 000,000,000 | ---D | C] -- C:\Intel [2010.10.12 18:21:16 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\vlc [2010.10.12 17:55:05 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Macromedia [2010.10.12 17:55:05 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Adobe [2010.10.12 17:54:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010.10.12 17:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2010.10.12 17:40:39 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\DAEMON Tools Lite [2010.10.12 17:40:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010.10.12 17:34:37 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\foobar2000 [2010.10.12 17:34:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\foobar2000 [2010.10.12 17:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2010.10.12 17:29:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\xp-AntiSpy [2010.10.12 17:08:21 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.05 07:26:30 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.05 07:26:30 | 000,009,984 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.05 03:32:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.05 03:32:30 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.05 03:19:52 | 000,727,362 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.05 03:19:52 | 000,615,760 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.05 03:19:52 | 000,107,396 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.05 01:49:24 | 098,428,925 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2010.11.05 01:31:40 | 000,037,966 | ---- | M] () -- C:\Users\c\Desktop\cmdproblem.png [2010.11.04 23:36:03 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.04 23:27:13 | 000,002,955 | ---- | M] () -- C:\Users\c\Desktop\HiJackThis.lnk [2010.11.04 23:24:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.04 23:24:08 | 3220,033,536 | -HS- | M] () -- C:\hiberfil.sys [2010.11.04 22:45:30 | 000,607,822 | ---- | M] () -- C:\Users\c\Desktop\1.png [2010.11.04 22:33:12 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.11.04 19:45:51 | 000,030,762 | ---- | M] () -- C:\Windows\unins001.dat [2010.11.04 19:45:44 | 001,199,179 | ---- | M] () -- C:\Windows\unins001.exe [2010.11.04 19:35:32 | 013,893,632 | ---- | M] () -- C:\ProgramData\sandra.mda [2010.11.04 19:18:32 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2010.SP3.lnk [2010.11.03 10:03:54 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.03 01:53:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2010.11.03 01:53:29 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2010.11.01 20:45:12 | 000,002,525 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk [2010.11.01 02:04:13 | 000,000,947 | ---- | M] () -- C:\Users\c\Desktop\Nehrim - Am Rande des Schicksals.lnk [2010.10.29 01:30:07 | 000,001,097 | ---- | M] () -- C:\Users\c\Desktop\ASIO4ALL v2 Anleitung.lnk [2010.10.27 04:23:39 | 000,000,017 | ---- | M] () -- C:\Users\c\AppData\Local\resmon.resmoncfg [2010.10.26 18:40:40 | 000,423,309 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2010.10.26 18:20:14 | 000,023,580 | ---- | M] () -- C:\Users\c\Documents\cc_20101026_192006.reg [2010.10.26 01:59:09 | 477,652,996 | ---- | M] () -- C:\Users\c\Desktop\Demon_Hunter_DEDE.mpg [2010.10.24 23:56:59 | 000,000,782 | ---- | M] () -- C:\Users\Public\Desktop\Battery 3.lnk [2010.10.21 21:44:18 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2010.10.21 20:40:25 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2010.10.20 14:48:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.10.19 16:01:50 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.10.17 00:39:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.10.16 19:44:08 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.10.16 16:21:37 | 000,001,019 | ---- | M] () -- C:\Windows\disney.ini [2010.10.16 16:20:54 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Pure.lnk [2010.10.15 05:34:45 | 000,000,830 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2010.10.15 01:48:21 | 000,000,541 | ---- | M] () -- C:\Users\c\Desktop\The Path.lnk [2010.10.14 21:24:40 | 000,016,469 | ---- | M] () -- C:\Users\c\Desktop\Unbenannt.png [2010.10.14 21:24:35 | 000,020,069 | ---- | M] () -- C:\Users\c\Desktop\TjaKakaIstSchonGeiL.png [2010.10.14 21:24:30 | 000,013,611 | ---- | M] () -- C:\Users\c\Desktop\DasLeben.png [2010.10.14 20:56:03 | 000,001,310 | ---- | M] () -- C:\Users\c\Desktop\deadrising2.exe - Shortcut.lnk [2010.10.14 18:31:23 | 000,032,376 | ---- | M] () -- C:\Users\c\Desktop\Xio.pdf [2010.10.14 01:32:15 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Mafia II.lnk [2010.10.14 01:13:28 | 000,000,000 | -H-- | M] () -- C:\Users\c\AppData\Roaming\.53685440DD4DB4CF.sys [2010.10.13 17:38:36 | 000,734,870 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.13 17:30:28 | 000,014,761 | ---- | M] () -- C:\Windows\unins000.dat [2010.10.13 17:29:29 | 001,199,175 | ---- | M] () -- C:\Windows\unins000.exe [2010.10.13 17:29:20 | 000,468,480 | ---- | M] (Oracle) -- C:\Windows\SysNative\deployJava1.dll [2010.10.13 17:29:20 | 000,183,296 | ---- | M] (Oracle) -- C:\Windows\SysNative\javaws.exe [2010.10.13 17:29:20 | 000,165,888 | ---- | M] (Oracle) -- C:\Windows\SysNative\javaw.exe [2010.10.13 17:29:20 | 000,165,888 | ---- | M] (Oracle) -- C:\Windows\SysNative\java.exe [2010.10.13 17:28:48 | 000,423,656 | ---- | M] (Oracle) -- C:\Windows\SysWow64\deployJava1.dll [2010.10.13 17:28:48 | 000,153,376 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaws.exe [2010.10.13 17:28:48 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\javaw.exe [2010.10.13 17:28:48 | 000,145,184 | ---- | M] (Oracle) -- C:\Windows\SysWow64\java.exe [2010.10.12 19:06:41 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.10.12 17:41:54 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.05 03:21:39 | 000,051,200 | ---- | C] () -- C:\Users\c\Desktop\simon in love.doc [2010.11.05 01:49:24 | 098,428,925 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2010.11.05 01:31:36 | 000,037,966 | ---- | C] () -- C:\Users\c\Desktop\cmdproblem.png [2010.11.04 23:36:03 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.04 23:27:13 | 000,002,955 | ---- | C] () -- C:\Users\c\Desktop\HiJackThis.lnk [2010.11.04 22:45:26 | 000,607,822 | ---- | C] () -- C:\Users\c\Desktop\1.png [2010.11.04 19:18:32 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\SiSoftware Sandra Lite 2010.SP3.lnk [2010.11.04 19:18:28 | 013,893,632 | ---- | C] () -- C:\ProgramData\sandra.mda [2010.11.03 10:03:54 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2010.11.03 01:53:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2010.11.03 01:53:29 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2010.11.01 20:45:12 | 000,002,525 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk [2010.11.01 02:04:13 | 000,000,947 | ---- | C] () -- C:\Users\c\Desktop\Nehrim - Am Rande des Schicksals.lnk [2010.10.29 02:36:25 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.10.29 02:36:23 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.10.29 01:30:07 | 000,001,097 | ---- | C] () -- C:\Users\c\Desktop\ASIO4ALL v2 Anleitung.lnk [2010.10.27 04:23:39 | 000,000,017 | ---- | C] () -- C:\Users\c\AppData\Local\resmon.resmoncfg [2010.10.26 18:20:11 | 000,023,580 | ---- | C] () -- C:\Users\c\Documents\cc_20101026_192006.reg [2010.10.26 01:37:32 | 477,652,996 | ---- | C] () -- C:\Users\c\Desktop\Demon_Hunter_DEDE.mpg [2010.10.24 23:56:59 | 000,000,782 | ---- | C] () -- C:\Users\Public\Desktop\Battery 3.lnk [2010.10.21 20:40:25 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2010.10.20 14:48:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.10.19 15:48:21 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.10.17 00:39:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.10.16 19:35:51 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.10.16 16:20:54 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Pure.lnk [2010.10.16 16:12:48 | 000,001,019 | ---- | C] () -- C:\Windows\disney.ini [2010.10.15 05:34:45 | 000,000,830 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk [2010.10.15 01:40:04 | 000,000,541 | ---- | C] () -- C:\Users\c\Desktop\The Path.lnk [2010.10.14 21:24:39 | 000,016,469 | ---- | C] () -- C:\Users\c\Desktop\Unbenannt.png [2010.10.14 21:24:34 | 000,020,069 | ---- | C] () -- C:\Users\c\Desktop\TjaKakaIstSchonGeiL.png [2010.10.14 21:24:28 | 000,013,611 | ---- | C] () -- C:\Users\c\Desktop\DasLeben.png [2010.10.14 20:56:03 | 000,001,310 | ---- | C] () -- C:\Users\c\Desktop\deadrising2.exe - Shortcut.lnk [2010.10.14 18:31:18 | 000,032,376 | ---- | C] () -- C:\Users\c\Desktop\Xio.pdf [2010.10.14 01:32:15 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Mafia II.lnk [2010.10.14 01:13:28 | 000,000,000 | -H-- | C] () -- C:\Users\c\AppData\Roaming\.53685440DD4DB4CF.sys [2010.10.13 17:38:33 | 000,734,870 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.10.13 17:31:45 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll [2010.10.13 17:31:43 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll [2010.10.13 17:31:43 | 000,271,264 | ---- | C] () -- C:\Windows\System\vbrun100.dll [2010.10.13 17:31:43 | 000,210,944 | ---- | C] () -- C:\Windows\System\msvcrt10.dll [2010.10.13 17:31:43 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll [2010.10.13 17:31:42 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe [2010.10.13 17:31:42 | 000,030,762 | ---- | C] () -- C:\Windows\unins001.dat [2010.10.13 17:29:30 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe [2010.10.13 17:29:30 | 000,014,761 | ---- | C] () -- C:\Windows\unins000.dat [2010.10.12 19:06:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.10.12 18:54:47 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.10.12 17:41:54 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report > Code:
ATTFilter OTL Extras logfile created on: 05.11.2010 07:57:50 - Run 2
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\c\Downloads
64bit- Enterprise Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 17,44 Gb Free Space | 35,72% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 13,85 Gb Free Space | 28,37% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 14,12 Gb Free Space | 28,91% Space Free | Partition Type: NTFS
Drive F: | 490,70 Gb Total Space | 249,63 Gb Free Space | 50,87% Space Free | Partition Type: NTFS
Drive G: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 391,16 Gb Total Space | 203,93 Gb Free Space | 52,14% Space Free | Partition Type: NTFS
Drive I: | 24,66 Gb Total Space | 1,66 Gb Free Space | 6,73% Space Free | Partition Type: NTFS
Drive J: | 153,38 Gb Total Space | 8,73 Gb Free Space | 5,69% Space Free | Partition Type: NTFS
Computer Name: C-PC | User Name: c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{23170F69-40C1-2702-0917-000001000000}" = 7-Zip 9.17 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{319B58E8-4C80-4912-8EA7-24A9658120C6}" = AVG 2011
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{5BF8A577-B334-49BE-A7B2-349C1F1B0C58}" = AVG 2011
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP3
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD1}" = Paint.NET v3.5.5
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"AVG" = AVG 2011
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 1.2.8
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"REAPER" = REAPER (x64)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.5026)
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026" = Visual C++ 2008 x64 Runtime - v9.0.30729.5026
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92F027CB-BDF9-4047-A654-13A050908158}" = ElastikVst
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BAF2FA20-6886-483C-8CC6-3310A1A636E5}" = ElastikVst
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 + KB928366
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.0.1
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"CCleaner" = CCleaner
"FileZilla Client" = FileZilla Client 3.2.7.1
"foobar2000" = foobar2000 v1.1
"Foxit Reader" = Foxit Reader
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"JDownloader" = JDownloader
"M928366" =
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 SP1 + KB928366
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Mozilla Thunderbird (3.1.4)" = Mozilla Thunderbird (3.1.4)
"Native Instruments Battery 3" = Native Instruments Battery 3
"Nehrim - Am Rande des Schicksals_is1" = NehrimUninstaller
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Rainlendar2" = Rainlendar2 (remove only)
"RocketDock_is1" = RocketDock 1.3.5
"Scorched3D" = Scorched3D 43.1c
"StarCraft II" = StarCraft II
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 550" = Left 4 Dead 2
"VLC media player" = VLC media player 1.1.4
"xp-AntiSpy" = xp-AntiSpy 3.97-9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Thunderbird (3.1.6)" = Mozilla Thunderbird (3.1.6)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 30.10.2010 11:23:23 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper_host32.exe, version: 0.0.0.0, time
stamp: 0x4cbde8f2 Faulting module name: IL Autogun.dll, version: 1.1.1.0, time stamp:
0x4a292e11 Exception code: 0xc0000005 Fault offset: 0x000f2f9c Faulting process id:
0x1394 Faulting application start time: 0x01cb78459adc2fe0 Faulting application path:
D:\Program Files\REAPER (x64)\Plugins\reaper_host32.exe Faulting module path: d:\Program
Files\REAPER (x64)\Plugins\VST\IL Autogun.dll Report Id: a1b0f60f-e439-11df-b811-001a4d5865ab
Error - 30.10.2010 11:24:47 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper_host32.exe, version: 0.0.0.0, time
stamp: 0x4cbde8f2 Faulting module name: pong.dll, version: 0.0.0.0, time stamp:
0x45e05ac7 Exception code: 0xc000000d Fault offset: 0x000122d2 Faulting process id:
0x7c8 Faulting application start time: 0x01cb784695b4f6d9 Faulting application path:
D:\Program Files\REAPER (x64)\Plugins\reaper_host32.exe Faulting module path: d:\Program
Files\REAPER (x64)\Plugins\VST\pong-windows\pong.dll Report Id: d42de510-e439-11df-b811-001a4d5865ab
Error - 31.10.2010 16:26:28 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper.exe, version: 3.7.2.0, time stamp:
0x4cbde92a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0000000000560158 Faulting process id: 0x10a8 Faulting
application start time: 0x01cb7939df9355e9 Faulting application path: d:\Program
Files\REAPER (x64)\reaper.exe Faulting module path: unknown Report Id: 237d5215-e52d-11df-b811-001a4d5865ab
Error - 31.10.2010 16:27:01 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper.exe, version: 3.7.2.0, time stamp:
0x4cbde92a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0000000000360158 Faulting process id: 0x12a8 Faulting
application start time: 0x01cb7939f80ca5c6 Faulting application path: d:\Program
Files\REAPER (x64)\reaper.exe Faulting module path: unknown Report Id: 36ebf86d-e52d-11df-b811-001a4d5865ab
Error - 31.10.2010 20:36:26 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: oblivion.exe, version: 0.1.0.228, time
stamp: 0x44045dcb Faulting module name: oblivion.exe, version: 0.1.0.228, time stamp:
0x44045dcb Exception code: 0xc0000005 Fault offset: 0x000c09a0 Faulting process id:
0xfc8 Faulting application start time: 0x01cb795c88939c34 Faulting application path:
F:\Program Files (x86)\SureAI\Nehrim\oblivion.exe Faulting module path: F:\Program
Files (x86)\SureAI\Nehrim\oblivion.exe Report Id: 0ecda9f2-e550-11df-b811-001a4d5865ab
Error - 01.11.2010 12:09:36 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper.exe, version: 3.7.2.0, time stamp:
0x4cbde92a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000002c0158 Faulting process id: 0x8c4 Faulting
application start time: 0x01cb79df2891d0d1 Faulting application path: D:\Program
Files\REAPER (x64)\reaper.exe Faulting module path: unknown Report Id: 6b601fa6-e5d2-11df-ac16-001a4d5865ab
Error - 01.11.2010 17:11:52 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper_host32.exe, version: 0.0.0.0, time
stamp: 0x4cbde8f2 Faulting module name: IL Autogun.dll, version: 1.1.1.0, time stamp:
0x4a292e11 Exception code: 0xc0000005 Fault offset: 0x000f2f9c Faulting process id:
0x125c Faulting application start time: 0x01cb7a0966130ef4 Faulting application path:
D:\Program Files\REAPER (x64)\Plugins\reaper_host32.exe Faulting module path: d:\Program
Files\REAPER (x64)\Plugins\VST\IL Autogun.dll Report Id: a55ac1e2-e5fc-11df-ac16-001a4d5865ab
Error - 01.11.2010 17:13:24 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper_host32.exe, version: 0.0.0.0, time
stamp: 0x4cbde8f2 Faulting module name: pong.dll, version: 0.0.0.0, time stamp:
0x45e05ac7 Exception code: 0xc000000d Fault offset: 0x000122d2 Faulting process id:
0x9e4 Faulting application start time: 0x01cb7a099df23ea3 Faulting application path:
D:\Program Files\REAPER (x64)\Plugins\reaper_host32.exe Faulting module path: d:\Program
Files\REAPER (x64)\Plugins\VST\pong-windows\pong.dll Report Id: dc6909f2-e5fc-11df-ac16-001a4d5865ab
Error - 01.11.2010 20:40:25 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper.exe, version: 3.7.2.0, time stamp:
0x4cbde92a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0000000000200158 Faulting process id: 0x5a8 Faulting
application start time: 0x01cb7a2686d95103 Faulting application path: D:\Program
Files\REAPER (x64)\reaper.exe Faulting module path: unknown Report Id: c817d23e-e619-11df-ac16-001a4d5865ab
Error - 02.11.2010 19:27:32 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper.exe, version: 3.7.2.0, time stamp:
0x4cbde92a Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000003beb90 Faulting process id: 0x1318 Faulting
application start time: 0x01cb7ae532df4fa8 Faulting application path: D:\Program
Files\REAPER (x64)\reaper.exe Faulting module path: unknown Report Id: c3900bc0-e6d8-11df-a797-001a4d5865ab
[ System Events ]
Error - 29.10.2010 12:45:38 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 29.10.2010 12:45:38 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 01.11.2010 11:00:44 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 01.11.2010 11:00:44 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 01.11.2010 21:35:10 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 01.11.2010 21:35:10 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 02.11.2010 11:15:42 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 02.11.2010 11:15:42 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 03.11.2010 04:17:21 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 03.11.2010 04:17:21 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
< End of report >
Was da gefunden wurde ist eigentlich alter Käse. Hab es mal entfernt, aber das ist wahrscheinlich nix dramatisches.. Zitat:
 |
|
06.11.2010, 17:57
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
__________________ |
|
06.11.2010, 18:21
| #3 | |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
Habe ich von irgendjemand vor längerer Zeit mal bekommen. Kein Plan wo genau das herkommt... Den Kram benutze ich aber auch schon lange nichtmehr und das plugin ist ja auch jetzt gelöscht. Das Problem besteht leider weiterhin  Aber Danke schonmal für die Antwort. EDIT: Hab mal etwas gegoogelt: Dieses Plugin wird anscheinend des öfteren als Trojaner eingestuft. Sollte aber ein Fehlalarm sein, da es standardmäßig mit der Demoversion von FL_Studio geladen wird, wo es wahrscheinlich auch in meinem Fall herkommt. Geändert von Stowneage (06.11.2010 um 18:31 Uhr) |
|
06.11.2010, 18:35
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O32 - AutoRun File - [2008.05.21 21:21:24 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009.02.04 22:54:01 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - G:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2008.10.11 18:03:48 | 000,000,054 | R--- | M] () - G:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell - "" = AutoRun
O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell\AutoRun\command - "" = K:\OblivionLauncher.exe -- File not found
O33 - MountPoints2\{c7e04925-2e53-11df-b465-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c7e04925-2e53-11df-b465-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Autorun.exe -- [2008.11.15 10:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.)
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
06.11.2010, 20:54
| #5 | |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
Muss ich noch etwas tun ? Was ist hier genau vorgefallen ? (würde mir das nächste mal gerne selbst helfen). Vielen Dank jedenfalls schonmal soweit !! |
|
06.11.2010, 23:37
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ --> cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? |
|
07.11.2010, 04:39
| #7 | |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
|
|
08.11.2010, 17:30
| #8 |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Malwarebytes hat nichts mehr gefunden. Problem scheint gelöst. Vielen Dank für die kompetente Hilfe. Bevor das hier zugemacht wird, würde es mich aber echt noch brennend interessieren was genau geschehen ist und wo ich hier evtl eine Anleitung finde wie sowas in Zukunft eigenständig zu lösen ist. Speziell diese Befehlszeilen für OTL scheinen ja bei vielen Abhilfe zu schaffen.... Auf jeden Fall vielen Dank und weiter so ! |
|
09.11.2010, 01:18
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.04.2011, 00:18
| #10 |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Das Problem tritt mittlerweile wieder auf. Kann ich die alte Lösung gefahrlos erneut versuchen oder soll ich nochmal diverse logdateien posten ? |
|
15.04.2011, 10:07
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Mahc erstmal neue Logs mit MBAM und OTL. Bitte neue Versionen runterladen und ausführen! Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2011, 09:20
| #12 |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 6370 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 16.04.2011 09:37:33 mbam-log-2011-04-16 (09-37-33).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|) Objects scanned: 1013733 Time elapsed: 3 hour(s), 13 minute(s), 0 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: j:\*************************************************************************** (Trojan.Agent) -> Quarantined and deleted successfully. *nicht sicher ob das wirklich das Problem war da sich die Datei auf einer alten Platte befand welche beim letzten mal garnicht angeschlossen war. |
|
16.04.2011, 09:21
| #13 |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.04.2011 09:44:37 - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\c\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 4,81 Gb Free Space | 9,86% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 12,16 Gb Free Space | 24,90% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 14,12 Gb Free Space | 28,93% Space Free | Partition Type: NTFS
Drive F: | 490,70 Gb Total Space | 103,37 Gb Free Space | 21,07% Space Free | Partition Type: NTFS
Drive H: | 391,16 Gb Total Space | 203,94 Gb Free Space | 52,14% Space Free | Partition Type: NTFS
Drive I: | 24,66 Gb Total Space | 2,04 Gb Free Space | 8,25% Space Free | Partition Type: NTFS
Drive J: | 118,70 Gb Total Space | 21,20 Gb Free Space | 17,86% Space Free | Partition Type: NTFS
Drive K: | 156,25 Gb Total Space | 39,58 Gb Free Space | 25,33% Space Free | Partition Type: NTFS
Drive L: | 97,66 Gb Total Space | 19,34 Gb Free Space | 19,80% Space Free | Partition Type: NTFS
Computer Name: C-PC | User Name: c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\c\Downloads\OTL(1).exe (OldTimer Tools)
PRC - F:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - F:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\c\Downloads\OTL(1).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (NIHardwareService) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV:64bit: - (HerculesDJControlMP3) -- C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE ()
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (SandraAgentSrv) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\RpcAgentSrv.exe (SiSoftware)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Hamachi2Svc) -- F:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
========== Driver Services (SafeList) ==========
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HDJMidi) -- C:\Windows\SysNative\drivers\HDJMidi.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (Bulk) -- C:\Windows\SysNative\drivers\HDJBulk.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (HDJAsioK) -- C:\Windows\SysNative\drivers\HDJAsioK.sys (© Guillemot R&D, 2010. All rights reserved.)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (bcd3000) -- C:\Windows\SysNative\drivers\bcd3000_x64.sys (Behringer)
DRV:64bit: - (bcd3000wdm) -- C:\Windows\SysNative\drivers\bcd3000wdm_x64.sys (Behringer)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (MAUSBFASTTRACKPRO) -- C:\Windows\SysNative\drivers\MAudioFastTrackPro.sys (Avid Technology, Inc.)
DRV:64bit: - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP3\WNt500x64\sandra.sys (SiSoftware)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.)
DRV:64bit: - (athrusb6) -- C:\Windows\SysNative\drivers\G220Vista64.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynasUSB) -- C:\Windows\SysNative\drivers\synUSB64.sys (SIA Syncrosoft)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E7 DD CF 99 E0 A2 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: john@velvetcache.org:1.3.3
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81
FF - prefs.js..extensions.enabledItems: {d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}:2.0.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe30}:0.7.5
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1"
FF - prefs.js..network.proxy.socks: "127.0.0.1"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 4
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011.03.30 15:24:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.11 19:10:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.11 19:10:49 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: f:\Program Files (x86)\Mozilla Thunderbird\components [2011.03.06 00:32:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: f:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.01.09 18:24:22 | 000,000,000 | ---D | M]
[2010.10.12 20:11:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Extensions
[2010.10.12 20:11:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.04.11 18:19:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions
[2011.03.23 01:04:54 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2011.03.28 19:29:41 | 000,000,000 | ---D | M] (WOT) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.03.03 00:06:50 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2011.04.09 13:55:59 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.03.12 18:36:27 | 000,000,000 | ---D | M] (Tiny Menu) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{d33c2f7c-b1e6-4d46-ab0e-be1f6d05c904}
[2011.03.07 12:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011.03.12 21:53:49 | 000,000,000 | ---D | M] (Element Hiding Helper for Adblock Plus) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\elemhidehelper@adblockplus.org
[2011.02.09 15:08:11 | 000,000,000 | ---D | M] (Beef Taco (Targeted Advertising Cookie Opt-Out)) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\john@velvetcache.org
[2011.03.07 12:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\extensions\{dc572301-7619-498c-a57d-39143191b318}\modules\extensions
[2010.10.12 21:00:24 | 000,002,314 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\forestle-de.xml
[2010.10.12 21:01:16 | 000,001,590 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\scroogle-ssl-german-search.xml
[2010.10.12 21:01:10 | 000,001,549 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\scroogle-ssl-search.xml
[2011.04.02 16:07:22 | 000,001,997 | ---- | M] () -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\8oq4rs7e.default\searchplugins\wolframalpha.xml
[2011.04.11 19:10:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.12.21 20:46:57 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.13 18:28:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.09 18:10:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2011.03.30 15:24:28 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG10\FIREFOX4
[2011.03.18 19:53:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011.01.09 18:09:56 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.13 15:09:16 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2010.11.06 21:48:02 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Chew7Hale] C:\Windows\SysNative\hale.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] F:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [Rainlendar2] f:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab (Creative Software AutoUpdate Support Package)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell - "" = AutoRun
O33 - MountPoints2\{283f6d7f-d62a-11df-87e8-001a4d5865ab}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.04.13 21:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TASCAM
[2011.04.13 21:47:21 | 000,905,728 | ---- | C] (SIA Syncrosoft) -- C:\Windows\SysNative\synsoacc.dll
[2011.04.13 21:45:28 | 000,031,248 | ---- | C] (SIA Syncrosoft) -- C:\Windows\SysNative\drivers\synUSB64.sys
[2011.04.13 21:45:27 | 000,045,056 | ---- | C] (SIA Syncrosoft) -- C:\Windows\SysWow64\Synsopos.exe
[2011.04.13 21:45:26 | 000,401,462 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\temp.000
[2011.04.13 21:45:26 | 000,147,456 | ---- | C] (SIA Syncrosoft) -- C:\Windows\SysWow64\SynsoLChk.dll
[2011.04.13 21:45:25 | 000,757,760 | ---- | C] (SIA Syncrosoft) -- C:\Windows\SysWow64\SYNSOACC.dll
[2011.04.13 21:45:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Syncrosoft
[2011.04.13 21:45:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Syncrosoft
[2011.04.12 18:04:12 | 000,000,000 | ---D | C] -- C:\Users\c\Desktop\Windows Loader
[2011.04.10 15:57:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Mario Bros. X
[2011.04.09 14:35:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
[2011.04.09 14:34:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
[2011.04.09 14:26:49 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
[2011.04.06 22:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.04.06 22:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.04.06 22:25:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.04.06 22:24:37 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.04.06 22:24:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.04.06 18:12:52 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.04.06 18:12:52 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.04.06 18:12:51 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.04.06 18:12:51 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.03.29 17:53:28 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2011.03.29 17:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.03.24 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\c\Documents\Heroes of Newerth
[2011.03.24 18:56:37 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011.03.24 18:56:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Newerth
[2011.03.22 21:09:07 | 015,451,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xlive.dll
[2011.03.22 20:09:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
[2011.03.22 20:01:52 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.03.22 20:01:52 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.03.22 20:01:52 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.03.22 20:01:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.03.22 20:01:52 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.03.22 20:01:52 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.03.22 20:01:51 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011.03.22 20:01:51 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011.03.22 20:01:51 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011.03.22 20:01:51 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011.03.22 20:01:50 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.03.22 20:01:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.03.22 20:01:50 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011.03.22 20:01:50 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011.03.22 20:01:49 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.03.22 20:01:49 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.03.22 20:01:49 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.03.22 20:01:49 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.03.22 20:01:48 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.03.22 20:01:48 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.03.22 20:01:47 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011.03.22 20:01:47 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011.03.22 20:01:47 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011.03.22 20:01:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011.03.22 20:01:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011.03.22 20:01:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011.03.22 20:01:46 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011.03.22 20:01:46 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011.03.22 20:01:46 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011.03.22 20:01:46 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011.03.22 20:01:45 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.03.22 20:01:45 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.03.22 20:01:45 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.03.22 20:01:45 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.03.22 20:01:45 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011.03.22 20:01:45 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011.03.22 20:01:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011.03.22 20:01:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011.03.22 20:01:44 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011.03.22 20:01:44 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.03.22 20:01:43 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011.03.22 20:01:43 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011.03.22 20:01:43 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011.03.22 20:01:43 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011.03.22 20:01:43 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011.03.22 20:01:43 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011.03.22 20:01:43 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011.03.22 20:01:43 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011.03.22 20:01:42 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011.03.22 20:01:42 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011.03.22 20:01:42 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011.03.22 20:01:42 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011.03.22 20:01:42 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011.03.22 20:01:42 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011.03.22 19:05:34 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.03.22 19:05:34 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.03.22 19:05:34 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.03.22 19:05:34 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.03.22 19:05:33 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.03.22 19:05:33 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.03.18 18:17:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2011.03.18 18:10:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Native Instruments
[2011.03.17 21:11:01 | 000,000,000 | ---D | C] -- C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Native Instruments SoundSchool Analog
[2011.03.17 21:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments SoundSchool Analog
[2010.05.05 20:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010.05.05 20:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.04.16 09:40:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.16 09:40:53 | 3220,033,536 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.16 09:39:35 | 000,061,080 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.16 09:39:35 | 000,061,080 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.16 09:39:35 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.16 09:39:34 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.16 09:39:33 | 000,010,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.15 15:46:19 | 112,496,297 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2011.04.14 20:22:22 | 001,158,640 | ---- | M] () -- C:\Users\c\Desktop\Musikwissenschaft.pdf
[2011.04.13 21:47:26 | 000,001,108 | ---- | M] () -- C:\Users\c\Desktop\CVPiano-Modeled.lnk
[2011.04.12 21:51:40 | 000,006,557 | ---- | M] () -- C:\Windows\SysNative\cwlog.dtl
[2011.04.12 21:51:38 | 001,008,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2011.04.12 21:51:38 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2011.04.12 21:51:38 | 000,381,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppcommdlg.dll
[2011.04.12 21:51:37 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sppwmi.dll
[2011.04.12 21:51:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.04.12 21:51:32 | 002,169,856 | -HS- | M] () -- C:\Windows\SysNative\hale.exe
[2011.04.12 21:51:32 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2011.04.12 21:51:32 | 000,349,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slui.exe
[2011.04.12 21:51:32 | 000,107,946 | ---- | M] () -- C:\Windows\SysNative\slmgr.vbs
[2011.04.12 21:51:32 | 000,002,048 | ---- | M] () -- C:\Windows\SysNative\winver.exe
[2011.04.12 18:07:15 | 000,626,008 | ---- | M] () -- C:\Users\c\Desktop\WAT Fix.exe
[2011.04.11 19:11:46 | 000,002,052 | ---- | M] () -- C:\Users\c\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011.04.11 19:10:52 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.04.10 21:37:59 | 003,031,200 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.04.10 21:37:59 | 000,704,200 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.04.10 21:37:59 | 000,666,132 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2011.04.10 21:37:59 | 000,660,440 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.04.10 21:37:59 | 000,479,266 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2011.04.10 21:37:59 | 000,151,726 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.04.10 21:37:59 | 000,144,096 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2011.04.10 21:37:59 | 000,124,630 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.04.10 21:37:59 | 000,104,268 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2011.04.10 15:57:53 | 000,000,588 | ---- | M] () -- C:\Users\Public\Desktop\SuperMarioBrothers.org.lnk
[2011.04.10 15:57:53 | 000,000,512 | ---- | M] () -- C:\Users\Public\Desktop\Super Mario Bros. X.lnk
[2011.04.10 15:57:20 | 000,000,697 | ---- | M] () -- C:\Users\Public\Desktop\REAPER (x64).lnk
[2011.04.09 16:11:39 | 000,001,572 | ---- | M] () -- C:\Users\c\Desktop\traktor.scratch.pro.2.0.1.(r10169)-mpt.exe - Shortcut.lnk
[2011.04.09 14:35:16 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\Traktor 2.lnk
[2011.04.09 14:34:39 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Controller Editor.lnk
[2011.04.09 14:34:22 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2011.04.09 00:40:55 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2011.04.09 00:40:55 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2011.04.06 01:11:21 | 001,448,216 | ---- | M] () -- C:\Users\c\Desktop\Leer = gut.mp3
[2011.04.02 21:48:51 | 000,005,902 | ---- | M] () -- C:\Users\c\Documents\cc_20110402_214848.reg
[2011.03.30 21:40:04 | 000,065,026 | ---- | M] () -- C:\Users\c\Desktop\coldmirrorlike.png
[2011.03.28 19:58:11 | 115,118,376 | ---- | M] () -- C:\Users\c\Desktop\Casey Heynes_ Full Interview with A Current Affair [ICEFILMS SPECIAL - ALTAIR].avi.part
[2011.03.24 18:56:37 | 000,000,842 | ---- | M] () -- C:\Users\c\Desktop\Heroes of Newerth.lnk
[2011.03.24 18:56:37 | 000,000,842 | ---- | M] () -- C:\Users\c\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2011.03.22 20:09:25 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\Bulletstorm.lnk
[2011.03.20 04:16:29 | 000,001,436 | ---- | M] () -- C:\Users\c\Desktop\SuperMeatBoy.exe - Shortcut.lnk
[2011.03.19 04:56:40 | 000,086,451 | ---- | M] () -- C:\Users\c\Desktop\Info_Tonmeister_09_2010.pdf
[2011.03.18 18:21:20 | 000,001,204 | ---- | M] () -- C:\Users\c\Desktop\Kontakt 4.lnk
[2011.03.18 00:21:30 | 000,024,947 | ---- | M] () -- C:\Users\c\Documents\A N A L O G Bank 1.ssf
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.04.14 20:22:19 | 001,158,640 | ---- | C] () -- C:\Users\c\Desktop\Musikwissenschaft.pdf
[2011.04.13 21:47:26 | 000,001,108 | ---- | C] () -- C:\Users\c\Desktop\CVPiano-Modeled.lnk
[2011.04.13 21:47:21 | 000,147,425 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Aide.chm
[2011.04.13 21:47:21 | 000,147,425 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Aide.chm
[2011.04.13 21:47:21 | 000,120,468 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Hilfe.chm
[2011.04.13 21:47:21 | 000,120,468 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Hilfe.chm
[2011.04.13 21:47:21 | 000,114,279 | ---- | C] () -- C:\Windows\SysWow64\SYNSOACC-Help.chm
[2011.04.13 21:47:21 | 000,114,279 | ---- | C] () -- C:\Windows\SysNative\SYNSOACC-Help.chm
[2011.04.12 21:51:36 | 000,006,557 | ---- | C] () -- C:\Windows\SysNative\cwlog.dtl
[2011.04.12 21:51:32 | 002,169,856 | -HS- | C] () -- C:\Windows\SysNative\hale.exe
[2011.04.11 19:10:52 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.11 19:10:52 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.04.10 15:57:53 | 000,000,588 | ---- | C] () -- C:\Users\Public\Desktop\SuperMarioBrothers.org.lnk
[2011.04.10 15:57:53 | 000,000,512 | ---- | C] () -- C:\Users\Public\Desktop\Super Mario Bros. X.lnk
[2011.04.10 15:57:20 | 000,000,697 | ---- | C] () -- C:\Users\Public\Desktop\REAPER (x64).lnk
[2011.04.09 16:11:39 | 000,001,572 | ---- | C] () -- C:\Users\c\Desktop\traktor.scratch.pro.2.0.1.(r10169)-mpt.exe - Shortcut.lnk
[2011.04.09 14:35:16 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\Traktor 2.lnk
[2011.04.09 14:27:09 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Controller Editor.lnk
[2011.04.09 14:26:49 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2011.04.06 00:40:15 | 001,448,216 | ---- | C] () -- C:\Users\c\Desktop\Leer = gut.mp3
[2011.04.02 21:48:50 | 000,005,902 | ---- | C] () -- C:\Users\c\Documents\cc_20110402_214848.reg
[2011.03.30 21:39:50 | 000,065,026 | ---- | C] () -- C:\Users\c\Desktop\coldmirrorlike.png
[2011.03.28 19:51:12 | 115,118,376 | ---- | C] () -- C:\Users\c\Desktop\Casey Heynes_ Full Interview with A Current Affair [ICEFILMS SPECIAL - ALTAIR].avi.part
[2011.03.25 17:12:22 | 000,626,008 | ---- | C] () -- C:\Users\c\Desktop\WAT Fix.exe
[2011.03.24 18:56:37 | 000,000,842 | ---- | C] () -- C:\Users\c\Desktop\Heroes of Newerth.lnk
[2011.03.24 18:56:37 | 000,000,842 | ---- | C] () -- C:\Users\c\Application Data\Microsoft\Internet Explorer\Quick Launch\Heroes of Newerth.lnk
[2011.03.22 21:09:07 | 000,039,424 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.bak2
[2011.03.22 20:09:25 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\Bulletstorm.lnk
[2011.03.19 04:56:38 | 000,086,451 | ---- | C] () -- C:\Users\c\Desktop\Info_Tonmeister_09_2010.pdf
[2011.03.18 18:21:20 | 000,001,204 | ---- | C] () -- C:\Users\c\Desktop\Kontakt 4.lnk
[2011.03.18 00:21:30 | 000,024,947 | ---- | C] () -- C:\Users\c\Documents\A N A L O G Bank 1.ssf
[2011.01.26 20:52:30 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.01.26 20:52:30 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.01.26 20:51:37 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2010.11.04 20:18:28 | 013,893,632 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.10.27 05:23:39 | 000,000,017 | ---- | C] () -- C:\Users\c\AppData\Local\resmon.resmoncfg
[2010.10.16 17:12:48 | 000,001,019 | ---- | C] () -- C:\Windows\disney.ini
[2010.10.14 02:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.14 02:13:28 | 000,000,000 | -H-- | C] () -- C:\Users\c\AppData\Roaming\.53685440DD4DB4CF.sys
[2010.10.13 18:38:33 | 000,776,990 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.13 18:31:45 | 000,052,836 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2010.10.13 18:31:43 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll
[2010.10.13 18:31:43 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2010.10.13 18:31:42 | 001,199,179 | ---- | C] () -- C:\Windows\unins001.exe
[2010.10.13 18:31:42 | 000,030,762 | ---- | C] () -- C:\Windows\unins001.dat
[2010.10.13 18:29:30 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2010.10.13 18:29:30 | 000,014,761 | ---- | C] () -- C:\Windows\unins000.dat
[2010.10.12 20:06:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.05 21:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010.05.05 20:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010.05.05 20:46:30 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010.05.05 20:46:30 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010.05.05 20:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:57:30 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.04 02:37:06 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.05.27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
< End of report >
|
|
16.04.2011, 09:22
| #14 |
| | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 16.04.2011 09:44:37 - Run 5
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\c\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 52,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 4,81 Gb Free Space | 9,86% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 12,16 Gb Free Space | 24,90% Space Free | Partition Type: NTFS
Drive E: | 48,83 Gb Total Space | 14,12 Gb Free Space | 28,93% Space Free | Partition Type: NTFS
Drive F: | 490,70 Gb Total Space | 103,37 Gb Free Space | 21,07% Space Free | Partition Type: NTFS
Drive H: | 391,16 Gb Total Space | 203,94 Gb Free Space | 52,14% Space Free | Partition Type: NTFS
Drive I: | 24,66 Gb Total Space | 2,04 Gb Free Space | 8,25% Space Free | Partition Type: NTFS
Drive J: | 118,70 Gb Total Space | 21,20 Gb Free Space | 17,86% Space Free | Partition Type: NTFS
Drive K: | 156,25 Gb Total Space | 39,58 Gb Free Space | 25,33% Space Free | Partition Type: NTFS
Drive L: | 97,66 Gb Total Space | 19,34 Gb Free Space | 19,80% Space Free | Partition Type: NTFS
Computer Name: C-PC | User Name: c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{23170F69-40C1-2702-0917-000001000000}" = 7-Zip 9.17 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java(TM) 6 Update 24 (64-bit)
"{2AAC4085-DCBF-417B-AEBD-182197839240}" = Native Instruments Traktor
"{45212F71-750F-4B98-8931-2F35DBE6B662}" = Paint.NET v3.5.7
"{6BED4DFE-C527-463E-B93A-6F6848B74DD0}" = Native Instruments Battery 3
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{742DF898-7ABE-4CF4-8557-5D17C400D49C}" = AVG 2011
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{9545E9DB-6F4C-4404-BF25-E221BE8B44C5}" = iTunes
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 266.58
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP3
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D49110AD-34A7-485C-901D-DFBBFF70D3EC}" = AVG 2011
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{EF5948BA-589D-4BE7-B993-C45DC1A77E24}" = MobileMe Control Panel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF600C37-6328-4348-A67A-3F85D8039604}" = Native Instruments Kore Player
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Adobe Flash Player Plugin 64" = Adobe Flash Player 10 Plugin 64-bit
"AVG" = AVG 2011
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"REAPER" = REAPER (x64)
"Recuva" = Recuva
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}" = Visual C++ 2008 x64 Runtime - (v9.0.30729.5026)
"{0FB0306C-11D8-35F2-9AC9-121FA753F9AD}.vc_x64runtime_30729_5026" = Visual C++ 2008 x64 Runtime - v9.0.30729.5026
"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{33999F1F-EA46-4E55-A239-1BA803235396}" = Hercules DJ Products Series drivers
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3A7DDC0A-B576-47E4-B061-2DD5D91E432F}" = KORG USB-MIDI Driver Tools for Windows
"{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{491DFBAA-77EF-4B06-8676-2FC66EEE049A}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1" = Amnesia - The Dark Descent
"{55422856-42AF-4251-91FF-0349F2D14DF3}" = Korg Kontrol Editor
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59579B12-97E6-437E-B988-BA032165D355}" = Xtra Controller
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92F027CB-BDF9-4047-A654-13A050908158}" = ElastikVst
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAF2FA20-6886-483C-8CC6-3310A1A636E5}" = ElastikVst
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1" = Super Mario Bros. X version 1.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1 + KB928366
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}" = Visual C++ 2008 x86 Runtime - (v9.0.30729.5026)
"{E04ACCBC-DF36-364E-87E8-6C24BB981AB8}.vc_x86runtime_30729_5026" = Visual C++ 2008 x86 Runtime - v9.0.30729.5026
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.0.1
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF3C203A-2F19-43A2-9C7C-EC1B5A0FC873}" = Pure
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ALchemy" = Creative ALchemy
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 1.2.6
"AudioCS" = Creative Audio-Systemsteuerung
"Camel Audio Alchemy" = Camel Audio Alchemy
"Console Launcher" = Creative Konsole Starter
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"CVPiano-Modeled" = CVPiano-Modeled
"DVD Flick_is1" = DVD Flick 1.3.0.7
"Fallout 3 DLC Pack_is1" = Fallout 3 DLC Pack
"Fallout 3 Mod-Pack_is1" = Fallout 3 Mod-Pack
"Fallout 3 uncut Patch_is1" = Fallout 3 uncut Patch
"FileHippo.com" = FileHippo.com Update Checker
"FileZilla Client" = FileZilla Client 3.2.7.1
"foobar2000" = foobar2000 v1.1.5
"Foxit Reader" = Foxit Reader
"GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2
"GFWL_{45410935-3E72-472B-8C35-AB1000008200}" = Bulletstorm
"hon" = Heroes of Newerth
"Icy Tower v1.5_is1" = Icy Tower v1.5
"Instrument-Tuner" = Instrument-Tuner
"JDownloader" = JDownloader
"LogMeIn Hamachi" = LogMeIn Hamachi
"M928366" =
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 SP1 + KB928366
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 4.0 (x86 en-US)" = Mozilla Firefox 4.0 (x86 en-US)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"Native Instruments Battery 3" = Native Instruments Battery 3
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Kore Player" = Native Instruments Kore Player
"Native Instruments Reaktor 3 Demo" = Native Instruments Reaktor 3 Demo
"Native Instruments Service Center" = Native Instruments Service Center
"Native Instruments SoundSchool Analog" = Native Instruments SoundSchool Analog
"Native Instruments Traktor" = Native Instruments Traktor
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"Nehrim - Am Rande des Schicksals_is1" = NehrimUninstaller
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"ProcessScanner_is1" = Uniblue ProcessScanner
"Rainlendar2" = Rainlendar2 (remove only)
"REAPER" = REAPER
"RocketDock_is1" = RocketDock 1.3.5
"Scorched3D" = Scorched3D 43.1c
"Soulseek2" = SoulSeek 157 NS 13e
"SPL Analog Code Transient Designer_is1" = SPL Analog Code Transient Designer VST RTAS v1.3
"StarCraft II" = StarCraft II
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 550" = Left 4 Dead 2
"Syncrosoft License Control" = Syncrosoft Lizenz Kontrolle
"UnderCoverXP_is1" = UnderCoverXP 1.23
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"VLC media player" = VLC media player 1.1.6
"xp-AntiSpy" = xp-AntiSpy 3.97-9
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Mozilla Thunderbird (3.1.9)" = Mozilla Thunderbird (3.1.9)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.04.2011 18:30:13 | Computer Name = c-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: There is not enough space on the disk. .
Error - 04.04.2011 18:30:13 | Computer Name = c-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: There is not enough space on the disk. .
Error - 04.04.2011 18:30:13 | Computer Name = c-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: There is not enough space on the disk. .
Error - 04.04.2011 18:30:13 | Computer Name = c-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Failed extract of third-party root list from auto update cab at: <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
with error: There is not enough space on the disk. .
Error - 05.04.2011 14:27:19 | Computer Name = c-PC | Source = System Restore | ID = 8193
Description =
Error - 06.04.2011 16:24:17 | Computer Name = c-PC | Source = Bonjour Service | ID = 100
Description = 524: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 06.04.2011 16:24:17 | Computer Name = c-PC | Source = Bonjour Service | ID = 100
Description = 528: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 06.04.2011 16:24:17 | Computer Name = c-PC | Source = Bonjour Service | ID = 100
Description = 232: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)
Error - 08.04.2011 17:13:14 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: reaper_host32.exe, version: 0.0.0.0, time
stamp: 0x4ce46b2d Faulting module name: ntdll.dll, version: 6.1.7601.17514, time
stamp: 0x4ce7ba58 Exception code: 0xc0000005 Fault offset: 0x0002dfc4 Faulting process
id: 0x1778 Faulting application start time: 0x01cbf6106e597587 Faulting application
path: D:\Program Files\REAPER (x64)\Plugins\reaper_host32.exe Faulting module path:
C:\Windows\SysWOW64\ntdll.dll Report Id: 0389aea9-6225-11e0-b1ec-001a4d5865ab
Error - 10.04.2011 15:35:09 | Computer Name = c-PC | Source = Application Error | ID = 1000
Description = Faulting application name: NIHardwareService.exe, version: 1.3.4.630,
time stamp: 0x4d776096 Faulting module name: NIHardwareService.exe, version: 1.3.4.630,
time stamp: 0x4d776096 Exception code: 0xc0000417 Fault offset: 0x00000000000a5190
Faulting
process id: 0x6dc Faulting application start time: 0x01cbf771635ecf09 Faulting application
path: C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
Faulting
module path: C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
Report
Id: a4c32943-63a9-11e0-b264-001a4d5865ab
[ System Events ]
Error - 12.04.2011 11:41:19 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 12.04.2011 11:41:19 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 12.04.2011 11:43:19 | Computer Name = c-PC | Source = BROWSER | ID = 8032
Description =
Error - 12.04.2011 12:07:36 | Computer Name = c-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%126
Error - 12.04.2011 12:12:34 | Computer Name = c-PC | Source = Service Control Manager | ID = 7023
Description = The SPP Notification Service service terminated with the following
error: %%126
Error - 12.04.2011 12:26:44 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 12.04.2011 12:26:44 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 12.04.2011 12:26:53 | Computer Name = c-PC | Source = BROWSER | ID = 8032
Description =
Error - 12.04.2011 15:55:43 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 12.04.2011 15:55:43 | Computer Name = c-PC | Source = WMPNetworkSvc | ID = 866306
Description =
< End of report >
|
|
16.04.2011, 12:08
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | cmd.exe verursacht evtl. 70-99% CPU-Auslastung ?Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu cmd.exe verursacht evtl. 70-99% CPU-Auslastung ? |
| 64-bit, adblock, audacity, bho, bonjour, c:\windows\system32\rundll32.exe, cmd.exe hale.exe hohe cpu auslastung, components, cpu, explorer, firefox.exe, google, google earth, grand theft auto, hijack, hijackthis, ieframe.dll, install.exe, internet, internet explorer, jdownloader, langs, league of legends, location, logfile, lsass.exe, malware.packer, malwarebytes, micro, microsoft, microsoft .net framework 1.1 sp1, mozilla thunderbird, msvcrt, nvidia, oldtimer, ordner, otl.exe, plug-in, programdata, saver, searchplugins, shell32.dll, sinkt, software, spielen, sptd.sys, start menu, system, system32, taskmanager, trojan.backdoor, trojan.multidropper, update, usbaapl64, visual studio, vlc media player, warum, webcheck, windows, windows media player, wmp |
Linear-Darstellung
