|
Plagegeister aller Art und deren Bekämpfung: wbumia.exe ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
15.12.2010, 16:46 | #1 |
| wbumia.exe ? Schönen guten Abend. Ich bin neu hier und habe eine ganz kurze und knappe Frage. Kennt jemand von euch den Prozess "wbumia.exe" ? Habe vorhin mal überprüft, ob ich eventuell verdächtige laufende Prozesse habe und bin auf wbumia.exe (Dateipfad: C:\Windows) gestoßen. Ich denke nicht unbedingt dass es ein Trojaner ist, da diese .exe sich (scheinbar) nicht mit dem Autostart öffnet (überprüft mit CCleaner). Kommt mir allerdings trotzdem etwas verdächtig vor, da ich diesen Prozess sonst nie am laufen hatte Kann mir jemand helfen? |
15.12.2010, 18:16 | #2 |
| wbumia.exe ? Hallo
__________________lass die Datei hier Virustotal, hier virscan.org oder hier Jotti überprüfen (kann einige Minuten dauern), poste die gesamten Ergebnisse mit der Angabe der Größe der hochgeladenen Datei sowie die MD5 und SHA1 Angaben oder verlinke auf die Auswertung, bitte auch wenn nichts gefunden wurde. MFG
__________________ |
15.12.2010, 18:49 | #3 |
| wbumia.exe ? Einen Moment...
__________________Ergebnis von VirScan.org: Dateiname : Wbumia.exe Größe : 212992 byte Typ : PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5 : 5a743df2c2583be54506a913e8a43ff1 SHA1 : 87eaffed402dd90a73d3c4f71ba10412a2f68afd Scan Ergebnis : 28% der Scanner (10/36) haben Malware gefunden! Zeit : 2010/12/16 01:46:05 (CST) Ergebnis von VirusTotal: File name: Wbumia.exe Submission date: 2010-12-15 17:48:01 (UTC) Current status: finished Result: 17/ 43 (39.5%) MD5 : 5a743df2c2583be54506a913e8a43ff1 SHA1 : 87eaffed402dd90a73d3c4f71ba10412a2f68afd SHA256: cad9441be807a97887d798fdaeb0856ac6504a806f40862b1ff8fc5e6e4104b6 Ergebnis von VirusScan: Dateiname: Wbumia.exe Status: Scan abgeschlossen. 7 von 19 Scannern haben Malware gemeldet. Untersucht am: Mi 15 Dez 2010 18:46:58 (CET) Ergebnis-Link Dateigröße: 212992 Bytes Dateityp: PE32 executable for MS Windows (GUI) Intel 80386 32-bit MD5: 5a743df2c2583be54506a913e8a43ff1 SHA1: 87eaffed402dd90a73d3c4f71ba10412a2f68afd |
15.12.2010, 21:21 | #4 | |
| wbumia.exe ? Hallo ich wollte eigentlich gern das gesamte Ergebnis der Onlineüberprüfung sehen Zitat:
Erstelle bitte für eine erste Übersicht ein OTL Log. Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)
MFG
__________________ Kein Support per PN - Bitte im Forum posten. Wenn du das Forum unterstützen möchtest Genitiv ins Wasser, weil es dativ ist http://www.vivaconagua.org/ |
15.12.2010, 23:52 | #5 |
| wbumia.exe ? OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 15.12.2010 23:47:37 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Blackburn\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 622,05 Gb Free Space | 66,79% Space Free | Partition Type: NTFS Computer Name: BLACKBURN-PC | User Name: Blackburn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- C:\Users\Blackburn\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 "DoNotAllowExceptions" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitdm.exe" = C:\Program Files (x86)\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com) "C:\Program Files (x86)\Orbitdownloader\orbitnet.exe" = C:\Program Files (x86)\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com) ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety "{24BEFDE1-A699-4139-B61B-B1102FDE7279}" = AVG 2011 "{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}" = ATI AVIVO64 Codecs "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 "{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety "{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8FCBB6DA-069C-8D08-DD99-F0881B9EECC3}" = AMD Drag and Drop Transcoding "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{AB3FDAEC-7702-3A47-655B-4A34714CBEFA}" = ccc-utility64 "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E4C703FE-7F5C-475D-9458-8E2FD7110790}" = AVG 2011 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F3FEB53B-0BD3-F481-A8F9-51BA46466A6A}" = ATI Catalyst Install Manager "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "AVG" = AVG 2011 "CCleaner" = CCleaner "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = WinRAR [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0032D29F-7E8F-40E5-AD12-8857AAB0DBFF}" = Catalyst Control Center - Branding "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM) "{07300F01-89CA-4CF8-92BD-2A605EB83C95}" = EasySaver B9.1214.1 "{086BADF8-9B1F-4E89-B207-2EDA520972D6}" = Grand Theft Auto San Andreas "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0FC39141-1BB8-4C29-9D74-A6710131B74F}" = aerosoft's - Madrid 2008 "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.6.2 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1EC65D1D-3911-4F7D-8B6A-63C69EDBFC6E}" = EditVoicepack "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22 "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{29BA9E1A-6AAC-4B6D-965C-34E43E07375A}_is1" = WEM Confi 6.7 "{2B0000B7-89C7-49FD-B9CC-139CA2456822}" = aerosoft's - German Aiports 4 - Version 3.2 Update - FS2004 "{2C440596-FD75-9EA6-5472-B2EDBF5D222B}" = ccc-core-static "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34BDC9DA-9320-491C-AA40-B0D98A0EBA9C}" = aerosoft's - Mega Airport Frankfurt - FS2004 "{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion "{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists "{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2 "{46464A5D-7D14-41E3-9C26-E3C186F37D84}" = aerosoft's - German Airports 2 - Cologne-Bonn - FS2004 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B60A7A4-49F6-4D2A-8AE7-BCBAFA6224CE}" = Simulationsprogramm Integrierte Leitstelle V4 "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{51D199F4-5593-4BC9-B2A5-BB1CDE0C894A}" = aerosoft's - Mega Airport Paris CDG "{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI "{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV "{5454083B-1308-4485-BF17-1110000D8303}" = Grand Theft Auto IV "{58AC967F-CE64-4065-AF54-FA66BAF31FE8}" = BOILING POINT "{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1" = Driver Sweeper Version 2.6.0 "{5B363E1D-8C36-4458-BAE4-D5081999E094}" = Browser Configuration Utility "{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}" = Saboteur™ "{674D3526-6B4F-468A-9802-1130A39B1562}" = aerosoft's - German Airports 4 - FS2004 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6C06AC26-DBD1-46E5-9863-33E7633566E5}" = ActiveSky Version 6 and ActiveSky Graphics "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{7ACEE78A-537D-2857-1A64-72198BC4A67D}" = Catalyst Control Center Graphics Previews Vista "{7CD82818-18F2-E4D5-A502-9D1F16C8DF9C}" = Catalyst Control Center Graphics Previews Common "{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff "{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}" = Emergency 4 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A76CFCA-4BEC-C88E-3A7B-7CD18E3B86EA}" = CCC Help English "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{9273F2CD-5010-4E8F-9DE5-38DEB94B0C02}" = USB Pager Programmer "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER "{9A0906C7-D472-4C22-8D12-11D6AB2819E4}" = aerosoft's - German Airports 3 - Bremen "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack "{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C0A6901F-C919-47A3-A4D9-E2056314086B}" = aerosoft's - London Heathrow 2008 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}" = Just Cause 1.00.0000 "{CB131247-7869-47E1-9969-B29567C9B106}_is1" = Aerosoft Mega Airport Barcelona FS2004 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D234EAC0-7D49-492F-97EC-8FA09FD7C1C4}" = aerosoft's - German Airports 3 - Hamburg "{D41CAD6D-DB4C-4D7C-BABA-D1A4B1599741}" = aerosoft's - German Airports 3-Berlin Tegel "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D5134D14-A38D-A217-4310-5C8B6DFA08D0}" = HydraVision "{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2 "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE) "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX "{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "12345_is1" = WeGame Client Beta 2.1.8 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "ArmA2 Demo" = ArmA2 Demo Uninstall "Audacity_is1" = Audacity 1.2.6 "Bus-Simulator 2009_is1" = Bus-Simulator 2009 "Die Gilde" = Die Gilde "Die Gilde Update v1.04a" = Die Gilde Update v1.04a "Fallout New Vegas_is1" = Fallout New Vegas "FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011 "FFsim" = Feuerwehr-Simulator 2010 "Flight Simulator 9.0" = Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt "Free Video Dub_is1" = Free Video Dub version 1.8.10 "FreeZ" = FreeZ "FSFDT FSCopilot" = FSFDT FSCopilot "FSFDT FSInn" = FSFDT FSInn "German Truck Simulator" = German Truck Simulator 1.00 "GFWL_{4343080E-91B7-4388-AB4D-FB1000008200}" = Dead Rising 2 "Ground Environment Professional" = Ground Environment Professional "Hamburg-City Scenery " = Hamburg-City Scenery "Highway Pursuit_is1" = Highway Pursuit v1.1 "Hitman: Contracts" = Hitman: Contracts "InstallShield_{9273F2CD-5010-4E8F-9DE5-38DEB94B0C02}" = USB Pager Programmer "InstallShield_{A724605D-B399-4304-B8C7-33B3EF7D4677}" = Bully Scholarship Edition "InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver "InstallShield_{F9B37992-968C-4264-8449-489032FC28DE}" = Wolfenstein "Intelli-studio" = SAMSUNG Intelli-studio "JDownloader" = JDownloader "LandOfTheDead" = Groove Games\Land Of The Dead "LogMeIn Hamachi" = LogMeIn Hamachi "Mafia II_is1" = Mafia II "Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12) "MTA: Race for San Andreas - Server Server" = MTA: Race for San Andreas - Server 1.1.1 "MTA:SA" = MTA:SA v1.0.4-rc-02033-2-000 "Orbit_is1" = Orbit Downloader "PunkBusterSvc" = PunkBuster Services "RealPlayer 12.0" = RealPlayer "Saints Row 2 Update 2" = Saints Row 2 Update 2 "Security Task Manager" = Security Task Manager 1.8c "Sniper Ghost Warrior Deutsch Patch 1.0" = Sniper Ghost Warrior Deutsch Patch 1.0 "Sniper Ghost Warrior Update 3_is1" = Sniper Ghost Warrior Update 3 "Sniper Ghost Warrior_is1" = Sniper Ghost Warrior "ST6UNST #1" = FMS32-PRO Version 3.2.5 "Steam App 10" = Counter-Strike "Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes "Steam App 218" = Source SDK Base 2007 "Steam App 240" = Counter-Strike: Source "Steam App 30" = Day of Defeat "Steam App 300" = Day of Defeat: Source "Steam App 320" = Half-Life 2: Deathmatch "Steam App 500" = Left 4 Dead "Steam App 550" = Left 4 Dead 2 "Steam App 80" = Counter-Strike: Condition Zero "TeamViewer 5" = TeamViewer 5 "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.5 "Winamp" = Winamp "WinLiveSuite" = Windows Live Essentials "WolfTeam" = WolfTeam ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 14.12.2010 09:33:08 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842832 Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Activision\Wolfenstein\MP\serverlauncher.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest. Error - 14.12.2010 15:39:40 | Computer Name = Blackburn-PC | Source = Application Hang | ID = 1002 Description = Programm game.exe, Version 4.1.6.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1fc Startzeit: 01cb9bc6846c224e Endzeit: 109 Anwendungspfad: C:\Program Files (x86)\Landwirtschafts Simulator 2011\game.exe Berichts-ID: df57bcf9-07b9-11e0-9159-6cf0497cbd4c Error - 14.12.2010 19:27:40 | Computer Name = Blackburn-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: fs9.exe, Version: 9.1.0.40901, Zeitstempel: 0x4135a208 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel: 0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00038c19 ID des fehlerhaften Prozesses: 0x1150 Startzeit der fehlerhaften Anwendung: 0x01cb9be33135c190 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll Berichtskennung: bdf0de7f-07d9-11e0-a122-6cf0497cbd4c Error - 15.12.2010 10:33:09 | Computer Name = Blackburn-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: LondonHeathrow2008_V110.exe, Version: 12.0.0.58849, Zeitstempel: 0x45b1a378 Name des fehlerhaften Moduls: LondonHeathrow2008_V110.exe, Version: 12.0.0.58849, Zeitstempel: 0x45b1a378 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001e7b9 ID des fehlerhaften Prozesses: 0xb84 Startzeit der fehlerhaften Anwendung: 0x01cb9c64fd3ccfee Pfad der fehlerhaften Anwendung: C:\Users\Blackburn\Desktop\Aero - London havaalani_ferrocan\LondonHeathrow2008_V110.exe Pfad des fehlerhaften Moduls: C:\Users\Blackburn\Desktop\Aero - London havaalani_ferrocan\LondonHeathrow2008_V110.exe Berichtskennung: 3c359e64-0858-11e0-a122-6cf0497cbd4c Error - 15.12.2010 15:09:28 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Real\RealPlayer\plugins\rmxrend.dll". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 15.12.2010 15:31:44 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Real\RealPlayer\plugins\rmxrend.dll". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 15.12.2010 15:32:03 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Real\RealPlayer\plugins\rmxrend.dll". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 15.12.2010 15:32:03 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Real\RealPlayer\plugins\rmxrend.dll". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 15.12.2010 15:32:10 | Computer Name = Blackburn-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Real\RealPlayer\plugins\rmxrend.dll". Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 15.12.2010 17:25:37 | Computer Name = Blackburn-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: gilde.exe, Version: 0.0.0.0, Zeitstempel: 0x3e3a913e Name des fehlerhaften Moduls: gilde.exe, Version: 0.0.0.0, Zeitstempel: 0x3e3a913e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001e540 ID des fehlerhaften Prozesses: 0xbf8 Startzeit der fehlerhaften Anwendung: 0x01cb9c984648cdd8 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\JoWooD\Die Gilde\gilde.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\JoWooD\Die Gilde\gilde.exe Berichtskennung: db3a71d3-0891-11e0-950e-6cf0497cbd4c [ System Events ] Error - 04.12.2010 05:01:19 | Computer Name = Blackburn-PC | Source = Application Popup | ID = 875 Description = Treiber atksgt.sys konnte nicht geladen werden. Error - 04.12.2010 05:01:19 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error - 04.12.2010 05:01:27 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: oreansx64 Error - 04.12.2010 07:45:10 | Computer Name = Blackburn-PC | Source = bowser | ID = 8003 Description = Error - 04.12.2010 08:58:25 | Computer Name = Blackburn-PC | Source = bowser | ID = 8003 Description = Error - 05.12.2010 07:55:01 | Computer Name = Blackburn-PC | Source = Application Popup | ID = 875 Description = Treiber atksgt.sys konnte nicht geladen werden. Error - 05.12.2010 07:55:01 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error - 05.12.2010 07:55:10 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: oreansx64 Error - 05.12.2010 08:00:24 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7022 Description = Der Dienst "Windows Update" wurde nicht richtig gestartet. Error - 05.12.2010 08:26:38 | Computer Name = Blackburn-PC | Source = Service Control Manager | ID = 7030 Description = Der Dienst "Akamai NetSession Interface" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. < End of report > OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.12.2010 23:47:37 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Blackburn\Desktop 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 44,00% Memory free 8,00 Gb Paging File | 5,00 Gb Available in Paging File | 68,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 622,05 Gb Free Space | 66,79% Space Free | Partition Type: NTFS Computer Name: BLACKBURN-PC | User Name: Blackburn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Windows\Wbumia.exe (Windows (R) Codename Longhorn DDK provider) PRC - C:\Users\Blackburn\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) PRC - C:\Windows\SysWOW64\PnkBstrB.exe () PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Users\Blackburn\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (Orbitdownloader.com) PRC - C:\Program Files (x86)\Orbitdownloader\orbitnet.exe (Orbitdownloader.com) PRC - C:\Program Files (x86)\Java\jre6\bin\javaw.exe (Sun Microsystems, Inc.) PRC - C:\Users\BLACKB~1\AppData\Local\Temp\Inststub.exe (Chalk Systems) PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE () PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\Blackburn\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (PnkBstrB) -- C:\Windows\SysNative\PnkBstrB.exe File not found SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_aeec0f0.dll () SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe () SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE () SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (oreansx64) -- C:\Windows\SysWOW64\drivers\oreansx64.sys () DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D 49 05 FE 02 85 CB 01 [binary data] IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Yahoo-Mp3Tube" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.order.1: "Yahoo-Mp3Tube" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.search.selectedEngineURL: "hxxp://mp3tubetoolbarsearch.com/?tmp=toolbar_mp3tube_results&prt=pinballtb01ff&clid=f3e5c08a1fa94b0eaa8817ca85d2f8f1&subid=&Keywords={searchTerms}" FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/" FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1 FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1167 FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.12.03 14:53:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010.12.09 15:14:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.12.03 14:53:13 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.12.03 14:53:28 | 000,000,000 | ---D | M] [2010.11.16 23:08:12 | 000,000,000 | ---D | M] -- C:\Users\Blackburn\AppData\Roaming\mozilla\Extensions [2010.12.14 14:11:06 | 000,000,000 | ---D | M] -- C:\Users\Blackburn\AppData\Roaming\mozilla\Firefox\Profiles\2p6hslsz.default\extensions [2010.11.25 22:22:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Blackburn\AppData\Roaming\mozilla\Firefox\Profiles\2p6hslsz.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.06.21 16:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Blackburn\AppData\Roaming\Mozilla\FireFox\Profiles\2p6hslsz.default\searchplugins\icqplugin.xml [2010.11.22 16:45:32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.11.22 16:45:34 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.11.24 22:57:25 | 000,001,215 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Mp3Tube.xml [2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {46897C77-E7A6-4C33-BFFB-E9C2E2718942} - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\system32\driverstore\filerepository\atiilhag.inf_amd64_neutral_951c1812f542740a] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\system32\driverstore\filerepository\atiriol6.inf_amd64_neutral_bde34ad5722cca75] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\system32\driverstore\filerepository\c7106921.inf_amd64_neutral_0f476aa56f5614cd] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\system32\driverstore\filerepository\c7107888.inf_amd64_neutral_c0055259e7887347] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\amd64_atiilhag.inf.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ff5a607728bcaa26] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\amd64_atiilhag.inf_31bf3856ad364e35_6.1.7600.16385_none_019357585ef99a63] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\amd64_atiriol6.inf_31bf3856ad364e35_6.1.7600.16385_none_a909ad21d26d5bd0] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\Manifests\amd64_atiilhag.inf.resources_31bf3856ad364e35_6.1.7600.16385_de-de_ff5a607728bcaa26.manifest] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\Manifests\amd64_atiilhag.inf_31bf3856ad364e35_6.1.7600.16385_none_019357585ef99a63.manifest] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\Manifests\amd64_atiilhag.inf-languagepack_31bf3856ad364e35_6.1.7600.16385_de-de_f8d25a2640ae7677.manifest] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [C:\Windows\winsxs\Manifests\amd64_atiriol6.inf_31bf3856ad364e35_6.1.7600.16385_none_a909ad21d26d5bd0.manifest] C:\Windows\SysNative\cmd.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.1.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{388f92a4-008e-11e0-ae32-6cf0497cbd4c}\Shell - "" = AutoRun O33 - MountPoints2\{388f92a4-008e-11e0-ae32-6cf0497cbd4c}\Shell\AutoRun\command - "" = J:\iStudio.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Programme (x86)\AVG\AVG10\avgchsva.exe File not found O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Programme (x86)\AVG\AVG10\avgrsa.exe File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.12.15 23:45:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Blackburn\Desktop\OTL.exe [2010.12.15 21:27:03 | 000,086,016 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe [2010.12.15 21:26:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD [2010.12.15 15:23:25 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Desktop\Gothic [2010.12.15 14:25:11 | 000,212,992 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Wbumia.exe [2010.12.14 23:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2010.12.14 20:21:01 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll [2010.12.14 20:21:00 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll [2010.12.14 20:21:00 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll [2010.12.14 20:21:00 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll [2010.12.14 20:21:00 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe [2010.12.14 20:21:00 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll [2010.12.14 20:21:00 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe [2010.12.14 20:21:00 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe [2010.12.14 20:20:58 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.12.14 20:20:58 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.12.14 20:20:58 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.12.14 20:20:58 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.12.14 20:20:57 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll [2010.12.14 20:20:57 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll [2010.12.14 20:20:55 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2010.12.14 20:20:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.12.14 20:20:51 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.12.14 20:20:51 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.12.14 20:20:51 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.12.14 20:20:51 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.12.14 20:20:51 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.12.14 20:20:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.12.14 20:20:51 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.12.14 20:20:51 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.12.14 20:20:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.12.14 20:20:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.12.14 20:20:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.12.14 20:20:51 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.12.14 20:20:51 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.12.14 20:11:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HighwayPursuit [2010.12.14 14:33:54 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\id Software [2010.12.14 14:24:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision [2010.12.13 22:59:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlyFF [2010.12.13 22:57:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Teeworlds [2010.12.13 22:56:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeeWorlds [2010.12.13 22:17:15 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Bus-Simulator 2009 [2010.12.13 21:51:22 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Bus2009 Beta [2010.12.13 21:19:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bus-Simulator 2009 [2010.12.13 17:21:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive [2010.12.13 14:40:41 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\InstallShield [2010.12.13 14:35:35 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Türnotöffnung Herd ist an, Richard Blumfeld Straße 2, Velten, 13.12.2010 [2010.12.12 23:06:16 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\PMB Files [2010.12.12 23:06:15 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010.12.12 23:06:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks [2010.12.12 19:35:31 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2010.12.12 19:35:28 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2010.12.12 19:35:04 | 000,000,000 | ---D | C] -- C:\ATI [2010.12.12 19:28:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net [2010.12.12 14:57:09 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Ubisoft [2010.12.12 01:42:45 | 000,000,000 | -HSD | C] -- C:\Users\Blackburn\wc [2010.12.12 01:42:41 | 000,000,000 | -HSD | C] -- C:\Users\Blackburn\AppData\Roaming\wyUpdate AU [2010.12.12 01:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BK Elektronik [2010.12.11 19:38:25 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Person schreit um Hilfe, Hennigsdorf, Fontanestraße, 11.12.2010 [2010.12.11 12:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.12.11 12:31:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2010.12.11 11:42:04 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Publish Providers [2010.12.11 11:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2010.12.11 11:19:04 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Sony [2010.12.10 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2010.12.10 17:51:57 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Winterberg-Modifkation_fü [2010.12.09 23:20:53 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\MAGIX [2010.12.09 23:17:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Xara [2010.12.09 23:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xara [2010.12.09 23:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared [2010.12.09 23:13:34 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe [2010.12.09 23:13:34 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll [2010.12.09 23:13:34 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll [2010.12.09 23:13:34 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll [2010.12.09 23:13:34 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll [2010.12.09 23:13:34 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll [2010.12.09 23:13:34 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll [2010.12.09 23:13:34 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll [2010.12.09 23:13:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll [2010.12.09 23:13:34 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll [2010.12.09 23:13:34 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll [2010.12.09 23:13:34 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll [2010.12.09 23:13:34 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll [2010.12.09 23:13:34 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll [2010.12.09 23:13:34 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll [2010.12.09 23:13:34 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll [2010.12.09 23:13:34 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll [2010.12.09 23:13:34 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll [2010.12.09 23:13:34 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll [2010.12.09 23:13:34 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll [2010.12.09 23:13:34 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll [2010.12.09 23:13:34 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll [2010.12.09 23:13:34 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll [2010.12.09 23:13:34 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll [2010.12.09 23:13:33 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll [2010.12.09 22:53:45 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX [2010.12.09 22:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services [2010.12.09 21:49:16 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\DVDVideoSoft [2010.12.09 21:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2010.12.09 21:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2010.12.09 21:47:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winterberg Configurator [2010.12.09 15:41:34 | 000,000,000 | -H-D | C] -- C:\$AVG [2010.12.09 15:16:17 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\AVG10 [2010.12.09 15:15:08 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2010.12.09 15:14:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG [2010.12.09 15:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10 [2010.12.09 15:14:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG [2010.12.09 15:13:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.12.09 15:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2010.12.08 23:51:41 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software [2010.12.08 23:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010.12.08 13:45:17 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys [2010.12.08 13:45:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.12.05 23:48:51 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Intelli-studio [2010.12.05 23:44:44 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Intelli-studio [2010.12.05 23:44:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2010.12.05 16:01:32 | 000,000,000 | RH-D | C] -- C:\Users\Blackburn\AppData\Roaming\SecuROM [2010.12.05 15:16:54 | 003,700,176 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2010.12.05 15:16:47 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2010.12.05 15:16:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\INCA Shared [2010.12.05 14:24:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM [2010.12.05 13:48:50 | 000,000,000 | ---D | C] -- C:\AeriaGames [2010.12.05 13:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai [2010.12.03 19:24:22 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\ArmA 2 Demo [2010.12.03 19:24:22 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\ArmA 2 Demo [2010.12.03 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bohemia Interactive [2010.12.03 14:53:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2010.12.03 14:53:12 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2010.12.03 14:53:08 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2010.12.03 14:53:08 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2010.12.03 14:53:07 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2010.12.03 14:53:05 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.12.03 14:53:05 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.12.03 14:53:02 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Real [2010.12.03 14:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2010.12.03 14:53:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2010.12.01 20:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Just Cause 2 [2010.12.01 16:17:03 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Hitman Blood Money [2010.12.01 15:16:08 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\SKIDROW [2010.12.01 15:15:54 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Square Enix [2010.11.30 22:57:48 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Meine Spiele [2010.11.30 21:44:13 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\JustCause [2010.11.30 19:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eidos [2010.11.30 00:41:35 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.11.30 00:41:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.11.30 00:41:35 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.11.30 00:41:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.11.30 00:41:34 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.11.30 00:41:34 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.11.29 23:59:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flight One Software [2010.11.28 08:29:24 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\2K Games [2010.11.28 08:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2010.11.28 08:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games [2010.11.28 08:05:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect [2010.11.28 08:05:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.11.28 08:05:31 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Winamp [2010.11.28 08:05:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp [2010.11.28 04:59:33 | 000,000,000 | ---D | C] -- C:\Windows\Saints Row 2 Update 2 [2010.11.28 04:56:14 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\THQ [2010.11.28 04:48:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Saints Row 2 [2010.11.28 03:27:50 | 000,000,000 | ---D | C] -- C:\Programme\Groove Games [2010.11.28 00:26:50 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\NFS SHIFT [2010.11.27 20:29:12 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Electronic Arts [2010.11.27 20:23:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE [2010.11.27 20:19:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts [2010.11.27 18:46:23 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Bully Scholarship Edition [2010.11.27 15:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts [2010.11.27 13:37:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Capcom [2010.11.27 01:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2010.11.26 16:41:16 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2010.11.26 14:21:31 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\EditVoicepack [2010.11.26 14:20:40 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\ApplicationHistory [2010.11.26 14:20:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bevelstone Production [2010.11.26 14:19:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP [2010.11.25 22:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar [2010.11.25 22:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ [2010.11.25 22:22:36 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\ICQ [2010.11.25 22:22:34 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\AOL [2010.11.25 22:22:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2 [2010.11.25 00:13:16 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2010.11.25 00:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NOS [2010.11.24 16:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atari [2010.11.24 14:27:41 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Windows Live Writer [2010.11.24 14:27:41 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Windows Live Writer [2010.11.23 00:32:40 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\MTA San Andreas [2010.11.22 21:10:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Heirue-Soft [2010.11.22 21:10:48 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\Setup1.exe [2010.11.22 21:10:47 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE [2010.11.22 16:49:31 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\skypePM [2010.11.22 16:45:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2010.11.22 16:45:21 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2010.11.22 16:45:20 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Skype [2010.11.22 16:45:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.11.22 16:44:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Downloader [2010.11.22 16:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Commtech Wireless [2010.11.22 16:40:29 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\TeamViewer [2010.11.22 16:40:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2010.11.21 16:43:01 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\ArmA 2 [2010.11.21 16:33:13 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Diagnostics [2010.11.21 16:20:51 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.11.21 16:20:51 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2010.11.21 16:20:51 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.11.21 16:20:51 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2010.11.21 16:20:50 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2010.11.21 16:20:50 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2010.11.21 16:20:49 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2010.11.21 16:20:48 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2010.11.21 16:20:48 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2010.11.21 16:20:42 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.11.21 16:20:42 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.11.21 16:20:41 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.11.21 16:20:41 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.11.21 16:20:41 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.11.21 16:20:40 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.11.21 16:20:40 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.11.21 16:20:40 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.11.21 16:20:40 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.11.21 16:20:39 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.11.21 16:20:39 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.11.21 08:59:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MTA San Andreas [2010.11.21 08:36:56 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Rockstar Games [2010.11.20 21:22:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FSFDT [2010.11.20 14:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\sixteen tons entertainment [2010.11.20 05:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2010.11.20 02:13:38 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\LogMeIn Hamachi [2010.11.20 00:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010.11.20 00:24:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\Battlefield 2 [2010.11.20 00:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA GAMES [2010.11.19 21:35:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2010.11.19 21:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE [2010.11.19 16:38:16 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\FalloutNV [2010.11.19 13:30:13 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Fallout3 [2010.11.19 13:00:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive [2010.11.18 19:41:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2010.11.18 19:12:05 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2010.11.18 19:12:05 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2010.11.18 19:12:05 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010.11.18 19:12:05 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010.11.18 19:12:05 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010.11.18 19:12:05 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010.11.18 19:12:04 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.11.18 19:12:04 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.11.18 19:12:04 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.11.18 19:12:04 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.11.18 19:12:04 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.11.18 19:12:04 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.11.18 19:02:07 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2010.11.18 19:02:07 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.11.18 19:02:06 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2010.11.18 19:02:06 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2010.11.18 19:02:01 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.11.18 19:02:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.11.18 19:01:59 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.11.18 17:44:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Landwirtschafts Simulator 2011 [2010.11.18 17:06:56 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\FFSim UserData [2010.11.18 17:06:24 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.11.18 17:06:24 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.11.18 17:06:24 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.11.18 17:06:24 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.11.18 17:06:23 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.11.18 17:06:23 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.11.18 17:06:23 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.11.18 17:06:23 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.11.18 17:06:23 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.11.18 17:06:23 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.11.18 17:06:22 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.11.18 17:06:22 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.11.18 17:06:22 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.11.18 17:06:22 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.11.18 17:06:22 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.11.18 17:06:22 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.11.18 17:06:19 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.11.18 17:06:19 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.11.18 17:06:19 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.11.18 17:06:19 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.11.18 17:06:18 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.11.18 17:06:18 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.11.18 17:06:18 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.11.18 17:06:18 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.11.18 17:06:18 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.11.18 17:06:18 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.11.18 17:06:18 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.11.18 17:06:18 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.11.18 17:06:18 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.11.18 17:06:18 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.11.18 17:06:17 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.11.18 17:06:17 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.11.18 17:06:17 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.11.18 17:06:17 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.11.18 17:06:17 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.11.18 17:06:17 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.11.18 17:06:16 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.11.18 17:06:16 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.11.18 17:06:16 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.11.18 17:06:16 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.11.18 17:06:16 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.11.18 17:06:16 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.11.18 17:06:15 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2010.11.18 17:06:15 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2010.11.18 17:06:14 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2010.11.18 17:06:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2010.11.18 17:06:14 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2010.11.18 17:06:14 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2010.11.18 17:06:14 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2010.11.18 17:06:14 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2010.11.18 17:06:14 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2010.11.18 17:06:14 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2010.11.18 17:06:13 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010.11.18 17:06:13 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010.11.18 17:06:13 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2010.11.18 17:06:13 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010.11.18 17:06:13 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010.11.18 17:06:13 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010.11.18 17:06:12 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2010.11.18 17:06:12 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2010.11.18 17:06:12 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2010.11.18 17:06:12 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2010.11.18 17:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vstep [2010.11.18 16:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Thraex Software [2010.11.18 00:53:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Microsoft Games [2010.11.18 00:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Games [2010.11.18 00:27:16 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\gctmp [2010.11.18 00:27:15 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Xenocode [2010.11.17 21:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity [2010.11.17 16:59:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2010.11.17 15:58:02 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010.11.17 15:58:02 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010.11.17 15:58:02 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2010.11.17 15:58:02 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010.11.17 15:58:02 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010.11.17 15:58:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010.11.17 15:58:02 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010.11.17 15:58:01 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2010.11.17 15:58:01 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2010.11.17 15:58:01 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2010.11.17 15:58:01 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2010.11.17 15:58:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2010.11.17 15:58:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2010.11.17 15:58:01 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2010.11.17 15:58:01 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2010.11.17 15:58:00 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2010.11.17 15:58:00 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2010.11.17 15:57:59 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010.11.17 15:57:59 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010.11.17 15:57:59 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010.11.17 15:57:59 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010.11.17 15:57:57 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010.11.17 15:57:57 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010.11.17 15:57:57 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010.11.17 15:57:57 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010.11.17 15:57:57 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010.11.17 15:57:57 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010.11.17 15:57:56 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010.11.17 15:57:56 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010.11.17 15:57:56 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010.11.17 15:57:56 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010.11.17 15:57:55 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010.11.17 15:57:55 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010.11.17 15:57:55 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010.11.17 15:57:55 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010.11.17 15:57:54 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010.11.17 15:57:54 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010.11.17 15:57:49 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010.11.17 15:57:49 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010.11.17 15:57:47 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010.11.17 15:57:47 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010.11.17 15:57:47 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010.11.17 15:57:47 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010.11.17 15:57:47 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010.11.17 15:57:47 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010.11.17 15:57:47 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010.11.17 15:57:47 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010.11.17 15:57:46 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010.11.17 15:57:46 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010.11.17 15:57:45 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010.11.17 15:57:44 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010.11.17 15:57:44 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010.11.17 15:37:48 | 000,000,000 | ---D | C] -- C:\GAMIGO [2010.11.17 15:29:32 | 000,000,000 | ---D | C] -- C:\Games [2010.11.17 14:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks [2010.11.17 14:06:48 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010.11.17 14:06:48 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010.11.17 14:05:45 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2010.11.17 14:05:40 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Oblivion [2010.11.17 02:10:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010.11.17 00:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia [2010.11.17 00:58:52 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\German Truck Simulator [2010.11.17 00:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\German Truck Simulator [2010.11.16 23:08:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\Mozilla [2010.11.16 23:08:06 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Mozilla [2010.11.16 23:07:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010.11.16 22:48:54 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\FarmingSimulator2008Demo [2010.11.16 20:50:11 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\World_of_AI [2010.11.16 20:48:10 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\My Games [2010.11.16 20:03:03 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010.11.16 19:48:26 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\GTA San Andreas User Files [2010.11.16 19:31:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games [2010.11.16 18:46:35 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\ATI [2010.11.16 18:46:35 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\ATI [2010.11.16 18:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI [2010.11.16 18:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2010.11.16 17:01:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotkey Master [2010.11.16 16:47:42 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\Documents\CLEO_SDK [2010.11.16 15:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2010.11.16 15:29:56 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\DAEMON Tools Lite [2010.11.16 15:29:55 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010.11.16 14:12:00 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2010.11.16 14:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NEC Electronics [2010.11.16 14:09:13 | 000,097,792 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll [2010.11.16 14:08:59 | 000,239,616 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.11.16 14:06:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2010.11.16 14:06:29 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.11.16 14:06:16 | 001,638,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll [2010.11.16 14:06:15 | 001,691,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll [2010.11.16 14:06:15 | 000,213,280 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys [2010.11.16 14:06:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll [2010.11.16 14:06:14 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll [2010.11.16 14:06:14 | 000,064,032 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll [2010.11.16 14:06:09 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2010.11.16 14:06:03 | 000,475,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll [2010.11.16 14:06:03 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll [2010.11.16 14:06:02 | 001,639,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll [2010.11.16 14:06:01 | 001,692,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll [2010.11.16 14:06:01 | 001,201,184 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll [2010.11.16 14:06:01 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl [2010.11.16 14:06:00 | 000,363,008 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2010.11.16 14:06:00 | 000,095,744 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2010.11.16 14:05:59 | 000,198,656 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2010.11.16 14:05:59 | 000,073,216 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2010.11.16 14:05:58 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2010.11.16 14:05:58 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2010.11.16 14:05:58 | 000,066,592 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll [2010.11.16 14:05:55 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2010.11.16 14:05:55 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2010.11.16 14:05:55 | 000,078,936 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBWrp64.dll [2010.11.16 14:05:55 | 000,064,600 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBppld64.dll [2010.11.16 14:05:54 | 000,607,832 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO64.dll [2010.11.16 14:05:54 | 000,060,504 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBPPCn64.dll [2010.11.16 14:05:53 | 000,531,032 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO32.dll [2010.11.16 14:05:50 | 000,328,096 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2010.11.16 14:05:47 | 000,168,864 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll [2010.11.16 14:05:47 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll [2010.11.16 14:05:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010.11.16 14:05:46 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2010.11.16 14:05:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM [2010.11.16 14:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte [2010.11.16 01:28:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware [2010.11.16 01:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.11.16 01:19:08 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.11.16 01:19:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.11.16 01:19:08 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.11.16 01:00:27 | 000,000,000 | R--D | C] -- C:\Users\Blackburn\Meine Dateien [2010.11.16 00:53:29 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2010.11.16 00:53:29 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2010.11.16 00:53:29 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2010.11.16 00:53:29 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2010.11.16 00:53:29 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.11.16 00:53:29 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2010.11.16 00:53:29 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2010.11.16 00:53:29 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2010.11.16 00:53:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2010.11.16 00:46:31 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll [2010.11.16 00:46:31 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll [2010.11.16 00:46:27 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2010.11.16 00:45:42 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.11.16 00:45:42 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.11.16 00:45:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2010.11.16 00:45:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.11.16 00:45:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2010.11.16 00:45:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.11.16 00:45:42 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010.11.16 00:45:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.11.16 00:45:42 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010.11.16 00:45:32 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2010.11.16 00:45:25 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Local\Adobe [2010.11.16 00:45:21 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.11.16 00:45:21 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2010.11.16 00:45:21 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe [2010.11.16 00:45:20 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2010.11.16 00:45:19 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2010.11.16 00:45:18 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2010.11.16 00:45:18 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2010.11.16 00:45:18 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2010.11.16 00:45:18 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2010.11.16 00:45:18 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2010.11.16 00:45:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2010.11.16 00:45:18 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2010.11.16 00:45:18 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2010.11.16 00:45:18 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2010.11.16 00:45:18 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2010.11.16 00:45:18 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2010.11.16 00:45:18 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2010.11.16 00:45:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2010.11.16 00:45:18 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2010.11.16 00:45:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2010.11.16 00:45:18 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2010.11.16 00:45:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.11.16 00:45:16 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.11.16 00:45:10 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2010.11.16 00:45:10 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2010.11.16 00:45:09 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.11.16 00:45:09 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.11.16 00:45:08 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.11.16 00:45:07 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2010.11.16 00:45:07 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2010.11.16 00:45:07 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2010.11.16 00:45:05 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2010.11.16 00:45:05 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2010.11.16 00:45:05 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2010.11.16 00:45:05 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2010.11.16 00:45:04 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2010.11.16 00:45:04 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2010.11.16 00:45:04 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010.11.16 00:45:03 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2010.11.16 00:45:02 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2010.11.16 00:45:02 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2010.11.16 00:45:02 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2010.11.16 00:45:01 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2010.11.16 00:45:01 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.11.16 00:45:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.11.16 00:45:01 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2010.11.16 00:45:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2010.11.16 00:45:01 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2010.11.16 00:45:01 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2010.11.16 00:45:01 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2010.11.16 00:45:00 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010.11.16 00:45:00 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2010.11.16 00:44:59 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.11.16 00:43:46 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2010.11.16 00:43:45 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2010.11.16 00:43:44 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2010.11.16 00:43:44 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2010.11.16 00:43:43 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2010.11.16 00:03:02 | 000,000,000 | ---D | C] -- C:\Users\Blackburn\AppData\Roaming\vlc ========== Files - Modified Within 30 Days ========== [2010.12.15 23:39:02 | 000,000,254 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2010.12.15 23:34:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2189274959-3330080950-4257317963-1000UA.job [2010.12.15 23:27:02 | 000,000,300 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2010.12.15 23:03:02 | 000,000,300 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.12.15 21:34:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2189274959-3330080950-4257317963-1000Core.job [2010.12.15 18:32:35 | 101,857,236 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2010.12.15 16:42:09 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.12.15 16:42:09 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.12.15 16:39:08 | 001,643,550 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.12.15 16:39:08 | 000,707,708 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.12.15 16:39:08 | 000,661,304 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.12.15 16:39:08 | 000,153,194 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.12.15 16:39:08 | 000,125,390 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.12.15 16:34:52 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys [2010.12.15 16:34:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.12.15 16:34:44 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys [2010.12.15 14:25:07 | 000,212,992 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\Wbumia.exe [2010.12.15 09:34:36 | 000,002,383 | ---- | M] () -- C:\Users\Blackburn\Desktop\Google Chrome.lnk [2010.12.14 22:56:04 | 000,370,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.12.14 15:31:44 | 000,000,024 | ---- | M] () -- C:\Windows\AM_D8.PRF [2010.12.13 22:43:10 | 000,054,971 | ---- | M] () -- C:\Users\Blackburn\8d89d12_b99383.jpg [2010.12.13 15:16:00 | 006,935,907 | ---- | M] () -- C:\Users\Blackburn\SAM_1906.JPG [2010.12.13 14:41:22 | 000,003,584 | ---- | M] () -- C:\Users\Blackburn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.12 19:38:06 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010.12.12 19:28:14 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk [2010.12.12 01:42:10 | 000,003,147 | ---- | M] () -- C:\Users\Blackburn\Desktop\ILS Sim V4 starten.lnk [2010.12.11 22:27:47 | 010,881,068 | ---- | M] () -- C:\Users\Blackburn\ts3_recording_10_12_11_22_26_37.wav [2010.12.11 12:02:40 | 000,002,088 | ---- | M] () -- C:\Users\Public\Desktop\Intelli-studio.lnk [2010.12.11 00:22:39 | 000,026,738 | ---- | M] () -- C:\Users\Blackburn\2365082_11e55e.jpg [2010.12.11 00:22:31 | 000,077,664 | ---- | M] () -- C:\Users\Blackburn\2365082_db04bb.jpg [2010.12.10 18:59:33 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Winterberg Configurator.lnk [2010.12.09 21:49:17 | 000,001,243 | ---- | M] () -- C:\Users\Blackburn\Desktop\DVDVideoSoft Free Studio.lnk [2010.12.09 15:14:55 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2010.12.09 15:14:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2010.12.09 15:14:51 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2010.12.08 23:52:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010.12.08 00:00:08 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2010.12.06 15:51:00 | 000,043,520 | ---- | M] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2010.12.05 23:45:47 | 000,278,355 | ---- | M] () -- C:\Users\Blackburn\Documents\ts3_clientui-win64-12815-2010-12-05 23_45_45.868225.dmp [2010.12.03 14:53:12 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2010.12.03 14:53:08 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll [2010.12.03 14:53:08 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll [2010.12.03 14:53:07 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2010.12.03 14:53:05 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll [2010.12.03 14:53:05 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll [2010.11.29 17:19:34 | 374,531,222 | ---- | M] () -- C:\Users\Blackburn\Desktop\FS2004 - Ground Environment Pro.rar [2010.11.29 16:57:46 | 000,009,344 | ---- | M] () -- C:\Windows\SysWow64\drivers\oreansx64.sys [2010.11.28 18:38:16 | 002,671,898 | ---- | M] () -- C:\Users\Blackburn\Desktop\a380dm02.zip [2010.11.28 08:11:43 | 000,000,050 | ---- | M] () -- C:\Windows\Winamp.ini [2010.11.28 08:11:38 | 000,000,041 | ---- | M] () -- C:\Windows\winampa.ini [2010.11.27 13:33:40 | 001,619,872 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.27 01:59:05 | 000,107,832 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.27 01:59:00 | 002,337,865 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2010.11.27 01:59:00 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.11.26 14:20:40 | 000,000,097 | ---- | M] () -- C:\Users\Blackburn\AppData\Local\fusioncache.dat [2010.11.25 22:04:21 | 000,000,061 | -HS- | M] () -- C:\Windows\cnerolf.dat [2010.11.24 00:58:21 | 000,000,023 | ---- | M] () -- C:\Windows\BlendSettings.ini [2010.11.23 13:49:47 | 000,310,984 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.11.22 21:11:21 | 000,001,208 | ---- | M] () -- C:\Users\Blackburn\Desktop\FMS32-PRO.LNK [2010.11.22 21:10:48 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\Setup1.exe [2010.11.22 21:10:47 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\ST6UNST.EXE [2010.11.22 20:14:02 | 000,042,696 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.11.22 16:49:32 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.11.22 16:45:23 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.11.22 16:44:47 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk [2010.11.22 16:40:29 | 000,001,166 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk [2010.11.21 00:53:41 | 000,001,541 | ---- | M] () -- C:\Users\Blackburn\Desktop\FSInnUI.lnk [2010.11.18 19:41:08 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2010.11.17 21:53:17 | 000,000,947 | ---- | M] () -- C:\Users\Blackburn\Desktop\Audacity.lnk [2010.11.17 15:57:13 | 000,000,336 | ---- | M] () -- C:\Windows\game.ini [2010.11.17 14:05:45 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll [2010.11.16 23:07:53 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.11.16 17:15:48 | 000,001,071 | ---- | M] () -- C:\Users\Blackburn\Desktop\Hotkey Master.lnk [2010.11.16 15:30:33 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010.11.16 15:30:32 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys [2010.11.16 14:08:28 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini [2010.11.16 14:06:58 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc ========== Files Created - No Company Name ========== [2010.12.15 18:32:35 | 101,857,236 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2010.12.14 15:31:44 | 000,000,024 | ---- | C] () -- C:\Windows\AM_D8.PRF [2010.12.13 22:43:12 | 000,054,971 | ---- | C] () -- C:\Users\Blackburn\8d89d12_b99383.jpg [2010.12.13 14:41:22 | 000,003,584 | ---- | C] () -- C:\Users\Blackburn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.13 14:36:14 | 006,935,907 | ---- | C] () -- C:\Users\Blackburn\SAM_1906.JPG [2010.12.12 19:38:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.12.12 19:28:14 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk [2010.12.12 01:42:10 | 000,003,147 | ---- | C] () -- C:\Users\Blackburn\Desktop\ILS Sim V4 starten.lnk [2010.12.11 22:26:40 | 010,881,068 | ---- | C] () -- C:\Users\Blackburn\ts3_recording_10_12_11_22_26_37.wav [2010.12.11 11:54:04 | 000,000,300 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job [2010.12.11 11:54:03 | 000,000,300 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2010.12.11 11:54:01 | 000,000,254 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2010.12.11 00:22:41 | 000,026,738 | ---- | C] () -- C:\Users\Blackburn\2365082_11e55e.jpg [2010.12.11 00:22:35 | 000,077,664 | ---- | C] () -- C:\Users\Blackburn\2365082_db04bb.jpg [2010.12.10 18:59:33 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Winterberg Configurator.lnk [2010.12.10 17:50:37 | 000,556,772 | ---- | C] () -- C:\Users\Blackburn\Desktop\WinterbergUpdater.exe [2010.12.09 23:13:34 | 000,038,492 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib [2010.12.09 22:52:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll [2010.12.09 21:49:17 | 000,001,243 | ---- | C] () -- C:\Users\Blackburn\Desktop\DVDVideoSoft Free Studio.lnk [2010.12.09 15:14:55 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk [2010.12.09 15:14:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm [2010.12.09 15:14:51 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm [2010.12.08 23:52:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2010.12.06 00:54:38 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll [2010.12.05 23:46:14 | 000,002,088 | ---- | C] () -- C:\Users\Public\Desktop\Intelli-studio.lnk [2010.12.05 23:45:45 | 000,278,355 | ---- | C] () -- C:\Users\Blackburn\Documents\ts3_clientui-win64-12815-2010-12-05 23_45_45.868225.dmp [2010.12.05 15:16:47 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2010.11.29 16:55:09 | 374,531,222 | ---- | C] () -- C:\Users\Blackburn\Desktop\FS2004 - Ground Environment Pro.rar [2010.11.29 16:44:14 | 000,009,344 | ---- | C] () -- C:\Windows\SysWow64\drivers\oreansx64.sys [2010.11.28 18:37:57 | 002,671,898 | ---- | C] () -- C:\Users\Blackburn\Desktop\a380dm02.zip [2010.11.28 08:11:43 | 000,000,050 | ---- | C] () -- C:\Windows\Winamp.ini [2010.11.28 08:11:38 | 000,000,041 | ---- | C] () -- C:\Windows\winampa.ini [2010.11.26 14:20:40 | 000,000,097 | ---- | C] () -- C:\Users\Blackburn\AppData\Local\fusioncache.dat [2010.11.26 14:02:42 | 001,619,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.11.25 22:04:21 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat [2010.11.22 21:11:21 | 000,001,208 | ---- | C] () -- C:\Users\Blackburn\Desktop\FMS32-PRO.LNK [2010.11.22 20:06:16 | 000,310,984 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys [2010.11.22 20:06:11 | 000,042,696 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys [2010.11.22 19:29:00 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini [2010.11.22 16:49:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.22 16:45:23 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.11.22 16:44:47 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk [2010.11.22 16:40:29 | 000,001,166 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk [2010.11.21 00:53:41 | 000,001,541 | ---- | C] () -- C:\Users\Blackburn\Desktop\FSInnUI.lnk [2010.11.20 05:57:23 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.20 05:57:20 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.11.20 05:57:18 | 002,337,865 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.11.18 19:41:08 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2010.11.17 21:53:17 | 000,000,947 | ---- | C] () -- C:\Users\Blackburn\Desktop\Audacity.lnk [2010.11.17 15:57:13 | 000,000,336 | ---- | C] () -- C:\Windows\game.ini [2010.11.16 23:07:53 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.11.16 17:15:48 | 000,001,071 | ---- | C] () -- C:\Users\Blackburn\Desktop\Hotkey Master.lnk [2010.11.16 15:30:33 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk [2010.11.16 15:30:32 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys [2010.11.16 14:09:13 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.11.16 14:06:58 | 000,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL [2010.11.16 14:06:58 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2010.11.16 14:06:58 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL [2010.11.16 14:06:58 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2010.11.16 14:06:58 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc [2010.11.16 14:03:59 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2006.11.01 17:01:12 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\USBPager.dll [2006.09.01 18:14:08 | 000,097,280 | ---- | C] () -- C:\Windows\SysWow64\TSRemote.dll [2006.06.29 16:24:43 | 000,318,014 | ---- | C] () -- C:\Windows\SysWow64\flt1chk4.dll < End of report > |
16.12.2010, 16:35 | #6 |
| wbumia.exe ? Zudem fällt mir gerade auf, dass sich ständig mein Internet Explorer von selbst mit Werbung öffnet. Finde ich auch etwas komisch. Ich denke mal das beste ist, wenn ich meinen Programm Ordner auf eine externe Festplatte ziehe und Windows neu installiere...ist zwar eine aufwendige Arbeit, jedoch kann ich mir dann sicher sein, dass auch alle gefährlichen Dateien verschwunden sind. Geändert von Blackburn25 (16.12.2010 um 17:29 Uhr) |
17.12.2010, 05:51 | #7 | |||
| wbumia.exe ? Hallo Zitat:
Zitat:
Zitat:
Downloade Dir bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
MFG
__________________ Kein Support per PN - Bitte im Forum posten. Wenn du das Forum unterstützen möchtest Genitiv ins Wasser, weil es dativ ist http://www.vivaconagua.org/ |
17.12.2010, 20:14 | #8 |
| wbumia.exe ? Habe jetzt mal Norton, Antivir, AVG und Anti-Malware laufen lassen. Im Moment werden keine gefährlich eingestuften Objekte gefunden. Die 15 gefährlichen Dateien, die ich beim 1. Scan entdeckt hatte, befinden sich in Anti-Malware in der Quarantäne. wbumia.exe habe ich manuell gelöscht, meine groben Registry-Fehler mit CCleaner beseitigt und ebenfalls mit dem CCleaner mal etwas die Festplatte gereinigt. Habe das Problem nun nichtmehr dass sich IE von selbst öffnet. Weiß zwar nicht ob ich jetzt komplett FREI von Schädlingen bin, aber Fortschritte scheint es ja gegeben zu haben. |
Themen zu wbumia.exe ? |
autostart, bedingt, c:\windows, ccleaner, guten, kurze, laufe, laufende prozesse, neu, prozess, prozesse, schei, schöne, schönen, troja, trojaner, unbedingt, verdächtige, wbumia, windows, überprüft, öffnet |