Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechtklick im ordner geht nicht und ausrühren nicht einstellbar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 06.01.2011, 05:52   #1
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Beitrag

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



guten morgen.

ich finde nicht wirklichen einen theard der zu meinen problem passt.
also folgendes: wenn ich in einen ordner etwas rechklicke wird es nur markiert sonst nichts und seit dem ist aus das ausführen icon im meiner startleiste verschwunden.



bevor ich es vergesse hier die hijackthislog:





HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 04:49:14, on 06.01.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\stsystra.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\NetLimiter 3\nlsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Alin\My Documents\Downloads\HiJackThis204.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll (file missing)
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll
O3 - Toolbar: COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray
O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Svchost.exe] "C:\Documents and Settings\Alin\Application Data\system32\Svchost.exe"
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7539 bytes
         
--- --- ---








danke für euer hilfe



-flavers

Alt 06.01.2011, 12:10   #2
markusg
/// Malware-holic
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten
__________________

__________________

Alt 06.01.2011, 20:14   #3
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



vielen dank für deine antwort:

beim scannen ging antivir auf kernel32.exe los hab nichts unternomen

hier die files:

ORT:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.01.2011 19:58:01 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\Alin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS
Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS
Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
 
Computer Name: ALI | User Name: Alin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\PacSteamT\steam.exe (Valve Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Documents and Settings\Alin\Local Settings\Application Data\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)
SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (EagleXNt) -- C:\WINDOWS\System32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (MonitorFunction) -- C:\WINDOWS\system32\drivers\TVMonitor.sys (TeamViewer GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (apf001) -- C:\Program Files\SoftnyxGame\WolfTeamIS\apf001.sys ()
DRV - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV - (NLNdisPT) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software)
DRV - (NLNdisMP) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SPC230NC) -- C:\WINDOWS\system32\drivers\SPC230NC.SYS (PixArt Imaging Inc.)
DRV - (PAEAFLT.sys) -- C:\WINDOWS\system32\drivers\PAEAFLT.sys (PixArt Imaging Incorporation)
DRV - (BrUsbSer) -- C:\WINDOWS\system32\drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerIf) -- C:\WINDOWS\system32\drivers\BrSerIf.sys (Brother Industries Ltd.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.4
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2
FF - prefs.js..extensions.enabledItems: {cd617372-6743-4ee4-bac4-fbf60f35719e}:2.0
FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1
 
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.11 22:03:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.15 00:42:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 13:55:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.11 22:03:16 | 000,000,000 | ---D | M]
 
[2010.10.08 18:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Extensions
[2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions
[2010.12.17 20:25:54 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
[2010.10.30 22:18:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.03 21:11:03 | 000,000,000 | ---D | M] ("Show my Password") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}
[2011.01.03 21:03:12 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}
[2010.11.12 15:34:48 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010.12.14 20:06:37 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com
[2010.12.27 06:10:41 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\finder@meingutscheincode.de
[2010.12.25 01:43:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\foxyproxy@eric.h.jung
[2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.04 21:33:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.08 20:09:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.08 20:09:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.10.11 22:03:15 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.10.08 20:09:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.11 13:55:05 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.11 13:55:05 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.11 13:55:05 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.11 13:55:05 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.11 13:55:05 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.12.10 23:26:49 | 000,000,787 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [Voipwise] C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.09 03:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.07.07 20:34:30 | 000,001,871 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "WinVNC4"
MsConfig - Services: "iPod Service"
MsConfig - StartUpFolder: C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk - C:\PROGRA~1\IPHONE~1\IPHONE~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: JP595IR86O - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixd.exe File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NtWqIVLZEWZU - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixe.exe File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SmartVoip - hkey= - key= - C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
MsConfig - StartUpReg: SPC230NC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: SPC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: Vectir - hkey= - key= - C:\Program Files\Vectir\Vectir.exe File not found
MsConfig - StartUpReg: Voipwise - hkey= - key= - C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.06 06:51:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.06 06:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ApplicationHistory
[2011.01.06 06:04:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.01.05 00:43:56 | 000,000,000 | ---D | C] -- C:\PacSteamT
[2011.01.05 00:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\system32
[2011.01.03 21:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMPUTERBILD-Abzockschutz
[2010.12.31 00:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\4Story
[2010.12.29 05:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010.12.29 04:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010.12.29 01:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 5.6.1
[2010.12.29 01:54:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010.12.29 01:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010.12.28 19:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2010.12.28 15:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\New Folder (2)
[2010.12.28 03:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.12.28 02:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ConduitEngine
[2010.12.28 02:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010.12.28 02:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Conduit
[2010.12.27 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.a245eed4.temp
[2010.12.27 20:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.00e505a9.temp
[2010.12.27 18:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.ff4901e2.temp
[2010.12.27 17:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.e765bc52.temp
[2010.12.27 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.faa30dfe.temp
[2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.cf8a77c4.temp
[2010.12.27 06:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Winload
[2010.12.27 06:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winload
[2010.12.27 05:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.12.27 05:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.temp
[2010.12.27 05:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010.12.27 05:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.12.27 02:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\My Games
[2010.12.27 02:11:12 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.12.27 02:11:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.12.27 02:11:12 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.12.27 02:11:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.12.27 02:11:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.12.27 02:11:10 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.12.27 02:11:10 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.12.27 02:11:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.12.27 02:11:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.12.27 02:11:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.12.27 02:11:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.12.27 02:11:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.12.27 02:11:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.12.27 02:11:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.12.27 02:11:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.12.27 02:11:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.12.27 02:11:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.12.27 02:11:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.12.27 02:11:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.12.27 02:11:04 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.12.27 02:11:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.12.27 02:11:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.12.27 02:11:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.12.27 02:11:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.12.27 02:11:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.12.27 02:11:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.12.27 02:10:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010.12.27 02:10:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010.12.27 02:10:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010.12.27 02:10:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010.12.27 02:10:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010.12.27 02:10:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010.12.27 02:10:57 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010.12.27 02:10:57 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010.12.27 02:10:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010.12.27 02:10:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010.12.27 02:10:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010.12.27 02:10:55 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010.12.27 02:10:55 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010.12.27 02:10:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.12.27 02:10:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.12.27 02:10:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.12.27 02:10:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.12.27 02:10:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.12.27 02:10:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.12.27 02:10:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.12.27 02:10:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.12.27 02:10:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.12.27 02:10:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.12.27 02:10:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.12.27 02:10:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.12.27 02:10:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.12.27 02:10:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.12.27 02:10:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.12.27 02:10:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.12.27 02:10:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.12.27 02:10:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010.12.27 02:10:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010.12.27 02:10:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010.12.27 02:10:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010.12.27 02:10:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010.12.27 02:10:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010.12.27 02:10:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010.12.27 02:10:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010.12.27 02:10:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010.12.27 02:10:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.12.27 02:10:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.12.27 02:10:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.12.27 02:10:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.12.27 02:10:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.12.27 02:10:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.12.27 02:10:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.12.27 02:10:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.12.27 02:10:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.12.27 02:10:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.12.27 02:10:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.12.27 02:10:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.12.27 02:10:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.12.27 02:10:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.12.27 02:10:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.12.27 02:10:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.12.27 02:10:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010.12.27 02:10:29 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.12.27 02:10:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.12.27 02:10:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.12.27 02:10:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010.12.27 02:10:28 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.12.27 02:10:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.12.27 02:10:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.12.27 02:10:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.12.27 02:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.12.27 01:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
[2010.12.27 00:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CAPCOM
[2010.12.27 00:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2010.12.27 00:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screaming Bee
[2010.12.27 00:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.12.25 23:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.12.20 23:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DynDNS Updater
[2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\DynDNS Updater
[2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.20 23:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\Vice City Mod Manager
[2010.12.20 01:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\vcmm
[2010.12.20 00:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games
[2010.12.19 21:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Locktime
[2010.12.19 21:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\NetLimiter 3
[2010.12.19 21:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.12.19 21:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2010.12.16 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\Battlefield Heroes
[2010.12.16 12:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\EA Games
[2010.12.15 15:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\June 25
[2010.12.15 13:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\PunkBuster
[2010.12.14 20:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2010.12.14 20:31:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.12.14 20:28:56 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll
[2010.12.14 20:28:56 | 000,053,248 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIf.sys
[2010.12.14 20:28:56 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04b.dll
[2010.12.14 20:28:56 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2010.12.14 20:28:56 | 000,011,904 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSer.sys
[2010.12.14 20:28:54 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010.12.14 20:28:53 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe
[2010.12.14 20:28:53 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll
[2010.12.14 20:28:48 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL
[2010.12.14 20:28:48 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010.12.14 20:28:48 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2010.12.14 20:28:42 | 000,000,000 | ---D | C] -- C:\Brother
[2010.12.14 20:28:37 | 000,122,880 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll
[2010.12.14 20:28:36 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010.12.14 20:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.12.14 20:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Brother
[2010.12.14 20:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother Administrator Utilities
[2010.12.14 20:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010.12.11 17:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6
[2010.12.11 17:00:57 | 000,013,304 | ---- | C] (TeamViewer GmbH) -- C:\WINDOWS\System32\drivers\TVMonitor.sys
[2010.12.11 14:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.12.11 14:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\San Andreas Multiplayer
[2010.12.11 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\GTA San Andreas User Files
[2010.12.10 23:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010.12.10 23:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.12.10 23:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.12.10 23:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010.12.10 21:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinSCP
[2010.12.10 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.06 19:50:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 16:34:04 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.06 16:33:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.06 16:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.06 16:33:45 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.06 06:47:06 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.06 06:45:50 | 000,441,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.06 06:45:50 | 000,071,250 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.05 15:39:37 | 000,000,265 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs
[2011.01.04 22:49:01 | 000,000,076 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url
[2011.01.04 21:31:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.01.04 17:21:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk
[2011.01.02 17:29:13 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk
[2011.01.02 00:59:05 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl
[2011.01.01 17:04:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 07:41:05 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk
[2010.12.29 01:54:24 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk
[2010.12.28 19:32:35 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.12.28 10:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.28 03:15:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\WinInit.Ini
[2010.12.28 02:56:08 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.27 06:13:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp
[2010.12.27 06:10:28 | 003,325,446 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe
[2010.12.27 00:33:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk
[2010.12.26 03:01:33 | 000,037,170 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg
[2010.12.24 15:17:35 | 000,012,920 | ---- | M] () -- C:\WINDOWS\System32\apl001.sys
[2010.12.24 15:17:35 | 000,010,872 | ---- | M] () -- C:\WINDOWS\System32\apf001.sys
[2010.12.24 12:56:29 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.21 01:54:33 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk
[2010.12.20 23:23:05 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
[2010.12.19 15:11:38 | 000,139,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.19 15:11:17 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.17 13:05:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.16 21:26:53 | 000,090,945 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf
[2010.12.16 12:06:10 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys
[2010.12.15 17:24:45 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini
[2010.12.14 20:36:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\brwmark.ini
[2010.12.14 20:31:48 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7420.dat
[2010.12.14 20:29:34 | 000,000,209 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010.12.14 20:29:34 | 000,000,092 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2010.12.14 20:29:34 | 000,000,052 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010.12.14 20:07:48 | 002,577,776 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.12.13 00:25:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2010.12.11 17:01:01 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010.12.10 23:37:11 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010.12.10 23:26:49 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[2010.12.10 23:26:49 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.12.10 22:06:55 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Alin\PUTTY.RND
[2010.12.10 21:27:40 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.05 00:15:24 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\logfile.txt
[2011.01.05 00:02:42 | 000,000,265 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs
[2011.01.04 23:55:24 | 000,467,968 | -H-- | C] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2011.01.04 17:21:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk
[2011.01.02 17:29:13 | 000,000,442 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk
[2011.01.02 00:59:05 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl
[2011.01.01 17:04:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 07:41:07 | 000,000,466 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk
[2010.12.29 01:54:24 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk
[2010.12.29 01:54:22 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.12.28 04:41:55 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.12.28 03:15:54 | 000,000,229 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2010.12.27 06:13:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp
[2010.12.27 06:09:33 | 003,325,446 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe
[2010.12.27 00:33:16 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk
[2010.12.26 03:01:32 | 000,037,170 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg
[2010.12.21 01:54:33 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk
[2010.12.20 23:23:05 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
[2010.12.20 15:35:51 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url
[2010.12.16 21:26:52 | 000,090,945 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf
[2010.12.15 17:42:16 | 002,577,776 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.12.15 17:24:40 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini
[2010.12.15 13:33:43 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.14 20:29:34 | 000,000,432 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2010.12.14 20:29:34 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010.12.14 20:29:34 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010.12.14 20:29:34 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7420.dat
[2010.12.14 20:29:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.12.14 20:28:53 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2010.12.14 20:28:42 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp
[2010.12.14 20:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010.12.14 20:18:09 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.14 20:18:08 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys
[2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.14 20:17:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.12.11 17:01:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010.12.10 23:37:11 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010.12.10 21:27:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Alin\PUTTY.RND
[2010.12.10 21:27:40 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk
[2010.12.05 21:26:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\mta.ini
[2010.12.03 11:34:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.06 22:03:26 | 000,000,842 | ---- | C] () -- C:\WINDOWS\System32\SPC230NC.INI
[2010.10.24 20:48:58 | 000,001,165 | ---- | C] () -- C:\WINDOWS\Settings.ini
[2010.10.13 00:31:57 | 000,094,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.10.11 14:54:26 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.10 22:24:14 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys
[2010.10.10 22:24:14 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys
[2010.10.08 15:24:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 
========== LOP Check ==========
 
[2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft
[2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers
[2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader
[2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron
[2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo
[2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker
[2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia
[2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite
[2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera
[2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite
[2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers
[2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip
[2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony
[2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32
[2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab
[2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer
[2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client
[2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent
[2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise
[2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips
[2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.11.23 10:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.10.21 17:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.10.21 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.10.08 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010.12.27 05:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.12.28 03:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.14 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.10.08 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.11.22 09:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.12.04 23:42:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.01.06 16:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010.10.08 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips
[2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.10.30 10:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.10.08 20:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.12.04 23:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.02.04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2010.11.10 22:03:57 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA0000000001}\setup.exe
[2010.12.10 23:30:34 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.1.0.56\SetupAdmin.exe
[2010.10.08 19:15:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.10.08 19:15:46 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.10.08 19:15:47 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.10.08 19:15:51 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.10.08 19:15:46 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.10.08 19:15:47 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.10.08 19:15:48 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.10.08 19:15:48 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.10.08 19:15:45 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.10.08 19:15:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.10.08 19:13:52 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010.10.08 19:13:44 | 000,876,824 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.10.08 19:15:48 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.10.08 19:15:50 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2010.11.15 14:41:09 | 000,155,648 | ---- | M] (Nexon) -- C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe
[2010.10.11 22:00:23 | 102,913,480 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
[2010.10.11 22:00:48 | 000,050,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
[2010.10.11 22:00:48 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
[2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
[2010.10.11 22:00:52 | 013,930,312 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
[2010.10.11 22:00:55 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
 
< %APPDATA%\*. >
[2010.11.22 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Adobe
[2010.12.05 03:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Apple Computer
[2010.11.06 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\ArcSoft
[2010.10.19 20:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Avira
[2010.12.14 20:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Brother
[2010.10.11 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DivX
[2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft
[2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers
[2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader
[2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron
[2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo
[2010.10.09 03:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Identities
[2010.11.06 22:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\InstallShield
[2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker
[2010.10.08 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Macromedia
[2010.11.22 09:20:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Alin\Application Data\Microsoft
[2010.10.08 18:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Mozilla
[2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia
[2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite
[2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera
[2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite
[2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers
[2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2011.01.04 21:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Skype
[2011.01.04 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\skypePM
[2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip
[2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony
[2010.10.08 20:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sun
[2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32
[2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab
[2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer
[2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client
[2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent
[2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise
[2010.10.08 22:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2004.08.04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[2004.08.04 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2004.08.04 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2010.10.08 15:22:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.10.08 15:22:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.10.08 15:22:04 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
========== Files - Unicode (All) ==========
[2010.11.15 15:08:15 | 000,000,000 | ---D | M](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그
[2010.11.15 15:08:15 | 000,000,000 | ---D | C](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그

< End of report >
         
--- --- ---












































extras:

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 06.01.2011 19:58:01 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\Alin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS
Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS
Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
 
Computer Name: ALI | User Name: Alin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1495:TCP" = 1495:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.)
"C:\Killing Floor\System\KillingFloor.exe" = C:\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor -- File not found
"C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin" = C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin:*:Enabled:Wolfteam -- (Softnyx Co., Ltd.)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise -- (Voipwise)
"C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe" = C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe:*:Enabled:Poker Superstars II -- File not found
"C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe" = C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe:*:Enabled:SmartVoip -- (SmartVoip)
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found
"C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe" = D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam
"{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{5D4B3647-9842-4875-B081-EF8D98C02865}" = WMPKeys
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67A5D171-4C74-4075-A492-0E480FA4B944}" = Brother BRAdmin Professional 2.81
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 12
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer
"{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"4StoryDE_is1" = 4Story 3.4
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Dead Rising 2_is1" = Dead Rising 2
"DivX Setup.divx.com" = DivX-Setup
"DynDNSUpdater" = DynDNS Updater
"Fraps" = Fraps (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multi Theft Auto" = Multi Theft Auto
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PacSteamT" = PacSteamT
"Philips Intelligent Agent_is1" = Philips Intelligent Agent
"PROSet" = Intel(R) PRO Network Connections Drivers
"PunkBusterSvc" = PunkBuster Services
"RealVNC_is1" = VNC Free Edition 4.1.3
"SmartVoip_is1" = SmartVoip
"Steam App 240" = Counter-Strike: Source
"Steam App 4100" = Poker Superstars II
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"vcmm" = Vice City Mod Manager
"VirtualCloneDrive" = VirtualCloneDrive
"Voipwise_is1" = Voipwise
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winload Toolbar" = Winload Toolbar
"winscp3_is1" = WinSCP 4.0.7
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WolfTeam" = WolfTeam
"WolfTeam International_is1" = WolfTeam International
"WolfTeam-DE" = WolfTeam-DE
"WORD" = Microsoft Office Word 2007
"World of Warcraft" = World of Warcraft
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Alin)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.12.2010 10:01:54 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 03.01.2011 12:12:38 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application wolfteam.bin, version 1.0.0.1, faulting module
 , version 0.0.0.0, fault address 0x00000000.
 
Error - 03.01.2011 15:42:59 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 10:00:32 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 16:28:01 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 18:36:46 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application gta-vc.exe, version 0.0.0.0, faulting module 
gta-vc.exe, version 0.0.0.0, fault address 0x0017901d.
 
Error - 04.01.2011 18:40:56 | Computer Name = ALI | Source = Application Hang | ID = 1002
Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 04.01.2011 19:38:21 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
 module explorer.exe, version 6.0.2900.5512, fault address 0x00009409.
 
Error - 04.01.2011 19:38:29 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
 dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
 
Error - 05.01.2011 19:53:51 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application gameoverlayui.exe, version 0.97.30.46, faulting
 module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.
 
[ NetLimiter 3 Events ]
Error - 19.12.2010 16:46:06 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The
 system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module>
<desc>Failed
 to initialize NetLimiter service.</desc> </nl-error>  <nl-error> <err-code>0</err-code>
<hresult
 code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 18:34:47 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The
 system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module>
<desc>Failed
 to initialize NetLimiter service.</desc> </nl-error>  <nl-error> <err-code>0</err-code>
<hresult
 code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

 
Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server
 execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
 to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>

<nl-error>
<err-code>1</err-code>
<hresult
 code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>

</nl-error-list>

 
Error - 03.01.2011 11:51:35 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2050</err-code> <module>NetLimiter.Main.643</module>
<desc>Failed
 to call driver.</desc> <param name='last-error' value='0'/> <param name='fun-name'
 value='DeviceIoControl'/> <param name='ioctl' value='2286448'/> </nl-error> </nl-error-list>

 
[ System Events ]
Error - 05.01.2011 17:53:54 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 4 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 05.01.2011 17:58:52 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 5 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 05.01.2011 19:58:18 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 6 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 06.01.2011 11:56:11 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 1 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 06.01.2011 11:56:13 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly.  It has done this
 1 time(s).
 
Error - 06.01.2011 11:56:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Dienst "Bonjour" service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 06.01.2011 11:56:32 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 06.01.2011 11:57:20 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly.  It has done this 1 
time(s).
 
Error - 06.01.2011 11:57:33 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 06.01.2011 14:24:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 2 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
 
< End of report >
         
--- --- ---



.danke
__________________

Alt 06.01.2011, 20:17   #4
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



vielen dank für deine antwort:

beim scannen ging antivir auf kernel32.exe los hab nichts unternomen

hier die files:

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 06.01.2011 19:58:01 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\Alin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS
Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS
Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
 
Computer Name: ALI | User Name: Alin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\PacSteamT\steam.exe (Valve Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Documents and Settings\Alin\Local Settings\Application Data\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll ()
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.)
SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (EagleXNt) -- C:\WINDOWS\System32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (MonitorFunction) -- C:\WINDOWS\system32\drivers\TVMonitor.sys (TeamViewer GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (apf001) -- C:\Program Files\SoftnyxGame\WolfTeamIS\apf001.sys ()
DRV - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software)
DRV - (NLNdisPT) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software)
DRV - (NLNdisMP) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia)
DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SPC230NC) -- C:\WINDOWS\system32\drivers\SPC230NC.SYS (PixArt Imaging Inc.)
DRV - (PAEAFLT.sys) -- C:\WINDOWS\system32\drivers\PAEAFLT.sys (PixArt Imaging Incorporation)
DRV - (BrUsbSer) -- C:\WINDOWS\system32\drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerIf) -- C:\WINDOWS\system32\drivers\BrSerIf.sys (Brother Industries Ltd.)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.4
FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2
FF - prefs.js..extensions.enabledItems: {cd617372-6743-4ee4-bac4-fbf60f35719e}:2.0
FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1
 
FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.11 22:03:15 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.15 00:42:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 13:55:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.11 22:03:16 | 000,000,000 | ---D | M]
 
[2010.10.08 18:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Extensions
[2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions
[2010.12.17 20:25:54 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
[2010.10.30 22:18:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.01.03 21:11:03 | 000,000,000 | ---D | M] ("Show my Password") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}
[2011.01.03 21:03:12 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}
[2010.11.12 15:34:48 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010.12.14 20:06:37 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com
[2010.12.27 06:10:41 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\finder@meingutscheincode.de
[2010.12.25 01:43:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\foxyproxy@eric.h.jung
[2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.01.04 21:33:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.08 20:09:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.10.08 20:09:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010.10.11 22:03:15 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION
[2010.10.08 20:09:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.12.11 13:55:05 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.11 13:55:05 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.11 13:55:05 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.11 13:55:05 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.11 13:55:05 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.12.10 23:26:49 | 000,000,787 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe (Zamiinc)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software)
O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [Voipwise] C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.10.09 03:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.07.07 20:34:30 | 000,001,871 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "WinVNC4"
MsConfig - Services: "iPod Service"
MsConfig - StartUpFolder: C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk - C:\PROGRA~1\IPHONE~1\IPHONE~1.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: JP595IR86O - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixd.exe File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NtWqIVLZEWZU - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixe.exe File not found
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: SmartVoip - hkey= - key= - C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip)
MsConfig - StartUpReg: SPC230NC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: SPC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found
MsConfig - StartUpReg: Vectir - hkey= - key= - C:\Program Files\Vectir\Vectir.exe File not found
MsConfig - StartUpReg: Voipwise - hkey= - key= - C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm ()
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (17183584330711040)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.06 06:51:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.01.06 06:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ApplicationHistory
[2011.01.06 06:04:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011.01.05 00:43:56 | 000,000,000 | ---D | C] -- C:\PacSteamT
[2011.01.05 00:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\system32
[2011.01.03 21:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMPUTERBILD-Abzockschutz
[2010.12.31 00:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\4Story
[2010.12.29 05:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE
[2010.12.29 04:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP
[2010.12.29 01:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 5.6.1
[2010.12.29 01:54:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll
[2010.12.29 01:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010.12.28 19:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft
[2010.12.28 15:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\New Folder (2)
[2010.12.28 03:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.12.28 02:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ConduitEngine
[2010.12.28 02:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010.12.28 02:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Conduit
[2010.12.27 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.a245eed4.temp
[2010.12.27 20:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.00e505a9.temp
[2010.12.27 18:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.ff4901e2.temp
[2010.12.27 17:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.e765bc52.temp
[2010.12.27 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.faa30dfe.temp
[2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.cf8a77c4.temp
[2010.12.27 06:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Winload
[2010.12.27 06:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winload
[2010.12.27 05:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2010.12.27 05:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.temp
[2010.12.27 05:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2010.12.27 05:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.12.27 02:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\My Games
[2010.12.27 02:11:12 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll
[2010.12.27 02:11:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll
[2010.12.27 02:11:12 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll
[2010.12.27 02:11:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll
[2010.12.27 02:11:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll
[2010.12.27 02:11:10 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll
[2010.12.27 02:11:10 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll
[2010.12.27 02:11:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll
[2010.12.27 02:11:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll
[2010.12.27 02:11:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll
[2010.12.27 02:11:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll
[2010.12.27 02:11:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2010.12.27 02:11:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll
[2010.12.27 02:11:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2010.12.27 02:11:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2010.12.27 02:11:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2010.12.27 02:11:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2010.12.27 02:11:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2010.12.27 02:11:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2010.12.27 02:11:04 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2010.12.27 02:11:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2010.12.27 02:11:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2010.12.27 02:11:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.12.27 02:11:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.12.27 02:11:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.12.27 02:11:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.12.27 02:10:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2010.12.27 02:10:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2010.12.27 02:10:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2010.12.27 02:10:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2010.12.27 02:10:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2010.12.27 02:10:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2010.12.27 02:10:57 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2010.12.27 02:10:57 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2010.12.27 02:10:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2010.12.27 02:10:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2010.12.27 02:10:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2010.12.27 02:10:55 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2010.12.27 02:10:55 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2010.12.27 02:10:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2010.12.27 02:10:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2010.12.27 02:10:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2010.12.27 02:10:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2010.12.27 02:10:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2010.12.27 02:10:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2010.12.27 02:10:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2010.12.27 02:10:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2010.12.27 02:10:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2010.12.27 02:10:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2010.12.27 02:10:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2010.12.27 02:10:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2010.12.27 02:10:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2010.12.27 02:10:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2010.12.27 02:10:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2010.12.27 02:10:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2010.12.27 02:10:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2010.12.27 02:10:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2010.12.27 02:10:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2010.12.27 02:10:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2010.12.27 02:10:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2010.12.27 02:10:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2010.12.27 02:10:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2010.12.27 02:10:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2010.12.27 02:10:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2010.12.27 02:10:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2010.12.27 02:10:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2010.12.27 02:10:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2010.12.27 02:10:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2010.12.27 02:10:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2010.12.27 02:10:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2010.12.27 02:10:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2010.12.27 02:10:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2010.12.27 02:10:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2010.12.27 02:10:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2010.12.27 02:10:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2010.12.27 02:10:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2010.12.27 02:10:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2010.12.27 02:10:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2010.12.27 02:10:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2010.12.27 02:10:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2010.12.27 02:10:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2010.12.27 02:10:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2010.12.27 02:10:29 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2010.12.27 02:10:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2010.12.27 02:10:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2010.12.27 02:10:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2010.12.27 02:10:28 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2010.12.27 02:10:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2010.12.27 02:10:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2010.12.27 02:10:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2010.12.27 02:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2010.12.27 01:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee
[2010.12.27 00:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CAPCOM
[2010.12.27 00:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2010.12.27 00:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screaming Bee
[2010.12.27 00:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.12.25 23:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2010.12.20 23:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DynDNS Updater
[2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\DynDNS Updater
[2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.20 23:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\Vice City Mod Manager
[2010.12.20 01:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\vcmm
[2010.12.20 00:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games
[2010.12.19 21:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Locktime
[2010.12.19 21:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\NetLimiter 3
[2010.12.19 21:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.12.19 21:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3
[2010.12.16 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\Battlefield Heroes
[2010.12.16 12:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\EA Games
[2010.12.15 15:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\June 25
[2010.12.15 13:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\PunkBuster
[2010.12.14 20:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother
[2010.12.14 20:31:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys
[2010.12.14 20:28:56 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll
[2010.12.14 20:28:56 | 000,053,248 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIf.sys
[2010.12.14 20:28:56 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04b.dll
[2010.12.14 20:28:56 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys
[2010.12.14 20:28:56 | 000,011,904 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSer.sys
[2010.12.14 20:28:54 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll
[2010.12.14 20:28:53 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe
[2010.12.14 20:28:53 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll
[2010.12.14 20:28:48 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL
[2010.12.14 20:28:48 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll
[2010.12.14 20:28:48 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE
[2010.12.14 20:28:42 | 000,000,000 | ---D | C] -- C:\Brother
[2010.12.14 20:28:37 | 000,122,880 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll
[2010.12.14 20:28:36 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll
[2010.12.14 20:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.12.14 20:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Brother
[2010.12.14 20:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother Administrator Utilities
[2010.12.14 20:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Brother
[2010.12.11 17:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6
[2010.12.11 17:00:57 | 000,013,304 | ---- | C] (TeamViewer GmbH) -- C:\WINDOWS\System32\drivers\TVMonitor.sys
[2010.12.11 14:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.12.11 14:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\San Andreas Multiplayer
[2010.12.11 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\GTA San Andreas User Files
[2010.12.10 23:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2010.12.10 23:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010.12.10 23:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010.12.10 23:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010.12.10 21:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinSCP
[2010.12.10 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.06 19:50:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 16:34:04 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.06 16:33:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.01.06 16:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.01.06 16:33:45 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.01.06 06:47:06 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.01.06 06:45:50 | 000,441,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.01.06 06:45:50 | 000,071,250 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.01.05 15:39:37 | 000,000,265 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs
[2011.01.04 22:49:01 | 000,000,076 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url
[2011.01.04 21:31:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2011.01.04 17:21:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk
[2011.01.02 17:29:13 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk
[2011.01.02 00:59:05 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl
[2011.01.01 17:04:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 07:41:05 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk
[2010.12.29 01:54:24 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk
[2010.12.28 19:32:35 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.12.28 10:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010.12.28 03:15:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\WinInit.Ini
[2010.12.28 02:56:08 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.27 06:13:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp
[2010.12.27 06:10:28 | 003,325,446 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe
[2010.12.27 00:33:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk
[2010.12.26 03:01:33 | 000,037,170 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg
[2010.12.24 15:17:35 | 000,012,920 | ---- | M] () -- C:\WINDOWS\System32\apl001.sys
[2010.12.24 15:17:35 | 000,010,872 | ---- | M] () -- C:\WINDOWS\System32\apf001.sys
[2010.12.24 12:56:29 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.12.21 01:54:33 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk
[2010.12.20 23:23:05 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
[2010.12.19 15:11:38 | 000,139,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.19 15:11:17 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.17 13:05:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.16 21:26:53 | 000,090,945 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf
[2010.12.16 12:06:10 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys
[2010.12.15 17:24:45 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini
[2010.12.14 20:36:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\brwmark.ini
[2010.12.14 20:31:48 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7420.dat
[2010.12.14 20:29:34 | 000,000,209 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini
[2010.12.14 20:29:34 | 000,000,092 | ---- | M] () -- C:\WINDOWS\brpcfx.ini
[2010.12.14 20:29:34 | 000,000,052 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI
[2010.12.14 20:07:48 | 002,577,776 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.12.13 00:25:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2010.12.11 17:01:01 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010.12.10 23:37:11 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010.12.10 23:26:49 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella
[2010.12.10 23:26:49 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.12.10 22:06:55 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Alin\PUTTY.RND
[2010.12.10 21:27:40 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.05 00:15:24 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\logfile.txt
[2011.01.05 00:02:42 | 000,000,265 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs
[2011.01.04 23:55:24 | 000,467,968 | -H-- | C] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2011.01.04 17:21:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk
[2011.01.02 17:29:13 | 000,000,442 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk
[2011.01.02 00:59:05 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl
[2011.01.01 17:04:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.12.30 07:41:07 | 000,000,466 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk
[2010.12.29 01:54:24 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk
[2010.12.29 01:54:22 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.12.28 04:41:55 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk
[2010.12.28 03:15:54 | 000,000,229 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2010.12.27 06:13:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp
[2010.12.27 06:09:33 | 003,325,446 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe
[2010.12.27 00:33:16 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk
[2010.12.26 03:01:32 | 000,037,170 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg
[2010.12.21 01:54:33 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk
[2010.12.20 23:23:05 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
[2010.12.20 15:35:51 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url
[2010.12.16 21:26:52 | 000,090,945 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf
[2010.12.15 17:42:16 | 002,577,776 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.12.15 17:24:40 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini
[2010.12.15 13:33:43 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr
[2010.12.14 20:29:34 | 000,000,432 | ---- | C] () -- C:\WINDOWS\brwmark.ini
[2010.12.14 20:29:34 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2010.12.14 20:29:34 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2010.12.14 20:29:34 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7420.dat
[2010.12.14 20:29:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2010.12.14 20:28:53 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2010.12.14 20:28:42 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp
[2010.12.14 20:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2010.12.14 20:18:09 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.12.14 20:18:08 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys
[2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0
[2010.12.14 20:17:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.12.11 17:01:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk
[2010.12.10 23:37:11 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010.12.10 21:27:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Alin\PUTTY.RND
[2010.12.10 21:27:40 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk
[2010.12.05 21:26:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\mta.ini
[2010.12.03 11:34:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.06 22:03:26 | 000,000,842 | ---- | C] () -- C:\WINDOWS\System32\SPC230NC.INI
[2010.10.24 20:48:58 | 000,001,165 | ---- | C] () -- C:\WINDOWS\Settings.ini
[2010.10.13 00:31:57 | 000,094,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2010.10.11 14:54:26 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.10 22:24:14 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys
[2010.10.10 22:24:14 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys
[2010.10.08 15:24:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
 
========== LOP Check ==========
 
[2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft
[2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers
[2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader
[2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron
[2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo
[2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker
[2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia
[2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite
[2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera
[2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite
[2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers
[2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip
[2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony
[2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32
[2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab
[2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer
[2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client
[2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent
[2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise
[2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips
[2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2010.11.23 10:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010.10.21 17:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010.10.21 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010.10.08 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2010.12.27 05:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard
[2010.12.28 03:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment
[2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010.12.14 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother
[2010.10.08 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX
[2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS
[2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2010.11.22 09:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2010.12.04 23:42:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011.01.06 16:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon
[2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU
[2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
[2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
[2010.10.08 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips
[2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee
[2010.10.30 10:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
[2010.10.08 20:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010.12.04 23:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009.02.04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe
[2010.11.10 22:03:57 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA0000000001}\setup.exe
[2010.12.10 23:30:34 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 10.1.0.56\SetupAdmin.exe
[2010.10.08 19:15:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
[2010.10.08 19:15:46 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
[2010.10.08 19:15:47 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
[2010.10.08 19:15:51 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
[2010.10.08 19:15:46 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe
[2010.10.08 19:15:47 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe
[2010.10.08 19:15:48 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
[2010.10.08 19:15:48 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
[2010.10.08 19:15:45 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
[2010.10.08 19:15:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
[2010.10.08 19:13:52 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
[2010.10.08 19:13:44 | 000,876,824 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
[2010.10.08 19:15:48 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe
[2010.10.08 19:15:50 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
[2010.11.15 14:41:09 | 000,155,648 | ---- | M] (Nexon) -- C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe
[2010.10.11 22:00:23 | 102,913,480 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
[2010.10.11 22:00:48 | 000,050,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
[2010.10.11 22:00:48 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
[2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
[2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
[2010.10.11 22:00:52 | 013,930,312 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
[2010.10.11 22:00:55 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
 
< %APPDATA%\*. >
[2010.11.22 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Adobe
[2010.12.05 03:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Apple Computer
[2010.11.06 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\ArcSoft
[2010.10.19 20:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Avira
[2010.12.14 20:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Brother
[2010.10.11 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DivX
[2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft
[2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers
[2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader
[2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron
[2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo
[2010.10.09 03:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Identities
[2010.11.06 22:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\InstallShield
[2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker
[2010.10.08 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Macromedia
[2010.11.22 09:20:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Alin\Application Data\Microsoft
[2010.10.08 18:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Mozilla
[2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia
[2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite
[2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera
[2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite
[2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers
[2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee
[2011.01.04 21:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Skype
[2011.01.04 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\skypePM
[2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip
[2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony
[2010.10.08 20:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sun
[2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32
[2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab
[2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer
[2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client
[2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent
[2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise
[2010.10.08 22:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe
[2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2004.08.04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2004.08.04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll
[2004.08.04 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2004.08.04 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2010.10.08 15:22:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.10.08 15:22:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.10.08 15:22:04 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
========== Files - Unicode (All) ==========
[2010.11.15 15:08:15 | 000,000,000 | ---D | M](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그
[2010.11.15 15:08:15 | 000,000,000 | ---D | C](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그

< End of report >
         
--- --- ---





























OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 06.01.2011 19:58:01 - Run 1
OTL by OldTimer - Version 3.2.20.1     Folder = C:\Documents and Settings\Alin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS
Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS
Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32
 
Computer Name: ALI | User Name: Alin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1495:TCP" = 1495:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.)
"C:\Killing Floor\System\KillingFloor.exe" = C:\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor -- File not found
"C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin" = C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin:*:Enabled:Wolfteam -- (Softnyx Co., Ltd.)
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process  -- (Nokia Corporation)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise -- (Voipwise)
"C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe" = C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe:*:Enabled:Poker Superstars II -- File not found
"C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found
"C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe" = C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe:*:Enabled:SmartVoip -- (SmartVoip)
"C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon)
"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found
"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found
"C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found
"C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- File not found
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe" = D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- ()
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam
"{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices
"{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1
"{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City
"{5D4B3647-9842-4875-B081-EF8D98C02865}" = WMPKeys
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67A5D171-4C74-4075-A492-0E480FA4B944}" = Brother BRAdmin Professional 2.81
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform
"{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 12
"{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3
"{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1
"{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer
"{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"4StoryDE_is1" = 4Story 3.4
"504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"Dead Rising 2_is1" = Dead Rising 2
"DivX Setup.divx.com" = DivX-Setup
"DynDNSUpdater" = DynDNS Updater
"Fraps" = Fraps (remove only)
"JDownloader" = JDownloader
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Multi Theft Auto" = Multi Theft Auto
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PacSteamT" = PacSteamT
"Philips Intelligent Agent_is1" = Philips Intelligent Agent
"PROSet" = Intel(R) PRO Network Connections Drivers
"PunkBusterSvc" = PunkBuster Services
"RealVNC_is1" = VNC Free Edition 4.1.3
"SmartVoip_is1" = SmartVoip
"Steam App 240" = Counter-Strike: Source
"Steam App 4100" = Poker Superstars II
"TeamViewer 5" = TeamViewer 5
"TeamViewer 6" = TeamViewer 6
"uTorrent" = µTorrent
"vcmm" = Vice City Mod Manager
"VirtualCloneDrive" = VirtualCloneDrive
"Voipwise_is1" = Voipwise
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"Winload Toolbar" = Winload Toolbar
"winscp3_is1" = WinSCP 4.0.7
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"WolfTeam" = WolfTeam
"WolfTeam International_is1" = WolfTeam International
"WolfTeam-DE" = WolfTeam-DE
"WORD" = Microsoft Office Word 2007
"World of Warcraft" = World of Warcraft
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Alin)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 31.12.2010 10:01:54 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 03.01.2011 12:12:38 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application wolfteam.bin, version 1.0.0.1, faulting module
 , version 0.0.0.0, fault address 0x00000000.
 
Error - 03.01.2011 15:42:59 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 10:00:32 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 16:28:01 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application nlclientapp.exe, version 3.0.0.10, faulting module
 nlclientapp.exe, version 3.0.0.10, fault address 0x0008fca5.
 
Error - 04.01.2011 18:36:46 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application gta-vc.exe, version 0.0.0.0, faulting module 
gta-vc.exe, version 0.0.0.0, fault address 0x0017901d.
 
Error - 04.01.2011 18:40:56 | Computer Name = ALI | Source = Application Hang | ID = 1002
Description = Hanging application hl2.exe, version 0.0.0.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 04.01.2011 19:38:21 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting
 module explorer.exe, version 6.0.2900.5512, fault address 0x00009409.
 
Error - 04.01.2011 19:38:29 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module
 dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
 
Error - 05.01.2011 19:53:51 | Computer Name = ALI | Source = Application Error | ID = 1000
Description = Faulting application gameoverlayui.exe, version 0.97.30.46, faulting
 module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b.
 
[ NetLimiter 3 Events ]
Error - 19.12.2010 16:46:06 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The
 system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module>
<desc>Failed
 to initialize NetLimiter service.</desc> </nl-error>  <nl-error> <err-code>0</err-code>
<hresult
 code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

 
Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 18:34:47 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The
 system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module>
<desc>Failed
 to initialize NetLimiter service.</desc> </nl-error>  <nl-error> <err-code>0</err-code>
<hresult
 code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module>
<param
 name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error>

</nl-error-list>

 
Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = The service failed to start 
 
Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server
 execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error>
</nl-error-list>

 
Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module>
<desc>Failed
 to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error>

<nl-error>
<err-code>1</err-code>
<hresult
 code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module>
</nl-error>

</nl-error-list>

 
Error - 03.01.2011 11:51:35 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000
Description = <nl-error-list> <nl-error> <err-code>2050</err-code> <module>NetLimiter.Main.643</module>
<desc>Failed
 to call driver.</desc> <param name='last-error' value='0'/> <param name='fun-name'
 value='DeviceIoControl'/> <param name='ioctl' value='2286448'/> </nl-error> </nl-error-list>

 
[ System Events ]
Error - 05.01.2011 17:53:54 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 4 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 05.01.2011 17:58:52 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 5 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 05.01.2011 19:58:18 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 6 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 06.01.2011 11:56:11 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 1 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
Error - 06.01.2011 11:56:13 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly.  It has done this
 1 time(s).
 
Error - 06.01.2011 11:56:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Dienst "Bonjour" service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 06.01.2011 11:56:32 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Application Layer Gateway Service service terminated unexpectedly.
  It has done this 1 time(s).
 
Error - 06.01.2011 11:57:20 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The PnkBstrA service terminated unexpectedly.  It has done this 1 
time(s).
 
Error - 06.01.2011 11:57:33 | Computer Name = ALI | Source = Service Control Manager | ID = 7034
Description = The Java Quick Starter service terminated unexpectedly.  It has done
 this 1 time(s).
 
Error - 06.01.2011 14:24:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7031
Description = The Apple Mobile Device service terminated unexpectedly.  It has done
 this 2 time(s).  The following corrective action will be taken in 60000 milliseconds:
 Restart the service.
 
 
< End of report >
         
--- --- ---



.danke

Alt 06.01.2011, 20:40   #5
markusg
/// Malware-holic
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



poste die meldung mal bitte und wposte mal die meldung von avira, fund in quarantäne.
download malwarebytes:
Malwarebytes
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.01.2011, 01:21   #6
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



hier die meldung von antivir








habe die vollständige durchsuchung durch laufen lassen
log file :


Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5474

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

07.01.2011 01:09:30
mbam-log-2011-01-07 (01-09-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Durchsuchte Objekte: 235067
Laufzeit: 58 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 6
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 8

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OW1T3CYG7T (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun (PUM.Hijack.Run) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\documents and settings\Alin\local settings\Temp\001GF1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Alin\local settings\Temp\Ixb.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\Alin\local settings\Temp\Ixf.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
c:\documents and settings\Alin\local settings\Temp\Ixh.exe (Trojan.FakeAV) -> Quarantined and deleted successfully.
c:\documents and settings\Alin\local settings\Temp\sshnas21.dll (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{0f9d03e2-a6eb-449a-aec8-6b32c8444f10}\RP96\A0051947.exe (Trojan.Cospet) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\WINDOWS\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.

         


nach dem neustat kam ausführenicon wieder aber aufm desktop und in ordner kann ich immer noch nichts rechtsklicken(es wird bei rechtsklick nur markiert)


.flavers

Geändert von flavers (07.01.2011 um 01:50 Uhr)

Alt 07.01.2011, 14:02   #7
markusg
/// Malware-holic
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



immer mit der ruhe :-)
bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.01.2011, 17:44   #8
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



hier :


Code:
ATTFilter
ComboFix 11-01-06.06 - Alin 07.01.2011  17:25:59.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1033.18.1022.568 [GMT 1:00]
ausgeführt von:: c:\documents and settings\Alin\My Documents\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Alin\Application Data\Autorun.vbs
c:\documents and settings\Alin\Application Data\system32

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


(((((((((((((((((((((((   Dateien erstellt von 2010-12-07 bis 2011-01-07  ))))))))))))))))))))))))))))))
.

2011-01-07 00:24 . 2011-01-07 00:24	--------	d-----w-	c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\documents and settings\Alin\Application Data\Malwarebytes
2011-01-06 22:40 . 2010-12-20 17:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-06 22:40 . 2010-12-20 17:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-01-06 05:46 . 2011-01-06 05:47	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\ApplicationHistory
2011-01-06 05:04 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2011-01-06 05:03 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2011-01-04 23:43 . 2011-01-04 23:43	--------	d-----w-	C:\PacSteamT
2011-01-03 20:03 . 2011-01-03 20:03	--------	d-----w-	c:\program files\COMPUTERBILD-Abzockschutz
2010-12-29 04:14 . 2010-12-29 04:14	--------	d-----w-	c:\windows\system32\de-DE
2010-12-29 03:50 . 2010-12-29 03:50	--------	d-----w-	c:\windows\system32\URTTEMP
2010-12-29 00:54 . 2009-11-03 13:07	1970176	----a-w-	c:\windows\system32\d3dx9.dll
2010-12-29 00:54 . 2009-11-03 13:07	679936	----a-w-	c:\windows\system32\D3DX81ab.dll
2010-12-29 00:54 . 2010-12-29 03:21	--------	d-----w-	c:\program files\Cheat Engine
2010-12-28 02:27 . 2010-12-28 02:27	--------	d-----w-	c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2010-12-28 01:09 . 2010-12-28 01:09	--------	d-----w-	c:\program files\ConduitEngine
2010-12-28 01:09 . 2010-12-28 01:09	0	----a-w-	c:\windows\system32\ConduitEngine.tmp
2010-12-28 01:08 . 2010-12-28 01:08	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Conduit
2010-12-27 14:23 . 2010-12-27 15:04	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-12-27 05:10 . 2010-12-28 20:11	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Winload
2010-12-27 05:10 . 2010-12-28 01:09	--------	d-----w-	c:\program files\Winload
2010-12-27 04:00 . 2010-12-27 04:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\Blizzard
2010-12-27 01:10 . 2008-10-10 03:52	452440	----a-w-	c:\windows\system32\d3dx10_40.dll
2010-12-27 01:07 . 2010-12-27 01:07	--------	d-----w-	c:\windows\Logs
2010-12-27 00:26 . 2010-12-27 00:39	--------	d-----w-	c:\program files\Screaming Bee
2010-12-26 23:34 . 2010-12-27 00:36	--------	d-----w-	c:\documents and settings\Alin\Application Data\Screaming Bee
2010-12-26 23:33 . 2010-12-26 23:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\Screaming Bee
2010-12-20 22:23 . 2010-12-20 22:23	--------	d-----w-	c:\program files\DynDNS Updater
2010-12-20 22:23 . 2010-12-20 22:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\DynDNS
2010-12-20 22:07 . 2010-12-27 19:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\boost_interprocess
2010-12-20 00:20 . 2010-12-20 00:20	--------	d-----w-	c:\program files\vcmm
2010-12-19 20:45 . 2010-12-19 20:45	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Locktime
2010-12-19 20:44 . 2010-12-19 20:44	--------	d-----w-	c:\documents and settings\All Users\Application Data\Locktime
2010-12-19 20:44 . 2010-12-19 20:44	--------	d-----w-	c:\program files\NetLimiter 3
2010-12-15 16:42 . 2010-12-14 19:07	2577776	----a-w-	c:\windows\system32\pbsvc_heroes.exe
2010-12-15 12:33 . 2010-12-19 14:11	270240	----a-w-	c:\windows\system32\PnkBstrB.xtr
2010-12-15 12:32 . 2010-12-15 12:32	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\PunkBuster
2010-12-14 19:31 . 2008-04-13 19:47	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2010-12-14 19:31 . 2008-04-13 19:47	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2010-12-14 19:27 . 2010-12-14 19:27	--------	d-----w-	c:\documents and settings\All Users\Application Data\Brother
2010-12-14 19:21 . 2010-12-14 19:36	--------	d-----w-	c:\documents and settings\Alin\Application Data\Brother
2010-12-14 19:20 . 2010-12-14 19:29	--------	d-----w-	c:\program files\Brother
2010-12-14 19:18 . 2010-12-19 14:11	139080	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-12-14 19:18 . 2010-12-16 11:06	138056	----a-w-	c:\documents and settings\Alin\Application Data\PnkBstrK.sys
2010-12-14 19:17 . 2010-12-19 14:11	270240	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-12-14 19:17 . 2010-12-17 12:05	270240	----a-w-	c:\windows\system32\PnkBstrB.ex0
2010-12-14 19:17 . 2010-12-16 11:05	75136	----a-w-	c:\windows\system32\PnkBstrA.exe
2010-12-11 16:00 . 2010-11-25 15:28	13304	----a-w-	c:\windows\system32\drivers\TVMonitor.sys
2010-12-11 13:44 . 2010-12-11 13:44	--------	d-----w-	c:\program files\Rockstar Games
2010-12-11 13:44 . 2002-12-05 13:10	155648	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2010-12-11 13:44 . 2002-12-02 12:33	57344	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2010-12-11 13:44 . 2002-12-02 12:33	237568	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2010-12-11 13:44 . 2003-02-27 15:12	696320	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2010-12-11 13:44 . 2002-12-02 14:22	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2010-12-11 13:44 . 2010-12-11 13:44	282756	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2010-12-11 13:44 . 2010-12-11 13:44	163972	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2010-12-10 22:36 . 2010-12-10 22:36	--------	d-----w-	c:\program files\iPod
2010-12-10 22:36 . 2010-12-10 22:37	--------	d-----w-	c:\program files\iTunes
2010-12-10 22:34 . 2010-12-10 22:34	--------	d-----w-	c:\documents and settings\LocalService\Application Data\Apple Computer
2010-12-10 20:27 . 2010-12-10 20:27	--------	d-----w-	c:\program files\WinSCP

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-24 14:17 . 2010-10-10 21:24	12920	----a-w-	c:\windows\system32\apl001.sys
2010-12-24 14:17 . 2010-10-10 21:24	10872	----a-w-	c:\windows\system32\apf001.sys
2010-12-24 11:56 . 2010-10-08 18:43	135096	----a-w-	c:\windows\system32\drivers\avipbb.sys
2010-11-23 07:39 . 2010-10-08 18:43	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:12 . 2010-10-09 02:27	81920	----a-w-	c:\windows\system32\isign32.dll
2010-11-05 05:05 . 2004-08-04 12:00	667136	----a-w-	c:\windows\system32\wininet.dll
2010-11-05 05:05 . 2004-08-04 12:00	61952	----a-w-	c:\windows\system32\tdc.ocx
2010-11-05 05:05 . 2004-08-04 12:00	81920	----a-w-	c:\windows\system32\ieencode.dll
2010-11-03 12:59 . 2004-08-04 12:00	369664	----a-w-	c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-04 12:00	40960	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-04 12:00	290048	----a-w-	c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-04 12:00	1853312	----a-w-	c:\windows\system32\win32k.sys
2010-10-19 20:51 . 2010-12-04 22:44	222080	------w-	c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26	3908192	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2010-10-18 10:26	3908192	----a-w-	c:\program files\Winload\tbWin0.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-21 281768]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk]
path=c:\documents and settings\Alin\Start Menu\Programs\Startup\iPhoneRingToneMaker.lnk
backup=c:\windows\pss\iPhoneRingToneMaker.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\TrayMin230.lnk
backup=c:\windows\pss\TrayMin230.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2011-01-02 16:29	319488	----a-w-	d:\4story\PrePatch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49	932288	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-10 11:49	35736	----a-w-	c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04	1164584	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12	1695232	------w-	c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
2010-08-30 13:16	1781760	----a-w-	c:\program files\NetLimiter 3\NLClientApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 14:24	13923432	----a-w-	c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 14:24	110696	----a-w-	c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17	421888	----a-w-	c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip]
2010-11-30 13:03	12797232	----a-w-	c:\program files\SmartVoip.com\SmartVoip\SmartVoip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor]
2007-12-10 14:55	323584	----a-w-	c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor]
2007-12-10 14:55	323584	----a-w-	c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise]
2010-10-04 15:43	11704624	----a-w-	c:\program files\Voipwise.com\Voipwise\Voipwise.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinVNC4"=2 (0x2)
"iPod Service"=3 (0x3)
"ServiceLayer"=3 (0x3)
"PnkBstrA"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"npggsvc"=3 (0x3)
"nlsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gupdate"=2 (0x2)
"DynDNS Updater"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SoftnyxGame\\WolfTeamIS\\Wolfteam.bin"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"c:\\Program Files\\SmartVoip.com\\SmartVoip\\SmartVoip.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\PacSteamT\\SteamApps\\killahorst482\\counter-strike source\\hl2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [30.08.2010 14:24 5281672]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [04.08.2004 13:00 14336]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [08.10.2010 19:43 135336]
R3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [11.12.2010 17:00 13304]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26.11.2009 00:06 34384]
S3 apf001;apf001;c:\program files\SoftnyxGame\WolfTeamIS\apf001.sys [10.10.2010 22:09 10872]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.10.2010 22:02 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.10.2010 22:02 8320]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [06.11.2010 22:03 8576]
S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\drivers\SPC230NC.SYS [06.11.2010 22:03 461056]
S4 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.04.2010 17:19 103800]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08.10.2010 18:40 136176]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners

2010-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\
FF - prefs.js: browser.startup.homepage - google.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com
FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Mein Gutscheincode Finder: finder@meingutscheincode.de - %profile%\extensions\finder@meingutscheincode.de
FF - Ext: Show my Password: {cd617372-6743-4ee4-bac4-fbf60f35719e} - %profile%\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-JP595IR86O - c:\docume~1\Alin\LOCALS~1\Temp\Ixd.exe
MSConfigStartUp-NtWqIVLZEWZU - c:\docume~1\Alin\LOCALS~1\Temp\Ixe.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-Vectir - c:\program files\Vectir\Vectir.exe
AddRemove-Dead Rising 2_is1 - d:\dead s\Dead Rising 2\Uninstall\unins000.exe
AddRemove-Multi Theft Auto - c:\fraps\gta\Vice City\Multi Theft Auto\Uninstall.exe
AddRemove-PacSteamT - c:\pacsteamt\PacSteamT-Uninstall.exe
AddRemove-PunkBusterSvc - d:\woflteam\pbsvc_heroes.exe
AddRemove-Steam App 4100 - c:\pacsteamt\steam.exe
AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - d:\woflteam\uninstaller.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-01-07 17:38
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(2416)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-07  17:42:23 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-01-07 16:42

Vor Suchlauf: 3.704.340.480 bytes free
Nach Suchlauf: 5.021.462.528 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 0645C93133C22DAF6A6B30742A3C6964
         



nach dem es fertig war kam diese hier auch .
Code:
ATTFilter
ComboFix 11-01-06.06 - Alin 07.01.2011  17:25:59.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1033.18.1022.568 [GMT 1:00]
ausgeführt von:: c:\documents and settings\Alin\My Documents\Downloads\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Alin\Application Data\Autorun.vbs
c:\documents and settings\Alin\Application Data\system32

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS


(((((((((((((((((((((((   Dateien erstellt von 2010-12-07 bis 2011-01-07  ))))))))))))))))))))))))))))))
.

2011-01-07 00:24 . 2011-01-07 00:24	--------	d-----w-	c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\documents and settings\Alin\Application Data\Malwarebytes
2011-01-06 22:40 . 2010-12-20 17:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2011-01-06 22:40 . 2010-12-20 17:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-01-06 22:40 . 2011-01-06 22:40	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-01-06 05:46 . 2011-01-06 05:47	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\ApplicationHistory
2011-01-06 05:04 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2011-01-06 05:03 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2011-01-04 23:43 . 2011-01-04 23:43	--------	d-----w-	C:\PacSteamT
2011-01-03 20:03 . 2011-01-03 20:03	--------	d-----w-	c:\program files\COMPUTERBILD-Abzockschutz
2010-12-29 04:14 . 2010-12-29 04:14	--------	d-----w-	c:\windows\system32\de-DE
2010-12-29 03:50 . 2010-12-29 03:50	--------	d-----w-	c:\windows\system32\URTTEMP
2010-12-29 00:54 . 2009-11-03 13:07	1970176	----a-w-	c:\windows\system32\d3dx9.dll
2010-12-29 00:54 . 2009-11-03 13:07	679936	----a-w-	c:\windows\system32\D3DX81ab.dll
2010-12-29 00:54 . 2010-12-29 03:21	--------	d-----w-	c:\program files\Cheat Engine
2010-12-28 02:27 . 2010-12-28 02:27	--------	d-----w-	c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2010-12-28 01:09 . 2010-12-28 01:09	--------	d-----w-	c:\program files\ConduitEngine
2010-12-28 01:09 . 2010-12-28 01:09	0	----a-w-	c:\windows\system32\ConduitEngine.tmp
2010-12-28 01:08 . 2010-12-28 01:08	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Conduit
2010-12-27 14:23 . 2010-12-27 15:04	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-12-27 05:10 . 2010-12-28 20:11	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Winload
2010-12-27 05:10 . 2010-12-28 01:09	--------	d-----w-	c:\program files\Winload
2010-12-27 04:00 . 2010-12-27 04:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\Blizzard
2010-12-27 01:10 . 2008-10-10 03:52	452440	----a-w-	c:\windows\system32\d3dx10_40.dll
2010-12-27 01:07 . 2010-12-27 01:07	--------	d-----w-	c:\windows\Logs
2010-12-27 00:26 . 2010-12-27 00:39	--------	d-----w-	c:\program files\Screaming Bee
2010-12-26 23:34 . 2010-12-27 00:36	--------	d-----w-	c:\documents and settings\Alin\Application Data\Screaming Bee
2010-12-26 23:33 . 2010-12-26 23:34	--------	d-----w-	c:\documents and settings\All Users\Application Data\Screaming Bee
2010-12-20 22:23 . 2010-12-20 22:23	--------	d-----w-	c:\program files\DynDNS Updater
2010-12-20 22:23 . 2010-12-20 22:23	--------	d-----w-	c:\documents and settings\All Users\Application Data\DynDNS
2010-12-20 22:07 . 2010-12-27 19:00	--------	d-----w-	c:\documents and settings\All Users\Application Data\boost_interprocess
2010-12-20 00:20 . 2010-12-20 00:20	--------	d-----w-	c:\program files\vcmm
2010-12-19 20:45 . 2010-12-19 20:45	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\Locktime
2010-12-19 20:44 . 2010-12-19 20:44	--------	d-----w-	c:\documents and settings\All Users\Application Data\Locktime
2010-12-19 20:44 . 2010-12-19 20:44	--------	d-----w-	c:\program files\NetLimiter 3
2010-12-15 16:42 . 2010-12-14 19:07	2577776	----a-w-	c:\windows\system32\pbsvc_heroes.exe
2010-12-15 12:33 . 2010-12-19 14:11	270240	----a-w-	c:\windows\system32\PnkBstrB.xtr
2010-12-15 12:32 . 2010-12-15 12:32	--------	d-----w-	c:\documents and settings\Alin\Local Settings\Application Data\PunkBuster
2010-12-14 19:31 . 2008-04-13 19:47	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2010-12-14 19:31 . 2008-04-13 19:47	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2010-12-14 19:27 . 2010-12-14 19:27	--------	d-----w-	c:\documents and settings\All Users\Application Data\Brother
2010-12-14 19:21 . 2010-12-14 19:36	--------	d-----w-	c:\documents and settings\Alin\Application Data\Brother
2010-12-14 19:20 . 2010-12-14 19:29	--------	d-----w-	c:\program files\Brother
2010-12-14 19:18 . 2010-12-19 14:11	139080	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-12-14 19:18 . 2010-12-16 11:06	138056	----a-w-	c:\documents and settings\Alin\Application Data\PnkBstrK.sys
2010-12-14 19:17 . 2010-12-19 14:11	270240	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-12-14 19:17 . 2010-12-17 12:05	270240	----a-w-	c:\windows\system32\PnkBstrB.ex0
2010-12-14 19:17 . 2010-12-16 11:05	75136	----a-w-	c:\windows\system32\PnkBstrA.exe
2010-12-11 16:00 . 2010-11-25 15:28	13304	----a-w-	c:\windows\system32\drivers\TVMonitor.sys
2010-12-11 13:44 . 2010-12-11 13:44	--------	d-----w-	c:\program files\Rockstar Games
2010-12-11 13:44 . 2002-12-05 13:10	155648	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2010-12-11 13:44 . 2002-12-02 12:33	57344	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2010-12-11 13:44 . 2002-12-02 12:33	237568	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2010-12-11 13:44 . 2003-02-27 15:12	696320	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2010-12-11 13:44 . 2002-12-02 14:22	5632	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2010-12-11 13:44 . 2010-12-11 13:44	282756	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2010-12-11 13:44 . 2010-12-11 13:44	163972	----a-w-	c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2010-12-10 22:36 . 2010-12-10 22:36	--------	d-----w-	c:\program files\iPod
2010-12-10 22:36 . 2010-12-10 22:37	--------	d-----w-	c:\program files\iTunes
2010-12-10 22:34 . 2010-12-10 22:34	--------	d-----w-	c:\documents and settings\LocalService\Application Data\Apple Computer
2010-12-10 20:27 . 2010-12-10 20:27	--------	d-----w-	c:\program files\WinSCP

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-24 14:17 . 2010-10-10 21:24	12920	----a-w-	c:\windows\system32\apl001.sys
2010-12-24 14:17 . 2010-10-10 21:24	10872	----a-w-	c:\windows\system32\apf001.sys
2010-12-24 11:56 . 2010-10-08 18:43	135096	----a-w-	c:\windows\system32\drivers\avipbb.sys
2010-11-23 07:39 . 2010-10-08 18:43	61960	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2010-11-18 18:12 . 2010-10-09 02:27	81920	----a-w-	c:\windows\system32\isign32.dll
2010-11-05 05:05 . 2004-08-04 12:00	667136	----a-w-	c:\windows\system32\wininet.dll
2010-11-05 05:05 . 2004-08-04 12:00	61952	----a-w-	c:\windows\system32\tdc.ocx
2010-11-05 05:05 . 2004-08-04 12:00	81920	----a-w-	c:\windows\system32\ieencode.dll
2010-11-03 12:59 . 2004-08-04 12:00	369664	----a-w-	c:\windows\system32\html.iec
2010-11-02 15:17 . 2004-08-04 12:00	40960	----a-w-	c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2004-08-04 12:00	290048	----a-w-	c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2004-08-04 12:00	1853312	----a-w-	c:\windows\system32\win32k.sys
2010-10-19 20:51 . 2010-12-04 22:44	222080	------w-	c:\windows\system32\MpSigStub.exe
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26	3908192	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}]
2010-10-18 10:26	3908192	----a-w-	c:\program files\Winload\tbWin0.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-21 281768]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888]
"SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk]
path=c:\documents and settings\Alin\Start Menu\Programs\Startup\iPhoneRingToneMaker.lnk
backup=c:\windows\pss\iPhoneRingToneMaker.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk
backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\TrayMin230.lnk
backup=c:\windows\pss\TrayMin230.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch]
2011-01-02 16:29	319488	----a-w-	d:\4story\PrePatch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-10 11:49	932288	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-11-10 11:49	35736	----a-w-	c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-09-16 20:04	1164584	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-11-17 19:59	421160	----a-w-	c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12	1695232	------w-	c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter]
2010-08-30 13:16	1781760	----a-w-	c:\program files\NetLimiter 3\NLClientApp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2010-07-09 14:24	13923432	----a-w-	c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-07-09 14:24	110696	----a-w-	c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-09-08 09:17	421888	----a-w-	c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip]
2010-11-30 13:03	12797232	----a-w-	c:\program files\SmartVoip.com\SmartVoip\SmartVoip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor]
2007-12-10 14:55	323584	----a-w-	c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor]
2007-12-10 14:55	323584	----a-w-	c:\windows\Philips\SPC230NC\Monitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise]
2010-10-04 15:43	11704624	----a-w-	c:\program files\Voipwise.com\Voipwise\Voipwise.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WinVNC4"=2 (0x2)
"iPod Service"=3 (0x3)
"ServiceLayer"=3 (0x3)
"PnkBstrA"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"npggsvc"=3 (0x3)
"nlsvc"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"idsvc"=3 (0x3)
"gupdate"=2 (0x2)
"DynDNS Updater"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SoftnyxGame\\WolfTeamIS\\Wolfteam.bin"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"=
"c:\\Program Files\\SmartVoip.com\\SmartVoip\\SmartVoip.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\PacSteamT\\SteamApps\\killahorst482\\counter-strike source\\hl2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface

R1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [30.08.2010 14:24 5281672]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [04.08.2004 13:00 14336]
R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [08.10.2010 19:43 135336]
R3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [11.12.2010 17:00 13304]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26.11.2009 00:06 34384]
S3 apf001;apf001;c:\program files\SoftnyxGame\WolfTeamIS\apf001.sys [10.10.2010 22:09 10872]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.10.2010 22:02 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.10.2010 22:02 8320]
S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [06.11.2010 22:03 8576]
S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\drivers\SPC230NC.SYS [06.11.2010 22:03 461056]
S4 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.04.2010 17:19 103800]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08.10.2010 18:40 136176]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners

2010-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40]

2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\
FF - prefs.js: browser.startup.homepage - google.de
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com
FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb}
FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung
FF - Ext: Mein Gutscheincode Finder: finder@meingutscheincode.de - %profile%\extensions\finder@meingutscheincode.de
FF - Ext: Show my Password: {cd617372-6743-4ee4-bac4-fbf60f35719e} - %profile%\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-JP595IR86O - c:\docume~1\Alin\LOCALS~1\Temp\Ixd.exe
MSConfigStartUp-NtWqIVLZEWZU - c:\docume~1\Alin\LOCALS~1\Temp\Ixe.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSConfigStartUp-Vectir - c:\program files\Vectir\Vectir.exe
AddRemove-Dead Rising 2_is1 - d:\dead s\Dead Rising 2\Uninstall\unins000.exe
AddRemove-Multi Theft Auto - c:\fraps\gta\Vice City\Multi Theft Auto\Uninstall.exe
AddRemove-PacSteamT - c:\pacsteamt\PacSteamT-Uninstall.exe
AddRemove-PunkBusterSvc - d:\woflteam\pbsvc_heroes.exe
AddRemove-Steam App 4100 - c:\pacsteamt\steam.exe
AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - d:\woflteam\uninstaller.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2011-01-07 17:38
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse... 

Scanne versteckte Autostarteinträge... 

Scanne versteckte Dateien... 

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'explorer.exe'(2416)
c:\windows\system32\WPDShServiceObj.dll
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-07  17:42:23 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-01-07 16:42

Vor Suchlauf: 3.704.340.480 bytes free
Nach Suchlauf: 5.021.462.528 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 0645C93133C22DAF6A6B30742A3C6964
         


.

Alt 07.01.2011, 18:01   #9
markusg
/// Malware-holic
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



lade den CCleaner slim:
Piriform - Builds
falls der CCleaner bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.01.2011, 18:21   #10
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



Code:
ATTFilter
7-Zip 4.65		notwendig
AC3Filter 1.63b	Alexander Vigovsky	1.63b  notwendig
Adobe Flash Player 10 ActiveX	Adobe Systems Incorporated	10.1.85.3 notwendig
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	10.1.85.3 notwendig
Adobe Reader X - Deutsch	Adobe Systems Incorporated	10.0.0 notwendig
Akamai NetSession Interface	unbekannt	
Apple Application Support	Apple Inc.	1.4.1 notwendig
Apple Mobile Device Support	Apple Inc.	3.3.0.69 notwendig
Apple Software Update	Apple Inc.	2.1.2.120 notwendig
Avira AntiVir Personal - Free Antivirus	Avira GmbH	10.0.0.609 notwendig
Bonjour	Apple Inc.	2.0.3.0 notwendig
Brother BRAdmin Professional 2.81	Brother	2.81 unnötig
Brother MFL-Pro Suite		1.00.000 unnötig
CCleaner	Piriform	3.02 is klar
Cheat Engine 5.6.1	Dark Byte	unnötig 
COMPUTERBILD-Abzockschutz	J3S	1.0.30 woher habe ich das ?
Counter-Strike: Source	Valve	notwendig
DivX-Setup	DivX, Inc. 	2.1.0.12 notwendig
DynDNS Updater	Dynamic Network Services, Inc.	4.1.6 unnötig
Fraps (remove only)		unnötig
Furry Voices for Second Life	Screaming Bee	1.3.0 unnötig
Grand Theft Auto Vice City		1.00.000 naja notwendig
High Definition Audio Driver Package - KB835221	Microsoft Corporation	20040219.000000 notwendig
Intel(R) PRO Network Connections Drivers	notwendig	
iTunes	Apple Inc.	10.1.0.56  notwendig
Java(TM) 6 Update 20	Sun Microsystems, Inc.	6.0.200 ich glaube notwendig
JDownloader	AppWork UG (haftungsbeschränkt)	 notwendig
Malwarebytes' Anti-Malware	Malwarebytes Corporation   is klar	
Microsoft .NET Framework 1.1		notwendig
Microsoft .NET Framework 2.0 Service Pack 1	Microsoft Corporation	2.1.21022 notwendig
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU	Microsoft Corporation	2.1.21022 notwendig
Microsoft .NET Framework 3.0 Service Pack 1	Microsoft Corporation	3.1.21022 notwendig
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU	Microsoft Corporation	3.1.21022 notwendig
Microsoft .NET Framework 3.5	Microsoft Corporation	notwendig
Microsoft .NET Framework 3.5 Language Pack - DEU	Microsoft Corporation	notwendig
Microsoft Compression Client Pack 1.0 for Windows XP	Microsoft Corporation	notwendig
Microsoft Office Word 2007	Microsoft Corporation	12.0.4518.1014  notwendig
Microsoft User-Mode Driver Framework Feature Pack 1.9	Microsoft Corporation	unbekannt ?
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	8.0.59193 notwendig 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	9.0.30729.4148 notwendig
MorphVOX Pro	Screaming Bee	4.3.3 unnötig
Mozilla Firefox (3.6.13)	Mozilla	3.6.13 (de) notwendig
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	4.20.9876.0 unbekannt 
MSXML 6.0 Parser (KB925673)	Microsoft Corporation	6.00.3888.0 unbekannt
NetLimiter 3	Locktime Software s.r.o.	3.0.0.10 unnötig
Nokia Connectivity Cable Driver	Nokia	7.1.31.0 unnötig
Nokia Ovi Suite	Nokia	2.2.1.23 unnötig
Nokia Ovi Suite Software Updater	Nokia Corporation	02.05.008.43342 unnötig
NVIDIA Display Control Panel	NVIDIA Corporation	6.14.12.5896 notwendig
NVIDIA Drivers	NVIDIA Corporation	1.10.62.40 notwendig
NVIDIA nView Desktop Manager	NVIDIA Corporation	6.14.10.13527 notwendig
PC Connectivity Solution	Nokia	10.33.1.0 unnötig
Personality Voices	Screaming Bee	1.0.0 unnötig
Philips Intelligent Agent	Philips	2.2 unnötig
Philips SPC230NC Webcam	Philips	1.0.0.0 unnötig
QuickTime	Apple Inc.	7.68.75.0 unnötig
SigmaTel Audio	SigmaTel	5.10.4600.0 notwendig
Skype Toolbars	Skype Technologies S.A.	5.0.4137 unnötig	
Skype™ 5.0	Skype Technologies S.A.	5.0.156 notwendig
SmartVoip	Finarea S.A. Switzerland	4.07 build 620 notwendig
Special Effects Voices	Screaming Bee	1.0.2 unnötig
System Requirements Lab CYRI	Husdawg, LLC	4.3.1.0 unbekannt
TeamSpeak 3 Client	TeamSpeak Systems GmbH	 notwendig
TeamViewer 5	TeamViewer GmbH	5.1.9385  notwendig
TeamViewer 6	TeamViewer GmbH	6.0.9947  notwendig
Vegas Pro 9.0	Sony	9.0.1147  notwendig
Vice City Mod Manager		naja notwendig
VirtualCloneDrive	Elaborate Bytes	 notwendig
VNC Free Edition 4.1.3	RealVNC Ltd.	4.1.3  unnötig
Voipwise	Finarea S.A. Switzerland	4.06 build 596 notwendig
Webcam Video Viewer	ArcSoft	 unnötig
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0)	Nokia	08/22/2008 7.0.0.0 unnötig
Windows Media Format 11 runtime		notwendig
Windows Media Player 11		notwendig
Windows XP Service Pack 3	Microsoft Corporation	20080414.031525  notwendig
Winload Toolbar	??? unnötig	
WinSCP 4.0.7	Martin Prikryl	4.0.7   notwendig
WMPKeys	lazymf and kbept	1.2.0.0  notwendig
WolfTeam		notwendig
WolfTeam International	Softnyx co.,ltd.	notwendig
WolfTeam-DE		notwendig
World of Warcraft	Blizzard Entertainment	3.3.2.11403  unnötig
µTorrent		2.0.4         notwendig
         

Alt 12.01.2011, 15:32   #11
flavers
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Gelöst



Also ich weis nicht wie oder wann genau aber mein problem hat sich gelöst woran es am ende lag weis ich immer noch nicht trotzdem.


vielen dank

Alt 12.01.2011, 15:49   #12
markusg
/// Malware-holic
 
Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - Standard

Rechtklick im ordner geht nicht und ausrühren nicht einstellbar



sorry hab deinen post übersehen

deinstaliere:
Brother beide
Cheat Engine
COMPUTERBILD vllt von einer computer bild cd?cd, falls nicht nötig, weg damit
DynDNS
Fraps
Furry Voices
MorphVOX
NetLimiter
Nokia alle 3
PC Connectivity Solution
Personality Voices
Philips beide
Skype Toolbars
Special Effects
TeamViewer 5 eine version reicht und version 6 ist aktuell
VNC Free Edition
Webcam
Winload Toolbar
World of Warcraft

bereinige dann mit dem ccleaner.
hatte avira vllt seit dem 7.januar funde?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Rechtklick im ordner geht nicht und ausrühren nicht einstellbar
ausführen, conduit, explorer rechtsklick ausführen, folge, folgendes, geht nicht, guten, heard, hkus\s-1-5-18, icon, klick, leiste, markiert, nichts, ordner, plug-in, problem, startleiste, winload toolbar, wirkliche




Ähnliche Themen: Rechtklick im ordner geht nicht und ausrühren nicht einstellbar


  1. Win 7: Ordner wird nicht gefunden / kann nicht gelöscht werden
    Alles rund um Windows - 18.12.2015 (39)
  2. USB Maus geht nicht mehr - neue Maus geht nach 2 Tagen auch nicht mehr!
    Netzwerk und Hardware - 26.10.2015 (4)
  3. Booten langsam, Drucker geht...geht nicht,Programme öffnen geht...geht nicht
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (19)
  4. Auf ein mal mehrere Probleme: Datein nicht zu öffnen, youtube geht nicht, Download geht nicht...
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (20)
  5. Windows 7 - Internet (im Browser) geht nicht, nslookup funktioniert ebenfalls nicht
    Alles rund um Windows - 24.12.2014 (6)
  6. Avira Desktop lässt sich nicht aktivieren & Windows Updates geht nicht mehr: Schlüssel im angegebenen Status nicht gültig!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.11.2014 (16)
  7. Windows 8 startet nicht, da Anmeldung nicht moeglich! Tastatur geht nicht.
    Plagegeister aller Art und deren Bekämpfung - 13.07.2013 (25)
  8. Win 7 Update geht nicht mehr,Wartungscenter lässt sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 24.07.2012 (5)
  9. Rechtsklick auf Datein/Ordner geht nicht mehr
    Alles rund um Windows - 10.06.2012 (1)
  10. Seite konnte nicht geladen werden, Abgesicherter Modus geht nicht
    Alles rund um Windows - 16.03.2012 (16)
  11. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  12. Komme nicht ins Bios con Laptop ++ Maus und Tastatur geht nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 22.09.2011 (6)
  13. Nach Neuinstallation (win 7): Kein Zugriff auf Alte ordner; kann Ordner nicht löschen
    Alles rund um Windows - 04.11.2009 (1)
  14. Windows Firewall aktiv aber nicht Einstellbar
    Antiviren-, Firewall- und andere Schutzprogramme - 13.06.2009 (2)
  15. finde recycler Datei nicht/kann Ordner nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 09.06.2009 (1)
  16. BAGLE-AS TROJAN gefunden, abgesicherter Modus geht nicht & Ordner gemeinsame Dateien
    Alles rund um Windows - 14.02.2007 (3)
  17. Norton hat Backdoor.Nubu.J gefunden, bekomme den nicht weg+das Fenster geht nicht zu
    Plagegeister aller Art und deren Bekämpfung - 17.06.2005 (2)

Zum Thema Rechtklick im ordner geht nicht und ausrühren nicht einstellbar - guten morgen. ich finde nicht wirklichen einen theard der zu meinen problem passt. also folgendes: wenn ich in einen ordner etwas rechklicke wird es nur markiert sonst nichts und seit - Rechtklick im ordner geht nicht und ausrühren nicht einstellbar...
Archiv
Du betrachtest: Rechtklick im ordner geht nicht und ausrühren nicht einstellbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.