![]() |
Log-Analyse und Auswertung: Rechtklick im ordner geht nicht und ausrühren nicht einstellbarWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() |
![]() | #1 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar guten morgen. ich finde nicht wirklichen einen theard der zu meinen problem passt. also folgendes: wenn ich in einen ordner etwas rechklicke wird es nur markiert sonst nichts und seit dem ist aus das ausführen icon im meiner startleiste verschwunden. bevor ich es vergesse hier die hijackthislog: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 04:49:14, on 06.01.2011 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\NetLimiter 3\nlsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Alin\My Documents\Downloads\HiJackThis204.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll O1 - Hosts: gs.apple.com O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - mscoree.dll (file missing) O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll O2 - BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll O3 - Toolbar: COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - mscoree.dll (file missing) O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun O4 - HKLM\..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe /tray O4 - HKCU\..\Run: [Voipwise] "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" -nosplash -minimized O4 - HKCU\..\Run: [Svchost.exe] "C:\Documents and Settings\Alin\Application Data\system32\Svchost.exe" O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 7539 bytes danke für euer hilfe -flavers |
![]() | #2 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar Systemscan mit OTL
__________________download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten
__________________ |
![]() | #3 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar vielen dank für deine antwort:
__________________beim scannen ging antivir auf kernel32.exe los hab nichts unternomen hier die files: ORT: OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.01.2011 19:58:01 - Run 1 OTL by OldTimer - Version Folder = C:\Documents and Settings\Alin\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: ALI | User Name: Alin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools) PRC - D:\PacSteamT\steam.exe (Valve Corporation) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Documents and Settings\Alin\Local Settings\Application Data\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.) SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) ========== Driver Services (SafeList) ========== DRV - (EagleXNt) -- C:\WINDOWS\System32\drivers\EagleXNt.sys File not found DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (MonitorFunction) -- C:\WINDOWS\system32\drivers\TVMonitor.sys (TeamViewer GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (apf001) -- C:\Program Files\SoftnyxGame\WolfTeamIS\apf001.sys () DRV - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software) DRV - (NLNdisPT) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software) DRV - (NLNdisMP) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (SPC230NC) -- C:\WINDOWS\system32\drivers\SPC230NC.SYS (PixArt Imaging Inc.) DRV - (PAEAFLT.sys) -- C:\WINDOWS\system32\drivers\PAEAFLT.sys (PixArt Imaging Incorporation) DRV - (BrUsbSer) -- C:\WINDOWS\system32\drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerIf) -- C:\WINDOWS\system32\drivers\BrSerIf.sys (Brother Industries Ltd.) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}: FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com: FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.4 FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2 FF - prefs.js..extensions.enabledItems: {cd617372-6743-4ee4-bac4-fbf60f35719e}:2.0 FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1 FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.11 22:03:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.15 00:42:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 13:55:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.11 22:03:16 | 000,000,000 | ---D | M] [2010.10.08 18:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Extensions [2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions [2010.12.17 20:25:54 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb} [2010.10.30 22:18:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.01.03 21:11:03 | 000,000,000 | ---D | M] ("Show my Password") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e} [2011.01.03 21:03:12 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2010.11.12 15:34:48 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2010.12.14 20:06:37 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com [2010.12.27 06:10:41 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\finder@meingutscheincode.de [2010.12.25 01:43:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\foxyproxy@eric.h.jung [2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.01.04 21:33:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.08 20:09:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.08 20:09:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.10.11 22:03:15 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2010.10.08 20:09:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.12.11 13:55:05 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.11 13:55:05 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.11 13:55:05 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.11 13:55:05 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.11 13:55:05 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.12.10 23:26:49 | 000,000,787 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O1 - Hosts: gs.apple.com O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) O4 - HKLM..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe (Zamiinc) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software) O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [Voipwise] C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.09 03:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005.07.07 20:34:30 | 000,001,871 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "WinVNC4" MsConfig - Services: "iPod Service" MsConfig - StartUpFolder: C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk - C:\PROGRA~1\IPHONE~1\IPHONE~1.EXE - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe - () MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: JP595IR86O - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixd.exe File not found MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: NtWqIVLZEWZU - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixe.exe File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: SmartVoip - hkey= - key= - C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip) MsConfig - StartUpReg: SPC230NC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation) MsConfig - StartUpReg: SPC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found MsConfig - StartUpReg: Vectir - hkey= - key= - C:\Program Files\Vectir\Vectir.exe File not found MsConfig - StartUpReg: Voipwise - hkey= - key= - C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183584330711040) ========== Files/Folders - Created Within 30 Days ========== [2011.01.06 06:51:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.01.06 06:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ApplicationHistory [2011.01.06 06:04:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011.01.05 00:43:56 | 000,000,000 | ---D | C] -- C:\PacSteamT [2011.01.05 00:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\system32 [2011.01.03 21:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMPUTERBILD-Abzockschutz [2010.12.31 00:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\4Story [2010.12.29 05:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2010.12.29 04:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2010.12.29 01:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 5.6.1 [2010.12.29 01:54:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll [2010.12.29 01:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine [2010.12.28 19:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft [2010.12.28 15:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\New Folder (2) [2010.12.28 03:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment [2010.12.28 02:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ConduitEngine [2010.12.28 02:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2010.12.28 02:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Conduit [2010.12.27 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.a245eed4.temp [2010.12.27 20:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.00e505a9.temp [2010.12.27 18:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.ff4901e2.temp [2010.12.27 17:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.e765bc52.temp [2010.12.27 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.faa30dfe.temp [2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.cf8a77c4.temp [2010.12.27 06:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Winload [2010.12.27 06:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winload [2010.12.27 05:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010.12.27 05:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.temp [2010.12.27 05:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp [2010.12.27 05:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2010.12.27 02:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\My Games [2010.12.27 02:11:12 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010.12.27 02:11:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010.12.27 02:11:12 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010.12.27 02:11:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010.12.27 02:11:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010.12.27 02:11:10 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010.12.27 02:11:10 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010.12.27 02:11:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010.12.27 02:11:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010.12.27 02:11:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010.12.27 02:11:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010.12.27 02:11:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2010.12.27 02:11:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010.12.27 02:11:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2010.12.27 02:11:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2010.12.27 02:11:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2010.12.27 02:11:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2010.12.27 02:11:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2010.12.27 02:11:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2010.12.27 02:11:04 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010.12.27 02:11:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010.12.27 02:11:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010.12.27 02:11:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2010.12.27 02:11:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2010.12.27 02:11:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2010.12.27 02:11:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2010.12.27 02:10:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2010.12.27 02:10:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2010.12.27 02:10:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2010.12.27 02:10:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2010.12.27 02:10:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2010.12.27 02:10:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2010.12.27 02:10:57 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2010.12.27 02:10:57 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2010.12.27 02:10:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2010.12.27 02:10:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2010.12.27 02:10:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2010.12.27 02:10:55 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2010.12.27 02:10:55 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2010.12.27 02:10:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2010.12.27 02:10:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2010.12.27 02:10:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2010.12.27 02:10:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2010.12.27 02:10:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2010.12.27 02:10:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2010.12.27 02:10:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2010.12.27 02:10:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2010.12.27 02:10:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2010.12.27 02:10:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2010.12.27 02:10:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2010.12.27 02:10:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2010.12.27 02:10:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2010.12.27 02:10:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2010.12.27 02:10:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2010.12.27 02:10:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2010.12.27 02:10:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2010.12.27 02:10:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2010.12.27 02:10:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2010.12.27 02:10:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2010.12.27 02:10:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2010.12.27 02:10:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2010.12.27 02:10:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2010.12.27 02:10:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2010.12.27 02:10:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2010.12.27 02:10:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2010.12.27 02:10:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2010.12.27 02:10:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2010.12.27 02:10:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2010.12.27 02:10:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2010.12.27 02:10:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2010.12.27 02:10:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2010.12.27 02:10:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2010.12.27 02:10:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2010.12.27 02:10:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2010.12.27 02:10:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2010.12.27 02:10:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2010.12.27 02:10:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2010.12.27 02:10:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2010.12.27 02:10:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2010.12.27 02:10:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2010.12.27 02:10:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2010.12.27 02:10:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll [2010.12.27 02:10:29 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2010.12.27 02:10:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2010.12.27 02:10:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2010.12.27 02:10:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll [2010.12.27 02:10:28 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2010.12.27 02:10:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2010.12.27 02:10:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2010.12.27 02:10:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2010.12.27 02:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2010.12.27 01:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee [2010.12.27 00:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CAPCOM [2010.12.27 00:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2010.12.27 00:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screaming Bee [2010.12.27 00:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.12.25 23:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010.12.20 23:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DynDNS Updater [2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\DynDNS Updater [2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.20 23:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\Vice City Mod Manager [2010.12.20 01:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\vcmm [2010.12.20 00:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games [2010.12.19 21:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Locktime [2010.12.19 21:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\NetLimiter 3 [2010.12.19 21:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.12.19 21:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3 [2010.12.16 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\Battlefield Heroes [2010.12.16 12:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\EA Games [2010.12.15 15:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\June 25 [2010.12.15 13:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\PunkBuster [2010.12.14 20:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother [2010.12.14 20:31:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2010.12.14 20:28:56 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll [2010.12.14 20:28:56 | 000,053,248 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIf.sys [2010.12.14 20:28:56 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04b.dll [2010.12.14 20:28:56 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys [2010.12.14 20:28:56 | 000,011,904 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSer.sys [2010.12.14 20:28:54 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll [2010.12.14 20:28:53 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe [2010.12.14 20:28:53 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll [2010.12.14 20:28:48 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL [2010.12.14 20:28:48 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll [2010.12.14 20:28:48 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE [2010.12.14 20:28:42 | 000,000,000 | ---D | C] -- C:\Brother [2010.12.14 20:28:37 | 000,122,880 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll [2010.12.14 20:28:36 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll [2010.12.14 20:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother [2010.12.14 20:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Brother [2010.12.14 20:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother Administrator Utilities [2010.12.14 20:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Brother [2010.12.11 17:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6 [2010.12.11 17:00:57 | 000,013,304 | ---- | C] (TeamViewer GmbH) -- C:\WINDOWS\System32\drivers\TVMonitor.sys [2010.12.11 14:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2010.12.11 14:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\San Andreas Multiplayer [2010.12.11 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\GTA San Andreas User Files [2010.12.10 23:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2010.12.10 23:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.12.10 23:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.12.10 23:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer [2010.12.10 21:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinSCP [2010.12.10 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.06 19:50:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.01.06 16:34:04 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.01.06 16:33:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.01.06 16:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.01.06 16:33:45 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.01.06 06:47:06 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.01.06 06:45:50 | 000,441,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.01.06 06:45:50 | 000,071,250 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.01.05 15:39:37 | 000,000,265 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs [2011.01.04 22:49:01 | 000,000,076 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url [2011.01.04 21:31:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2011.01.04 17:21:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk [2011.01.02 17:29:13 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk [2011.01.02 00:59:05 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl [2011.01.01 17:04:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.30 07:41:05 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk [2010.12.29 01:54:24 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk [2010.12.28 19:32:35 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk [2010.12.28 10:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.12.28 03:15:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\WinInit.Ini [2010.12.28 02:56:08 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.27 06:13:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp [2010.12.27 06:10:28 | 003,325,446 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe [2010.12.27 00:33:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk [2010.12.26 03:01:33 | 000,037,170 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg [2010.12.24 15:17:35 | 000,012,920 | ---- | M] () -- C:\WINDOWS\System32\apl001.sys [2010.12.24 15:17:35 | 000,010,872 | ---- | M] () -- C:\WINDOWS\System32\apf001.sys [2010.12.24 12:56:29 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010.12.21 01:54:33 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk [2010.12.20 23:23:05 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk [2010.12.19 15:11:38 | 000,139,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.12.19 15:11:17 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.12.17 13:05:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0 [2010.12.16 21:26:53 | 000,090,945 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf [2010.12.16 12:06:10 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys [2010.12.15 17:24:45 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini [2010.12.14 20:36:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\brwmark.ini [2010.12.14 20:31:48 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7420.dat [2010.12.14 20:29:34 | 000,000,209 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini [2010.12.14 20:29:34 | 000,000,092 | ---- | M] () -- C:\WINDOWS\brpcfx.ini [2010.12.14 20:29:34 | 000,000,052 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI [2010.12.14 20:07:48 | 002,577,776 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe [2010.12.13 00:25:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2010.12.11 17:01:01 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk [2010.12.10 23:37:11 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010.12.10 23:26:49 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella [2010.12.10 23:26:49 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.12.10 22:06:55 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Alin\PUTTY.RND [2010.12.10 21:27:40 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.05 00:15:24 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\logfile.txt [2011.01.05 00:02:42 | 000,000,265 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs [2011.01.04 23:55:24 | 000,467,968 | -H-- | C] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2011.01.04 17:21:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk [2011.01.02 17:29:13 | 000,000,442 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk [2011.01.02 00:59:05 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl [2011.01.01 17:04:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.30 07:41:07 | 000,000,466 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk [2010.12.29 01:54:24 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk [2010.12.29 01:54:22 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2010.12.28 04:41:55 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk [2010.12.28 03:15:54 | 000,000,229 | ---- | C] () -- C:\WINDOWS\WinInit.Ini [2010.12.27 06:13:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp [2010.12.27 06:09:33 | 003,325,446 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe [2010.12.27 00:33:16 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk [2010.12.26 03:01:32 | 000,037,170 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg [2010.12.21 01:54:33 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk [2010.12.20 23:23:05 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk [2010.12.20 15:35:51 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url [2010.12.16 21:26:52 | 000,090,945 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf [2010.12.15 17:42:16 | 002,577,776 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe [2010.12.15 17:24:40 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini [2010.12.15 13:33:43 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.12.14 20:29:34 | 000,000,432 | ---- | C] () -- C:\WINDOWS\brwmark.ini [2010.12.14 20:29:34 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2010.12.14 20:29:34 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2010.12.14 20:29:34 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7420.dat [2010.12.14 20:29:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010.12.14 20:28:53 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL [2010.12.14 20:28:42 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp [2010.12.14 20:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2010.12.14 20:18:09 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.12.14 20:18:08 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys [2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0 [2010.12.14 20:17:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010.12.11 17:01:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk [2010.12.10 23:37:11 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010.12.10 21:27:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Alin\PUTTY.RND [2010.12.10 21:27:40 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk [2010.12.05 21:26:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\mta.ini [2010.12.03 11:34:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010.11.06 22:03:26 | 000,000,842 | ---- | C] () -- C:\WINDOWS\System32\SPC230NC.INI [2010.10.24 20:48:58 | 000,001,165 | ---- | C] () -- C:\WINDOWS\Settings.ini [2010.10.13 00:31:57 | 000,094,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010.10.11 14:54:26 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.10 22:24:14 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys [2010.10.10 22:24:14 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys [2010.10.08 15:24:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI ========== LOP Check ========== [2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft [2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers [2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader [2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron [2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo [2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker [2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia [2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite [2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera [2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite [2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers [2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip [2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony [2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32 [2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab [2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer [2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client [2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent [2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise [2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips [2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > [2010.11.23 10:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2010.10.21 17:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2010.10.21 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2010.10.08 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira [2010.12.27 05:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2010.12.28 03:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment [2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.14 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother [2010.10.08 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.11.22 09:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee [2010.12.04 23:42:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2011.01.06 16:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2010.10.08 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips [2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.10.30 10:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010.10.08 20:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2010.12.04 23:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009.02.04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2010.11.10 22:03:57 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA0000000001}\setup.exe [2010.12.10 23:30:34 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes\SetupAdmin.exe [2010.10.08 19:15:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe [2010.10.08 19:15:46 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe [2010.10.08 19:15:47 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe [2010.10.08 19:15:51 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe [2010.10.08 19:15:46 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe [2010.10.08 19:15:47 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe [2010.10.08 19:15:48 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe [2010.10.08 19:15:48 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe [2010.10.08 19:15:45 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe [2010.10.08 19:15:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe [2010.10.08 19:13:52 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe [2010.10.08 19:13:44 | 000,876,824 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe [2010.10.08 19:15:48 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe [2010.10.08 19:15:50 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe [2010.11.15 14:41:09 | 000,155,648 | ---- | M] (Nexon) -- C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe [2010.10.11 22:00:23 | 102,913,480 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe [2010.10.11 22:00:48 | 000,050,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe [2010.10.11 22:00:48 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe [2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe [2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe [2010.10.11 22:00:52 | 013,930,312 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe [2010.10.11 22:00:55 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe < %APPDATA%\*. > [2010.11.22 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Adobe [2010.12.05 03:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Apple Computer [2010.11.06 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\ArcSoft [2010.10.19 20:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Avira [2010.12.14 20:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Brother [2010.10.11 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DivX [2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft [2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers [2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader [2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron [2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo [2010.10.09 03:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Identities [2010.11.06 22:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\InstallShield [2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker [2010.10.08 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Macromedia [2010.11.22 09:20:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Alin\Application Data\Microsoft [2010.10.08 18:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Mozilla [2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia [2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite [2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera [2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite [2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers [2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2011.01.04 21:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Skype [2011.01.04 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\skypePM [2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip [2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony [2010.10.08 20:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sun [2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32 [2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab [2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer [2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client [2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent [2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise [2010.10.08 22:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\WinRAR < %APPDATA%\*.exe /s > [2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys [2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: EXPLORER.EXE > [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2004.08.04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe < MD5 for: NETLOGON.DLL > [2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004.08.04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USER32.DLL > [2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll [2004.08.04 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll < MD5 for: USERINIT.EXE > [2004.08.04 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.10.08 15:22:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010.10.08 15:22:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010.10.08 15:22:04 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] ========== Files - Unicode (All) ========== [2010.11.15 15:08:15 | 000,000,000 | ---D | M](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그 [2010.11.15 15:08:15 | 000,000,000 | ---D | C](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그 < End of report > extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.01.2011 19:58:01 - Run 1 OTL by OldTimer - Version Folder = C:\Documents and Settings\Alin\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: ALI | User Name: Alin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1495:TCP" = 1495:TCP:*:Enabled:Akamai NetSession Interface "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.) "C:\Killing Floor\System\KillingFloor.exe" = C:\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor -- File not found "C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin" = C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin:*:Enabled:Wolfteam -- (Softnyx Co., Ltd.) "C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia) "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise -- (Voipwise) "C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe" = C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe:*:Enabled:Poker Superstars II -- File not found "C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found "C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe" = C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe:*:Enabled:SmartVoip -- (SmartVoip) "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found "C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- File not found "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe" = D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam "{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{5D4B3647-9842-4875-B081-EF8D98C02865}" = WMPKeys "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{67A5D171-4C74-4075-A492-0E480FA4B944}" = Brother BRAdmin Professional 2.81 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform "{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3 "{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI "{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer "{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz "{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite "{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "4StoryDE_is1" = 4Story 3.4 "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 "7-Zip" = 7-Zip 4.65 "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "Dead Rising 2_is1" = Dead Rising 2 "DivX Setup.divx.com" = DivX-Setup "DynDNSUpdater" = DynDNS Updater "Fraps" = Fraps (remove only) "JDownloader" = JDownloader "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Multi Theft Auto" = Multi Theft Auto "Nokia Ovi Suite" = Nokia Ovi Suite "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "PacSteamT" = PacSteamT "Philips Intelligent Agent_is1" = Philips Intelligent Agent "PROSet" = Intel(R) PRO Network Connections Drivers "PunkBusterSvc" = PunkBuster Services "RealVNC_is1" = VNC Free Edition 4.1.3 "SmartVoip_is1" = SmartVoip "Steam App 240" = Counter-Strike: Source "Steam App 4100" = Poker Superstars II "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "vcmm" = Vice City Mod Manager "VirtualCloneDrive" = VirtualCloneDrive "Voipwise_is1" = Voipwise "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "Winload Toolbar" = Winload Toolbar "winscp3_is1" = WinSCP 4.0.7 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "WolfTeam" = WolfTeam "WolfTeam International_is1" = WolfTeam International "WolfTeam-DE" = WolfTeam-DE "WORD" = Microsoft Office Word 2007 "World of Warcraft" = World of Warcraft "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Alin) "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 31.12.2010 10:01:54 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 03.01.2011 12:12:38 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application wolfteam.bin, version, faulting module , version, fault address 0x00000000. Error - 03.01.2011 15:42:59 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 10:00:32 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 16:28:01 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 18:36:46 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application gta-vc.exe, version, faulting module gta-vc.exe, version, fault address 0x0017901d. Error - 04.01.2011 18:40:56 | Computer Name = ALI | Source = Application Hang | ID = 1002 Description = Hanging application hl2.exe, version, hang module hungapp, version, hang address 0x00000000. Error - 04.01.2011 19:38:21 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module explorer.exe, version 6.0.2900.5512, fault address 0x00009409. Error - 04.01.2011 19:38:29 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d. Error - 05.01.2011 19:53:51 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application gameoverlayui.exe, version, faulting module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b. [ NetLimiter 3 Events ] Error - 19.12.2010 16:46:06 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module> <desc>Failed to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 18:34:47 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module> <desc>Failed to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error> </nl-error-list> Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module> <desc>Failed to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error> </nl-error-list> Error - 03.01.2011 11:51:35 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2050</err-code> <module>NetLimiter.Main.643</module> <desc>Failed to call driver.</desc> <param name='last-error' value='0'/> <param name='fun-name' value='DeviceIoControl'/> <param name='ioctl' value='2286448'/> </nl-error> </nl-error-list> [ System Events ] Error - 05.01.2011 17:53:54 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 05.01.2011 17:58:52 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 05.01.2011 19:58:18 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 06.01.2011 11:56:11 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 06.01.2011 11:56:13 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The iPod Service service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:56:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Dienst "Bonjour" service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:56:32 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:57:20 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:57:33 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 14:24:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. < End of report > .danke |
![]() | #4 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar vielen dank für deine antwort: beim scannen ging antivir auf kernel32.exe los hab nichts unternomen hier die files: OTL Logfile: Code:
ATTFilter OTL logfile created on: 06.01.2011 19:58:01 - Run 1 OTL by OldTimer - Version Folder = C:\Documents and Settings\Alin\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: ALI | User Name: Alin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools) PRC - D:\PacSteamT\steam.exe (Valve Corporation) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Documents and Settings\Alin\Local Settings\Application Data\TeamSpeak 3 Client\ts3client_win32.exe (TeamSpeak Systems GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Alin\My Documents\Downloads\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_dbc0250.dll () SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (nlsvc) -- C:\Program Files\NetLimiter 3\nlsvc.exe (Locktime Software) SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (DynDNS Updater) -- C:\Program Files\DynDNS Updater\DynUpSvc.exe (Dynamic Network Services, Inc.) SRV - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.) ========== Driver Services (SafeList) ========== DRV - (EagleXNt) -- C:\WINDOWS\System32\drivers\EagleXNt.sys File not found DRV - (EagleNT) -- C:\WINDOWS\System32\drivers\EagleNT.sys File not found DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (MonitorFunction) -- C:\WINDOWS\system32\drivers\TVMonitor.sys (TeamViewer GmbH) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (apf001) -- C:\Program Files\SoftnyxGame\WolfTeamIS\apf001.sys () DRV - (nltdi) -- C:\Program Files\NetLimiter 3\nltdi.sys (Locktime Software) DRV - (NLNdisPT) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software) DRV - (NLNdisMP) -- C:\WINDOWS\system32\drivers\nlndis.sys (Locktime Software) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (nmwcdnsu) -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys (Nokia) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (SCREAMINGBDRIVER) -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys (Screaming Bee LLC) DRV - (VClone) -- C:\WINDOWS\system32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (avgio) -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (SPC230NC) -- C:\WINDOWS\system32\drivers\SPC230NC.SYS (PixArt Imaging Inc.) DRV - (PAEAFLT.sys) -- C:\WINDOWS\system32\drivers\PAEAFLT.sys (PixArt Imaging Incorporation) DRV - (BrUsbSer) -- C:\WINDOWS\system32\drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerIf) -- C:\WINDOWS\system32\drivers\BrSerIf.sys (Brother Industries Ltd.) DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.) DRV - (BrScnUsb) -- C:\WINDOWS\system32\drivers\BrScnUsb.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-507921405-1326574676-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}: FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com: FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.22.4 FF - prefs.js..extensions.enabledItems: finder@meingutscheincode.de:1.0.2 FF - prefs.js..extensions.enabledItems: {cd617372-6743-4ee4-bac4-fbf60f35719e}:2.0 FF - prefs.js..extensions.enabledItems: {48e23fba-bb14-4745-b768-382150cd83fb}:1.0.1 FF - HKLM\software\mozilla\Firefox\extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.10.11 22:03:15 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.15 00:42:58 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.11 13:55:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.10.11 22:03:16 | 000,000,000 | ---D | M] [2010.10.08 18:58:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Extensions [2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions [2010.12.17 20:25:54 | 000,000,000 | ---D | M] ("Metal3D") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{48e23fba-bb14-4745-b768-382150cd83fb} [2010.10.30 22:18:20 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.01.03 21:11:03 | 000,000,000 | ---D | M] ("Show my Password") -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e} [2011.01.03 21:03:12 | 000,000,000 | ---D | M] (COMPUTERBILD-Abzockschutz) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398} [2010.11.12 15:34:48 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} [2010.12.14 20:06:37 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com [2010.12.27 06:10:41 | 000,000,000 | ---D | M] (Mein Gutscheincode Finder) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\finder@meingutscheincode.de [2010.12.25 01:43:15 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\foxyproxy@eric.h.jung [2011.01.06 01:36:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011.01.04 21:33:50 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.10.08 20:09:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.08 20:09:19 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2010.10.11 22:03:15 | 000,000,000 | ---D | M] (Firefox Synchronisation Extension) -- C:\PROGRAM FILES\NOKIA\NOKIA OVI SUITE\CONNECTORS\BOOKMARKS CONNECTOR\FIREFOXEXTENSION [2010.10.08 20:09:18 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.12.11 13:55:05 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.11 13:55:05 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.11 13:55:05 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.11 13:55:05 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.11 13:55:05 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.12.10 23:26:49 | 000,000,787 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: localhost O1 - Hosts: gs.apple.com O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\tbWin0.dll (Conduit Ltd.) O4 - HKLM..\Run: [4StoryPrePatch] D:\4Story\PrePatch.exe (Zamiinc) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [NetLimiter] C:\Program Files\NetLimiter 3\NLClientApp.exe (Locktime Software) O4 - HKU\S-1-5-21-507921405-1326574676-839522115-1003..\Run: [Voipwise] C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise) O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe (Dynamic Network Services, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1 O7 - HKU\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1 O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.10.09 03:30:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2005.07.07 20:34:30 | 000,001,871 | ---- | M] () - G:\AUTOEXEC.BAT -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - Services: "WinVNC4" MsConfig - Services: "iPod Service" MsConfig - StartUpFolder: C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk - C:\PROGRA~1\IPHONE~1\IPHONE~1.EXE - File not found MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk - C:\Program Files\Philips\Philips SPC230NC Webcam\TrayMin230.exe - () MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe () MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig - StartUpReg: JP595IR86O - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixd.exe File not found MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) MsConfig - StartUpReg: NtWqIVLZEWZU - hkey= - key= - C:\DOCUME~1\Alin\LOCALS~1\Temp\Ixe.exe File not found MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found MsConfig - StartUpReg: NvMediaCenter - hkey= - key= - File not found MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.) MsConfig - StartUpReg: SmartVoip - hkey= - key= - C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe (SmartVoip) MsConfig - StartUpReg: SPC230NC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation) MsConfig - StartUpReg: SPC_Monitor - hkey= - key= - C:\WINDOWS\Philips\SPC230NC\Monitor.exe (PixArt Imaging Incorporation) MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe File not found MsConfig - StartUpReg: Vectir - hkey= - key= - C:\Program Files\Vectir\Vectir.exe File not found MsConfig - StartUpReg: Voipwise - hkey= - key= - C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe (Voipwise) MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 2 MsConfig - State: "startup" - 2 SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: SCSI Class - Driver Group SafeBootMin: sermouse.sys - Driver SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vds - Service SafeBootMin: vga.sys - Driver SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: SCSI Class - Driver Group SafeBootNet: sermouse.sys - Driver SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vga.sys - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4b218e3e-bc98-4770-93d3-2731b9329278} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9309DD7E-EBFE-3C95-8B47-30D3A012F606} - .NET Framework ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3filter - C:\WINDOWS\System32\ac3filter.acm () Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) Drivers32: VIDC.FPS1 - C:\WINDOWS\System32\frapsvid.dll (Beepa P/L) Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point (17183584330711040) ========== Files/Folders - Created Within 30 Days ========== [2011.01.06 06:51:03 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.01.06 06:46:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ApplicationHistory [2011.01.06 06:04:00 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe [2011.01.05 00:43:56 | 000,000,000 | ---D | C] -- C:\PacSteamT [2011.01.05 00:02:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\system32 [2011.01.03 21:03:00 | 000,000,000 | ---D | C] -- C:\Program Files\COMPUTERBILD-Abzockschutz [2010.12.31 00:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\4Story [2010.12.29 05:14:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-DE [2010.12.29 04:50:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\URTTEMP [2010.12.29 01:54:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Cheat Engine 5.6.1 [2010.12.29 01:54:21 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\WINDOWS\System32\D3DX81ab.dll [2010.12.29 01:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine [2010.12.28 19:33:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft [2010.12.28 15:01:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\New Folder (2) [2010.12.28 03:27:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment [2010.12.28 02:09:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\ConduitEngine [2010.12.28 02:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2010.12.28 02:08:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Conduit [2010.12.27 23:00:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.a245eed4.temp [2010.12.27 20:04:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.00e505a9.temp [2010.12.27 18:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.ff4901e2.temp [2010.12.27 17:30:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.e765bc52.temp [2010.12.27 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.faa30dfe.temp [2010.12.27 06:13:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.cf8a77c4.temp [2010.12.27 06:10:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Winload [2010.12.27 06:10:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winload [2010.12.27 05:26:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2010.12.27 05:02:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\World of Warcraft.temp [2010.12.27 05:02:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp [2010.12.27 05:00:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2010.12.27 02:13:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\My Games [2010.12.27 02:11:12 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_7.dll [2010.12.27 02:11:12 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_7.dll [2010.12.27 02:11:12 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_5.dll [2010.12.27 02:11:11 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_43.dll [2010.12.27 02:11:11 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_43.dll [2010.12.27 02:11:10 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_43.dll [2010.12.27 02:11:10 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_43.dll [2010.12.27 02:11:10 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_43.dll [2010.12.27 02:11:09 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_6.dll [2010.12.27 02:11:09 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_6.dll [2010.12.27 02:11:09 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_4.dll [2010.12.27 02:11:08 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll [2010.12.27 02:11:08 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_7.dll [2010.12.27 02:11:07 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll [2010.12.27 02:11:07 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll [2010.12.27 02:11:06 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll [2010.12.27 02:11:06 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll [2010.12.27 02:11:05 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll [2010.12.27 02:11:05 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll [2010.12.27 02:11:04 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll [2010.12.27 02:11:04 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll [2010.12.27 02:11:03 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll [2010.12.27 02:11:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll [2010.12.27 02:11:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll [2010.12.27 02:11:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll [2010.12.27 02:11:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll [2010.12.27 02:10:59 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll [2010.12.27 02:10:59 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll [2010.12.27 02:10:59 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll [2010.12.27 02:10:58 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll [2010.12.27 02:10:58 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll [2010.12.27 02:10:58 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll [2010.12.27 02:10:57 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll [2010.12.27 02:10:57 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll [2010.12.27 02:10:57 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll [2010.12.27 02:10:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll [2010.12.27 02:10:55 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll [2010.12.27 02:10:55 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll [2010.12.27 02:10:55 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll [2010.12.27 02:10:54 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll [2010.12.27 02:10:54 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll [2010.12.27 02:10:54 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll [2010.12.27 02:10:53 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll [2010.12.27 02:10:53 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll [2010.12.27 02:10:53 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll [2010.12.27 02:10:53 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll [2010.12.27 02:10:52 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll [2010.12.27 02:10:51 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll [2010.12.27 02:10:51 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll [2010.12.27 02:10:50 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll [2010.12.27 02:10:50 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll [2010.12.27 02:10:50 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll [2010.12.27 02:10:49 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll [2010.12.27 02:10:48 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll [2010.12.27 02:10:48 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll [2010.12.27 02:10:47 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll [2010.12.27 02:10:46 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll [2010.12.27 02:10:45 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll [2010.12.27 02:10:45 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll [2010.12.27 02:10:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll [2010.12.27 02:10:44 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll [2010.12.27 02:10:44 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll [2010.12.27 02:10:44 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll [2010.12.27 02:10:43 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll [2010.12.27 02:10:43 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll [2010.12.27 02:10:42 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll [2010.12.27 02:10:41 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll [2010.12.27 02:10:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll [2010.12.27 02:10:41 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll [2010.12.27 02:10:39 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll [2010.12.27 02:10:38 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll [2010.12.27 02:10:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll [2010.12.27 02:10:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll [2010.12.27 02:10:37 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll [2010.12.27 02:10:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll [2010.12.27 02:10:37 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll [2010.12.27 02:10:37 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll [2010.12.27 02:10:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll [2010.12.27 02:10:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll [2010.12.27 02:10:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll [2010.12.27 02:10:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll [2010.12.27 02:10:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll [2010.12.27 02:10:29 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll [2010.12.27 02:10:29 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll [2010.12.27 02:10:29 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll [2010.12.27 02:10:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll [2010.12.27 02:10:28 | 000,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll [2010.12.27 02:10:27 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll [2010.12.27 02:10:27 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll [2010.12.27 02:10:25 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll [2010.12.27 02:07:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs [2010.12.27 01:26:16 | 000,000,000 | ---D | C] -- C:\Program Files\Screaming Bee [2010.12.27 00:41:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CAPCOM [2010.12.27 00:34:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2010.12.27 00:33:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Screaming Bee [2010.12.27 00:33:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.12.25 23:00:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt [2010.12.20 23:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DynDNS Updater [2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\DynDNS Updater [2010.12.20 23:23:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.20 23:07:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.20 01:20:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\Vice City Mod Manager [2010.12.20 01:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\vcmm [2010.12.20 00:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Rockstar Games [2010.12.19 21:45:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\Locktime [2010.12.19 21:45:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\NetLimiter 3 [2010.12.19 21:44:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.12.19 21:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetLimiter 3 [2010.12.16 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\Battlefield Heroes [2010.12.16 12:05:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\EA Games [2010.12.15 15:17:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Desktop\June 25 [2010.12.15 13:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Local Settings\Application Data\PunkBuster [2010.12.14 20:32:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother [2010.12.14 20:31:27 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbprint.sys [2010.12.14 20:28:56 | 000,120,832 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrWia04b.dll [2010.12.14 20:28:56 | 000,053,248 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrSerIf.sys [2010.12.14 20:28:56 | 000,037,888 | ---- | C] (Brother Industries, Ltd.) -- C:\WINDOWS\System32\BrUSi04b.dll [2010.12.14 20:28:56 | 000,015,295 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrScnUsb.sys [2010.12.14 20:28:56 | 000,011,904 | ---- | C] (Brother Industries Ltd.) -- C:\WINDOWS\System32\drivers\BrUsbSer.sys [2010.12.14 20:28:54 | 000,054,272 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\System32\brinsstr.dll [2010.12.14 20:28:53 | 000,073,728 | ---- | C] (Brother Industries Ltd) -- C:\WINDOWS\System32\brrbtool.exe [2010.12.14 20:28:53 | 000,024,223 | ---- | C] (brother Industries Ltd) -- C:\WINDOWS\System32\brlm03a.dll [2010.12.14 20:28:48 | 000,188,416 | ---- | C] (brother) -- C:\WINDOWS\System32\PDRVINST.DLL [2010.12.14 20:28:48 | 000,081,920 | ---- | C] (brother) -- C:\WINDOWS\System32\BrWebIns.dll [2010.12.14 20:28:48 | 000,065,536 | ---- | C] (brother) -- C:\WINDOWS\System32\BRWEBUP.EXE [2010.12.14 20:28:42 | 000,000,000 | ---D | C] -- C:\Brother [2010.12.14 20:28:37 | 000,122,880 | ---- | C] (Brother Industries,LTD) -- C:\WINDOWS\System32\BrfxD04a.dll [2010.12.14 20:28:36 | 000,147,456 | ---- | C] (Brother Industries,Ltd.) -- C:\WINDOWS\brunin03.dll [2010.12.14 20:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Brother [2010.12.14 20:21:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Application Data\Brother [2010.12.14 20:20:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother Administrator Utilities [2010.12.14 20:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Brother [2010.12.11 17:01:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 6 [2010.12.11 17:00:57 | 000,013,304 | ---- | C] (TeamViewer GmbH) -- C:\WINDOWS\System32\drivers\TVMonitor.sys [2010.12.11 14:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2010.12.11 14:26:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\Start Menu\Programs\San Andreas Multiplayer [2010.12.11 14:20:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alin\My Documents\GTA San Andreas User Files [2010.12.10 23:37:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes [2010.12.10 23:36:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2010.12.10 23:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2010.12.10 23:34:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer [2010.12.10 21:27:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinSCP [2010.12.10 21:27:38 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.06 19:50:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job [2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.01.06 16:34:04 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.01.06 16:33:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.01.06 16:33:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.01.06 16:33:45 | 000,145,216 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2011.01.06 06:47:06 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2011.01.06 06:45:50 | 000,441,184 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.01.06 06:45:50 | 000,071,250 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.01.05 15:39:37 | 000,000,265 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs [2011.01.04 22:49:01 | 000,000,076 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url [2011.01.04 21:31:36 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2011.01.04 17:21:29 | 000,001,548 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk [2011.01.02 17:29:13 | 000,000,442 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk [2011.01.02 00:59:05 | 000,001,580 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl [2011.01.01 17:04:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.30 07:41:05 | 000,000,466 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk [2010.12.29 01:54:24 | 000,000,670 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk [2010.12.28 19:32:35 | 000,000,456 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk [2010.12.28 10:13:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.12.28 03:15:59 | 000,000,229 | ---- | M] () -- C:\WINDOWS\WinInit.Ini [2010.12.28 02:56:08 | 000,011,264 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.12.27 06:13:15 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp [2010.12.27 06:10:28 | 003,325,446 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe [2010.12.27 00:33:17 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk [2010.12.26 03:01:33 | 000,037,170 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg [2010.12.24 15:17:35 | 000,012,920 | ---- | M] () -- C:\WINDOWS\System32\apl001.sys [2010.12.24 15:17:35 | 000,010,872 | ---- | M] () -- C:\WINDOWS\System32\apf001.sys [2010.12.24 12:56:29 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2010.12.21 01:54:33 | 000,000,931 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk [2010.12.20 23:23:05 | 000,000,729 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk [2010.12.19 15:11:38 | 000,139,080 | ---- | M] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.12.19 15:11:17 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.12.17 13:05:09 | 000,270,240 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrB.ex0 [2010.12.16 21:26:53 | 000,090,945 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf [2010.12.16 12:06:10 | 000,138,056 | ---- | M] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys [2010.12.15 17:24:45 | 000,000,073 | ---- | M] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini [2010.12.14 20:36:11 | 000,000,432 | ---- | M] () -- C:\WINDOWS\brwmark.ini [2010.12.14 20:31:48 | 000,000,065 | ---- | M] () -- C:\WINDOWS\System32\BD7420.dat [2010.12.14 20:29:34 | 000,000,209 | ---- | M] () -- C:\WINDOWS\Brpfx04a.ini [2010.12.14 20:29:34 | 000,000,092 | ---- | M] () -- C:\WINDOWS\brpcfx.ini [2010.12.14 20:29:34 | 000,000,052 | ---- | M] () -- C:\WINDOWS\BRPP2KA.INI [2010.12.14 20:07:48 | 002,577,776 | ---- | M] () -- C:\WINDOWS\System32\pbsvc_heroes.exe [2010.12.13 00:25:13 | 000,000,211 | -HS- | M] () -- C:\boot.ini [2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2010.12.11 17:01:01 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk [2010.12.10 23:37:11 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010.12.10 23:26:49 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.umbrella [2010.12.10 23:26:49 | 000,000,787 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010.12.10 22:06:55 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Alin\PUTTY.RND [2010.12.10 21:27:40 | 000,000,606 | ---- | M] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.05 00:15:24 | 000,000,044 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\logfile.txt [2011.01.05 00:02:42 | 000,000,265 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\Autorun.vbs [2011.01.04 23:55:24 | 000,467,968 | -H-- | C] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2011.01.04 17:21:29 | 000,001,548 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WolfTeam-DE.lnk [2011.01.02 17:29:13 | 000,000,442 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\4Story.lnk [2011.01.02 00:59:05 | 000,001,580 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Black Eyed Peas The E.N.D.wpl [2011.01.01 17:04:24 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.30 07:41:07 | 000,000,466 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to World of Warcraft.lnk [2010.12.29 01:54:24 | 000,000,670 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Cheat Engine.lnk [2010.12.29 01:54:22 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll [2010.12.28 04:41:55 | 000,000,456 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\World of Warcraft-Installationsprogramm.lnk [2010.12.28 03:15:54 | 000,000,229 | ---- | C] () -- C:\WINDOWS\WinInit.Ini [2010.12.27 06:13:15 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\World of Warcraft.lnk.5cd7239e.temp [2010.12.27 06:09:33 | 003,325,446 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shutdown-Timer-Setup.exe [2010.12.27 00:33:16 | 000,001,445 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\MorphVOX Pro.lnk [2010.12.26 03:01:32 | 000,037,170 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\11.jpg__18929035__MBQF-1293028817,templateId=renderScaled,property=Bild,height=349.jpg [2010.12.21 01:54:33 | 000,000,931 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Shortcut to ts3server_win32.exe.lnk [2010.12.20 23:23:05 | 000,000,729 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk [2010.12.20 15:35:51 | 000,000,076 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Counter-Strike Source.url [2010.12.16 21:26:52 | 000,090,945 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\Giessen_wieseck_wGiessen_bahnhof.pdf [2010.12.15 17:42:16 | 002,577,776 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe [2010.12.15 17:24:40 | 000,000,073 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\GDLLogin.ini [2010.12.15 13:33:43 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.xtr [2010.12.14 20:29:34 | 000,000,432 | ---- | C] () -- C:\WINDOWS\brwmark.ini [2010.12.14 20:29:34 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2010.12.14 20:29:34 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2010.12.14 20:29:34 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7420.dat [2010.12.14 20:29:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010.12.14 20:28:53 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL [2010.12.14 20:28:42 | 000,006,224 | ---- | C] () -- C:\WINDOWS\CVRPAGE.bmp [2010.12.14 20:28:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat [2010.12.14 20:18:09 | 000,139,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2010.12.14 20:18:08 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\Alin\Application Data\PnkBstrK.sys [2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2010.12.14 20:17:54 | 000,270,240 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.ex0 [2010.12.14 20:17:52 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe [2010.12.11 17:01:01 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 6.lnk [2010.12.10 23:37:11 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk [2010.12.10 21:27:42 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Alin\PUTTY.RND [2010.12.10 21:27:40 | 000,000,606 | ---- | C] () -- C:\Documents and Settings\Alin\Desktop\WinSCP.lnk [2010.12.05 21:26:36 | 000,000,061 | ---- | C] () -- C:\WINDOWS\mta.ini [2010.12.03 11:34:17 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010.11.06 22:03:26 | 000,000,842 | ---- | C] () -- C:\WINDOWS\System32\SPC230NC.INI [2010.10.24 20:48:58 | 000,001,165 | ---- | C] () -- C:\WINDOWS\Settings.ini [2010.10.13 00:31:57 | 000,094,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat [2010.10.11 14:54:26 | 000,011,264 | ---- | C] () -- C:\Documents and Settings\Alin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.10 22:24:14 | 000,012,920 | ---- | C] () -- C:\WINDOWS\System32\apl001.sys [2010.10.10 22:24:14 | 000,010,872 | ---- | C] () -- C:\WINDOWS\System32\apf001.sys [2010.10.08 15:24:28 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI ========== LOP Check ========== [2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft [2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers [2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader [2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron [2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo [2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker [2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia [2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite [2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera [2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite [2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers [2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip [2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony [2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32 [2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab [2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer [2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client [2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent [2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise [2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips [2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2011.01.06 19:07:00 | 000,000,278 | -H-- | M] () -- C:\WINDOWS\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job [2011.01.06 19:11:00 | 000,000,244 | -H-- | M] () -- C:\WINDOWS\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > [2010.11.23 10:36:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe [2010.10.21 17:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple [2010.10.21 17:49:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer [2010.10.08 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira [2010.12.27 05:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2010.12.28 03:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard Entertainment [2010.12.27 20:00:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess [2010.12.14 20:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Brother [2010.10.08 19:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DivX [2010.12.20 23:23:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DynDNS [2010.12.19 21:44:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime [2010.11.22 09:15:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee [2010.12.04 23:42:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft [2011.01.06 16:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft Help [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nexon [2010.11.15 15:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NexonEU [2010.10.11 22:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia [2010.10.11 22:00:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache [2010.10.08 18:43:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation [2010.10.11 22:11:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite [2010.11.06 22:04:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Philips [2010.12.27 00:34:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Screaming Bee [2010.10.30 10:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Skype [2010.12.05 03:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony [2010.10.08 20:09:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sun [2010.12.04 23:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage [2010.10.21 17:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} < %ALLUSERSPROFILE%\Application Data\*.exe /s > [2009.02.04 13:56:14 | 000,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}\x86\DifXInstall32.exe [2010.11.10 22:03:57 | 000,337,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\All Users\Application Data\Adobe\Setup\{AC76BA86-7AD7-1031-7B44-AA0000000001}\setup.exe [2010.12.10 23:30:34 | 000,073,000 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes\SetupAdmin.exe [2010.10.08 19:15:35 | 000,056,969 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe [2010.10.08 19:15:46 | 000,057,409 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe [2010.10.08 19:15:47 | 000,056,458 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe [2010.10.08 19:15:51 | 000,056,765 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe [2010.10.08 19:15:46 | 000,054,174 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAACDecoder\Uninstaller.exe [2010.10.08 19:15:47 | 000,057,532 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSASPDecoder\Uninstaller.exe [2010.10.08 19:15:48 | 000,054,166 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSAVCDecoder\Uninstaller.exe [2010.10.08 19:15:48 | 000,057,054 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\DSDesktopComponents\Uninstaller.exe [2010.10.08 19:15:45 | 000,052,963 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe [2010.10.08 19:15:40 | 000,054,073 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe [2010.10.08 19:13:52 | 000,144,696 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe [2010.10.08 19:13:44 | 000,876,824 | ---- | M] (DivX, Inc. ) -- C:\Documents and Settings\All Users\Application Data\DivX\Setup\DivXSetup.exe [2010.10.08 19:15:48 | 000,053,600 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\Update\Uninstaller.exe [2010.10.08 19:15:50 | 000,056,997 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe [2010.11.15 14:41:09 | 000,155,648 | ---- | M] (Nexon) -- C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe [2010.10.11 22:00:23 | 102,913,480 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe [2010.10.11 22:00:48 | 000,050,000 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe [2010.10.11 22:00:48 | 000,077,824 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe [2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe [2010.10.11 22:00:48 | 000,038,912 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe [2010.10.11 22:00:52 | 013,930,312 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe [2010.10.11 22:00:55 | 012,212,040 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe < %APPDATA%\*. > [2010.11.22 09:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Adobe [2010.12.05 03:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Apple Computer [2010.11.06 22:07:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\ArcSoft [2010.10.19 20:27:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Avira [2010.12.14 20:36:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Brother [2010.10.11 14:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DivX [2010.10.30 23:25:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoft [2010.10.30 22:18:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\DVDVideoSoftIEHelpers [2010.10.25 17:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\FOG Downloader [2010.11.08 18:03:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\funkitron [2010.12.03 11:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\GetRightToGo [2010.10.09 03:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Identities [2010.11.06 22:02:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\InstallShield [2010.12.05 01:38:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\iPhoneRingToneMaker [2010.10.08 19:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Macromedia [2010.11.22 09:20:26 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Alin\Application Data\Microsoft [2010.10.08 18:58:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Mozilla [2010.11.02 19:52:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia [2010.11.02 19:52:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Nokia Ovi Suite [2010.12.03 23:18:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Opera [2010.11.16 20:05:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\PC Suite [2010.12.05 03:27:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Publish Providers [2010.12.27 01:36:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Screaming Bee [2011.01.04 21:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Skype [2011.01.04 21:32:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\skypePM [2010.11.13 11:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SmartVoip [2010.12.05 03:35:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sony [2010.10.08 20:08:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Sun [2011.01.06 06:45:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\system32 [2010.11.25 14:26:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\SystemRequirementsLab [2010.12.11 17:01:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TeamViewer [2010.12.20 23:43:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\TS3Client [2011.01.06 16:50:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\uTorrent [2010.11.10 13:20:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\Voipwise [2010.10.08 22:53:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alin\Application Data\WinRAR < %APPDATA%\*.exe /s > [2010.12.12 21:52:53 | 000,467,968 | -H-- | M] () -- C:\Documents and Settings\Alin\Application Data\kernel32.exe [2010.08.19 23:46:28 | 001,312,120 | ---- | M] (EA Digital Illusions CE AB) -- C:\Documents and Settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\BFHUpdater.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys [2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys [2008.04.13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys < MD5 for: ATAPI.SYS > [2004.08.04 13:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2010.10.09 11:47:39 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys [2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys [2008.04.13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys [2004.08.04 13:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys [2004.08.03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll [2008.04.14 01:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll [2004.08.04 13:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll < MD5 for: EXPLORER.EXE > [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe [2008.04.14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe [2004.08.04 13:00:00 | 001,032,192 | ---- | M] (Microsoft Corporation) MD5=A0732187050030AE399B241436565E64 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe < MD5 for: NETLOGON.DLL > [2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll [2008.04.14 01:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll [2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll [2009.02.06 19:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll [2004.08.04 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll < MD5 for: SCECLI.DLL > [2004.08.04 13:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll [2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll [2008.04.14 01:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < MD5 for: USER32.DLL > [2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\ServicePackFiles\i386\user32.dll [2008.04.14 01:12:08 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=B26B135FF1B9F60C9388B4A7D16F600B -- C:\WINDOWS\system32\user32.dll [2004.08.04 13:00:00 | 000,577,024 | ---- | M] (Microsoft Corporation) MD5=C72661F8552ACE7C5C85E16A3CF505C4 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll < MD5 for: USERINIT.EXE > [2004.08.04 13:00:00 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=39B1FFB03C2296323832ACBAE50D2AFF -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe [2008.04.14 01:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2004.08.04 13:00:00 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=01C3346C241652F43AED8E2149881BFE -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe [2008.04.14 01:12:39 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=ED0EF0A136DEC83DF69F04118870003E -- C:\WINDOWS\system32\winlogon.exe < MD5 for: WS2IFSL.SYS > [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys [2004.08.04 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2010.10.08 15:22:04 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav [2010.10.08 15:22:04 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav [2010.10.08 15:22:04 | 000,892,928 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] ========== Files - Unicode (All) ========== [2010.11.15 15:08:15 | 000,000,000 | ---D | M](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그 [2010.11.15 15:08:15 | 000,000,000 | ---D | C](C:\Documents and Settings\Alin\My Documents\?? ???) -- C:\Documents and Settings\Alin\My Documents\넥슨 플러그 < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 06.01.2011 19:58:01 - Run 1 OTL by OldTimer - Version Folder = C:\Documents and Settings\Alin\My Documents\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.5512) Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 377,00 Mb Available Physical Memory | 37,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 74,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 43,95 Gb Total Space | 2,31 Gb Free Space | 5,25% Space Free | Partition Type: NTFS Drive D: | 27,50 Gb Total Space | 2,91 Gb Free Space | 10,58% Space Free | Partition Type: NTFS Drive G: | 3,00 Gb Total Space | 3,00 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: ALI | User Name: Alin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] [HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1495:TCP" = 1495:TCP:*:Enabled:Akamai NetSession Interface "5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "C:\AeriaGames\WolfTeam\Wolfteam.bin" = C:\AeriaGames\WolfTeam\Wolfteam.bin:*:Enabled:WolfTeam -- (Softnyx Co., Ltd.) "C:\Killing Floor\System\KillingFloor.exe" = C:\Killing Floor\System\KillingFloor.exe:*:Enabled:KillingFloor -- File not found "C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin" = C:\Program Files\SoftnyxGame\WolfTeamIS\Wolfteam.bin:*:Enabled:Wolfteam -- (Softnyx Co., Ltd.) "C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia) "C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation) "C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe" = C:\Program Files\Voipwise.com\Voipwise\Voipwise.exe:*:Enabled:Voipwise -- (Voipwise) "C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe" = C:\PacSteamT\SteamApps\common\poker superstars ii\PokerSuperstars2.exe:*:Enabled:Poker Superstars II -- File not found "C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike\hl.exe:*:Enabled:Counter-Strike -- File not found "C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe" = C:\Program Files\SmartVoip.com\SmartVoip\SmartVoip.exe:*:Enabled:SmartVoip -- (SmartVoip) "C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe" = C:\Documents and Settings\All Users\Application Data\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager -- (Nexon) "C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- File not found "C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- File not found "C:\Nexon\Combat Arms EU\NMService.exe" = C:\Nexon\Combat Arms EU\NMService.exe:*:Enabled:Nexon Messenger Core -- File not found "C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe" = C:\PacSteamT\SteamApps\derdermitdems\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- File not found "C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH) "C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH) "D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe" = D:\PacSteamT\SteamApps\killahorst482\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{05F350C6-FA6A-40D0-A130-FB941B39152C}" = Philips SPC230NC Webcam "{0DB44859-4112-4946-BE5E-A4275B3FFB5E}" = Furry Voices for Second Life "{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{29C042AB-059B-414C-840E-94775E3F24A8}" = Personality Voices "{2BA00471-0328-3743-93BD-FA813353A783}" = Microsoft .NET Framework 3.0 Service Pack 1 "{2FC099BD-AC9B-33EB-809C-D332E1B27C40}" = Microsoft .NET Framework 3.5 "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{45DF6D99-666D-41FA-8D62-0E183B6240F3}" = PC Connectivity Solution "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4B35F00C-E63D-40DC-9839-DF15A33EAC46}" = Grand Theft Auto Vice City "{5D4B3647-9842-4875-B081-EF8D98C02865}" = WMPKeys "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{67A5D171-4C74-4075-A492-0E480FA4B944}" = Brother BRAdmin Professional 2.81 "{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2 "{749A1EDD-16C2-4C63-B013-D38F0F953973}" = OviMPlatform "{8112C6B3-91E1-4560-8AB9-876DADFA37C5}" = Ovi Desktop Sync Engine "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-001B-0000-0000-0000000FF1CE}" = Microsoft Office Word 2007 "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_WORD_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_WORD_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{913923AB-3AAB-4870-8910-627C4CD82789}" = NetLimiter 3 "{913C4C4F-9E3E-41A6-A614-1BDC1352A225}" = Special Effects Voices "{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU "{A25A7B10-75EA-4208-AAF1-0E3841C444F1}" = MorphVOX Pro "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AB49B509-8FCA-45E6-9FB9-9E4AEEB8F148}" = System Requirements Lab CYRI "{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch "{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86 "{B508B3F1-A24A-32C0-B310-85786919EF28}" = Microsoft .NET Framework 2.0 Service Pack 1 "{B8B4446F-87E1-4423-A47A-16832C24A199}" = Nokia Ovi Suite "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{CECB7782-F35F-45CE-97C0-74BBBDC51C22}" = Webcam Video Viewer "{D7437092-E534-46A5-895B-94FC627139B6}" = COMPUTERBILD-Abzockschutz "{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite "{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0 "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{EE5B5B24-EEFC-4C8B-BF8B-256D705BAD89}" = Nokia Ovi Suite Software Updater "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support "{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes "{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour "4StoryDE_is1" = 4Story 3.4 "504244733D18C8F63FF584AEB290E3904E791693" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 "7-Zip" = 7-Zip 4.65 "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Akamai" = Akamai NetSession Interface "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1 "Dead Rising 2_is1" = Dead Rising 2 "DivX Setup.divx.com" = DivX-Setup "DynDNSUpdater" = DynDNS Updater "Fraps" = Fraps (remove only) "JDownloader" = JDownloader "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 3.5" = Microsoft .NET Framework 3.5 "Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "Multi Theft Auto" = Multi Theft Auto "Nokia Ovi Suite" = Nokia Ovi Suite "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "PacSteamT" = PacSteamT "Philips Intelligent Agent_is1" = Philips Intelligent Agent "PROSet" = Intel(R) PRO Network Connections Drivers "PunkBusterSvc" = PunkBuster Services "RealVNC_is1" = VNC Free Edition 4.1.3 "SmartVoip_is1" = SmartVoip "Steam App 240" = Counter-Strike: Source "Steam App 4100" = Poker Superstars II "TeamViewer 5" = TeamViewer 5 "TeamViewer 6" = TeamViewer 6 "uTorrent" = µTorrent "vcmm" = Vice City Mod Manager "VirtualCloneDrive" = VirtualCloneDrive "Voipwise_is1" = Voipwise "Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "Winload Toolbar" = Winload Toolbar "winscp3_is1" = WinSCP 4.0.7 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "WolfTeam" = WolfTeam "WolfTeam International_is1" = WolfTeam International "WolfTeam-DE" = WolfTeam-DE "WORD" = Microsoft Office Word 2007 "World of Warcraft" = World of Warcraft "Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-507921405-1326574676-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Alin) "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 31.12.2010 10:01:54 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 03.01.2011 12:12:38 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application wolfteam.bin, version, faulting module , version, fault address 0x00000000. Error - 03.01.2011 15:42:59 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 10:00:32 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 16:28:01 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application nlclientapp.exe, version, faulting module nlclientapp.exe, version, fault address 0x0008fca5. Error - 04.01.2011 18:36:46 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application gta-vc.exe, version, faulting module gta-vc.exe, version, fault address 0x0017901d. Error - 04.01.2011 18:40:56 | Computer Name = ALI | Source = Application Hang | ID = 1002 Description = Hanging application hl2.exe, version, hang module hungapp, version, hang address 0x00000000. Error - 04.01.2011 19:38:21 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application explorer.exe, version 6.0.2900.5512, faulting module explorer.exe, version 6.0.2900.5512, fault address 0x00009409. Error - 04.01.2011 19:38:29 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d. Error - 05.01.2011 19:53:51 | Computer Name = ALI | Source = Application Error | ID = 1000 Description = Faulting application gameoverlayui.exe, version, faulting module ntdll.dll, version 5.1.2600.5755, fault address 0x0000100b. [ NetLimiter 3 Events ] Error - 19.12.2010 16:46:06 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module> <desc>Failed to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 16:46:36 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 18:34:47 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2010</err-code> <module>NetLimiter.Main.77</module> <desc>Failed to initialize NetLimiter service.</desc> </nl-error> <nl-error> <err-code>0</err-code> <hresult code='80070002'>The system cannot find the file specified.</hresult> <module>NetLimiter.Main.123</module> <param name='last-error' value='2'/> <param name='fun-name' value='OpenDevice'/> </nl-error> </nl-error-list> Error - 19.12.2010 18:34:48 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = The service failed to start Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error> </nl-error-list> Error - 19.12.2010 18:35:17 | Computer Name = ALI | Source = NetLimiter 3 BaseCli | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>5000</err-code> <module>NetLimiter.NLBaseClient.1147</module> <desc>Failed to connect to NetLimiter service.</desc> <param name='host-name' value=''/> </nl-error> <nl-error> <err-code>1</err-code> <hresult code='80080005'>Server execution failed</hresult> <module>NetLimiter.NLBaseClient.235</module> </nl-error> </nl-error-list> Error - 03.01.2011 11:51:35 | Computer Name = ALI | Source = NetLimiter 3 Service | ID = 1000 Description = <nl-error-list> <nl-error> <err-code>2050</err-code> <module>NetLimiter.Main.643</module> <desc>Failed to call driver.</desc> <param name='last-error' value='0'/> <param name='fun-name' value='DeviceIoControl'/> <param name='ioctl' value='2286448'/> </nl-error> </nl-error-list> [ System Events ] Error - 05.01.2011 17:53:54 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 05.01.2011 17:58:52 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 05.01.2011 19:58:18 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 6 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 06.01.2011 11:56:11 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error - 06.01.2011 11:56:13 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The iPod Service service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:56:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Dienst "Bonjour" service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:56:32 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:57:20 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 11:57:33 | Computer Name = ALI | Source = Service Control Manager | ID = 7034 Description = The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s). Error - 06.01.2011 14:24:24 | Computer Name = ALI | Source = Service Control Manager | ID = 7031 Description = The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. < End of report > .danke |
![]() | #5 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar poste die meldung mal bitte und wposte mal die meldung von avira, fund in quarantäne. download malwarebytes: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten. schalte alle laufenden programme ab, trenne die internetverbindung. registerkarte scanner, komplett scan, funde entfernen, log posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() | #6 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar hier die meldung von antivir ![]() habe die vollständige durchsuchung durch laufen lassen log file : Code:
ATTFilter Malwarebytes' Anti-Malware www.malwarebytes.org Datenbank Version: 5474 Windows 5.1.2600 Service Pack 3 Internet Explorer 6.0.2900.5512 07.01.2011 01:09:30 mbam-log-2011-01-07 (01-09-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|) Durchsuchte Objekte: 235067 Laufzeit: 58 Minute(n), 18 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 6 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 1 Infizierte Verzeichnisse: 0 Infizierte Dateien: 8 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\OW1T3CYG7T (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun (PUM.Hijack.Run) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: c:\documents and settings\Alin\local settings\Temp\001GF1.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\Alin\local settings\Temp\Ixb.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully. c:\documents and settings\Alin\local settings\Temp\Ixf.exe (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully. c:\documents and settings\Alin\local settings\Temp\Ixh.exe (Trojan.FakeAV) -> Quarantined and deleted successfully. c:\documents and settings\Alin\local settings\Temp\sshnas21.dll (Trojan.FraudPack.Gen) -> Quarantined and deleted successfully. c:\system volume information\_restore{0f9d03e2-a6eb-449a-aec8-6b32c8444f10}\RP96\A0051947.exe (Trojan.Cospet) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{62c40aa6-4406-467a-a5a5-dfdf1b559b7a}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully. nach dem neustat kam ausführenicon wieder aber aufm desktop und in ordner kann ich immer noch nichts rechtsklicken(es wird bei rechtsklick nur markiert) .flavers Geändert von flavers (07.01.2011 um 01:50 Uhr) |
![]() | #7 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar immer mit der ruhe :-) bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() | #8 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar hier : Code:
ATTFilter ComboFix 11-01-06.06 - Alin 07.01.2011 17:25:59.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1033.18.1022.568 [GMT 1:00] ausgeführt von:: c:\documents and settings\Alin\My Documents\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Alin\Application Data\Autorun.vbs c:\documents and settings\Alin\Application Data\system32 . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SSHNAS ((((((((((((((((((((((( Dateien erstellt von 2010-12-07 bis 2011-01-07 )))))))))))))))))))))))))))))) . 2011-01-07 00:24 . 2011-01-07 00:24 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\documents and settings\Alin\Application Data\Malwarebytes 2011-01-06 22:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-06 22:40 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-06 05:46 . 2011-01-06 05:47 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\ApplicationHistory 2011-01-06 05:04 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-06 05:03 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-04 23:43 . 2011-01-04 23:43 -------- d-----w- C:\PacSteamT 2011-01-03 20:03 . 2011-01-03 20:03 -------- d-----w- c:\program files\COMPUTERBILD-Abzockschutz 2010-12-29 04:14 . 2010-12-29 04:14 -------- d-----w- c:\windows\system32\de-DE 2010-12-29 03:50 . 2010-12-29 03:50 -------- d-----w- c:\windows\system32\URTTEMP 2010-12-29 00:54 . 2009-11-03 13:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll 2010-12-29 00:54 . 2009-11-03 13:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll 2010-12-29 00:54 . 2010-12-29 03:21 -------- d-----w- c:\program files\Cheat Engine 2010-12-28 02:27 . 2010-12-28 02:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment 2010-12-28 01:09 . 2010-12-28 01:09 -------- d-----w- c:\program files\ConduitEngine 2010-12-28 01:09 . 2010-12-28 01:09 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2010-12-28 01:08 . 2010-12-28 01:08 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Conduit 2010-12-27 14:23 . 2010-12-27 15:04 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2010-12-27 05:10 . 2010-12-28 20:11 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Winload 2010-12-27 05:10 . 2010-12-28 01:09 -------- d-----w- c:\program files\Winload 2010-12-27 04:00 . 2010-12-27 04:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2010-12-27 01:10 . 2008-10-10 03:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll 2010-12-27 01:07 . 2010-12-27 01:07 -------- d-----w- c:\windows\Logs 2010-12-27 00:26 . 2010-12-27 00:39 -------- d-----w- c:\program files\Screaming Bee 2010-12-26 23:34 . 2010-12-27 00:36 -------- d-----w- c:\documents and settings\Alin\Application Data\Screaming Bee 2010-12-26 23:33 . 2010-12-26 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Screaming Bee 2010-12-20 22:23 . 2010-12-20 22:23 -------- d-----w- c:\program files\DynDNS Updater 2010-12-20 22:23 . 2010-12-20 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\DynDNS 2010-12-20 22:07 . 2010-12-27 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess 2010-12-20 00:20 . 2010-12-20 00:20 -------- d-----w- c:\program files\vcmm 2010-12-19 20:45 . 2010-12-19 20:45 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Locktime 2010-12-19 20:44 . 2010-12-19 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Locktime 2010-12-19 20:44 . 2010-12-19 20:44 -------- d-----w- c:\program files\NetLimiter 3 2010-12-15 16:42 . 2010-12-14 19:07 2577776 ----a-w- c:\windows\system32\pbsvc_heroes.exe 2010-12-15 12:33 . 2010-12-19 14:11 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr 2010-12-15 12:32 . 2010-12-15 12:32 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\PunkBuster 2010-12-14 19:31 . 2008-04-13 19:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2010-12-14 19:31 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-12-14 19:27 . 2010-12-14 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother 2010-12-14 19:21 . 2010-12-14 19:36 -------- d-----w- c:\documents and settings\Alin\Application Data\Brother 2010-12-14 19:20 . 2010-12-14 19:29 -------- d-----w- c:\program files\Brother 2010-12-14 19:18 . 2010-12-19 14:11 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-12-14 19:18 . 2010-12-16 11:06 138056 ----a-w- c:\documents and settings\Alin\Application Data\PnkBstrK.sys 2010-12-14 19:17 . 2010-12-19 14:11 270240 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-12-14 19:17 . 2010-12-17 12:05 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0 2010-12-14 19:17 . 2010-12-16 11:05 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-12-11 16:00 . 2010-11-25 15:28 13304 ----a-w- c:\windows\system32\drivers\TVMonitor.sys 2010-12-11 13:44 . 2010-12-11 13:44 -------- d-----w- c:\program files\Rockstar Games 2010-12-11 13:44 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2010-12-11 13:44 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2010-12-11 13:44 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2010-12-11 13:44 . 2003-02-27 15:12 696320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2010-12-11 13:44 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2010-12-11 13:44 . 2010-12-11 13:44 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2010-12-11 13:44 . 2010-12-11 13:44 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2010-12-10 22:36 . 2010-12-10 22:36 -------- d-----w- c:\program files\iPod 2010-12-10 22:36 . 2010-12-10 22:37 -------- d-----w- c:\program files\iTunes 2010-12-10 22:34 . 2010-12-10 22:34 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer 2010-12-10 20:27 . 2010-12-10 20:27 -------- d-----w- c:\program files\WinSCP . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-24 14:17 . 2010-10-10 21:24 12920 ----a-w- c:\windows\system32\apl001.sys 2010-12-24 14:17 . 2010-10-10 21:24 10872 ----a-w- c:\windows\system32\apf001.sys 2010-12-24 11:56 . 2010-10-08 18:43 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-11-23 07:39 . 2010-10-08 18:43 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-18 18:12 . 2010-10-09 02:27 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-05 05:05 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll 2010-11-05 05:05 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx 2010-11-05 05:05 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2010-11-03 12:59 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:25 . 2004-08-04 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys 2010-10-19 20:51 . 2010-12-04 22:44 222080 ------w- c:\windows\system32\MpSigStub.exe . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\Winload\tbWin0.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-21 281768] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk] path=c:\documents and settings\Alin\Start Menu\Programs\Startup\iPhoneRingToneMaker.lnk backup=c:\windows\pss\iPhoneRingToneMaker.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\TrayMin230.lnk backup=c:\windows\pss\TrayMin230.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] 2011-01-02 16:29 319488 ----a-w- d:\4story\PrePatch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-11-10 11:49 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-11-17 19:59 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter] 2010-08-30 13:16 1781760 ----a-w- c:\program files\NetLimiter 3\NLClientApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2010-07-09 14:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2010-07-09 14:24 110696 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip] 2010-11-30 13:03 12797232 ----a-w- c:\program files\SmartVoip.com\SmartVoip\SmartVoip.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor] 2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor] 2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise] 2010-10-04 15:43 11704624 ----a-w- c:\program files\Voipwise.com\Voipwise\Voipwise.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WinVNC4"=2 (0x2) "iPod Service"=3 (0x3) "ServiceLayer"=3 (0x3) "PnkBstrA"=2 (0x2) "ose"=3 (0x3) "odserv"=3 (0x3) "npggsvc"=3 (0x3) "nlsvc"=2 (0x2) "JavaQuickStarterService"=2 (0x2) "idsvc"=3 (0x3) "gupdate"=2 (0x2) "DynDNS Updater"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SoftnyxGame\\WolfTeamIS\\Wolfteam.bin"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"= "c:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"= "c:\\Program Files\\SmartVoip.com\\SmartVoip\\SmartVoip.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "d:\\PacSteamT\\SteamApps\\killahorst482\\counter-strike source\\hl2.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1037:TCP"= 1037:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [30.08.2010 14:24 5281672] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [04.08.2004 13:00 14336] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [08.10.2010 19:43 135336] R3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [11.12.2010 17:00 13304] R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26.11.2009 00:06 34384] S3 apf001;apf001;c:\program files\SoftnyxGame\WolfTeamIS\apf001.sys [10.10.2010 22:09 10872] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.10.2010 22:02 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.10.2010 22:02 8320] S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [06.11.2010 22:03 8576] S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\drivers\SPC230NC.SYS [06.11.2010 22:03 461056] S4 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.04.2010 17:19 103800] S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08.10.2010 18:40 136176] S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhalt des "geplante Tasks" Ordners 2010-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] 2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40] 2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\ FF - prefs.js: browser.startup.homepage - google.de FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb} FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: Mein Gutscheincode Finder: finder@meingutscheincode.de - %profile%\extensions\finder@meingutscheincode.de FF - Ext: Show my Password: {cd617372-6743-4ee4-bac4-fbf60f35719e} - %profile%\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e} . - - - - Entfernte verwaiste Registrierungseinträge - - - - SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-JP595IR86O - c:\docume~1\Alin\LOCALS~1\Temp\Ixd.exe MSConfigStartUp-NtWqIVLZEWZU - c:\docume~1\Alin\LOCALS~1\Temp\Ixe.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-Vectir - c:\program files\Vectir\Vectir.exe AddRemove-Dead Rising 2_is1 - d:\dead s\Dead Rising 2\Uninstall\unins000.exe AddRemove-Multi Theft Auto - c:\fraps\gta\Vice City\Multi Theft Auto\Uninstall.exe AddRemove-PacSteamT - c:\pacsteamt\PacSteamT-Uninstall.exe AddRemove-PunkBusterSvc - d:\woflteam\pbsvc_heroes.exe AddRemove-Steam App 4100 - c:\pacsteamt\steam.exe AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - d:\woflteam\uninstaller.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2011-01-07 17:38 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- Gesperrte Registrierungsschluessel --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'explorer.exe'(2416) c:\windows\system32\WPDShServiceObj.dll c:\program files\WinSCP\DragExt.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Bonjour\mDNSResponder.exe . ************************************************************************** . Zeit der Fertigstellung: 2011-01-07 17:42:23 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-01-07 16:42 Vor Suchlauf: 3.704.340.480 bytes free Nach Suchlauf: 5.021.462.528 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 0645C93133C22DAF6A6B30742A3C6964 nach dem es fertig war kam diese hier auch . Code:
ATTFilter ComboFix 11-01-06.06 - Alin 07.01.2011 17:25:59.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1033.18.1022.568 [GMT 1:00] ausgeführt von:: c:\documents and settings\Alin\My Documents\Downloads\ComboFix.exe AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Alin\Application Data\Autorun.vbs c:\documents and settings\Alin\Application Data\system32 . ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SSHNAS ((((((((((((((((((((((( Dateien erstellt von 2010-12-07 bis 2011-01-07 )))))))))))))))))))))))))))))) . 2011-01-07 00:24 . 2011-01-07 00:24 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\documents and settings\Alin\Application Data\Malwarebytes 2011-01-06 22:40 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-06 22:40 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-06 22:40 . 2011-01-06 22:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-06 05:46 . 2011-01-06 05:47 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\ApplicationHistory 2011-01-06 05:04 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe 2011-01-06 05:03 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys 2011-01-04 23:43 . 2011-01-04 23:43 -------- d-----w- C:\PacSteamT 2011-01-03 20:03 . 2011-01-03 20:03 -------- d-----w- c:\program files\COMPUTERBILD-Abzockschutz 2010-12-29 04:14 . 2010-12-29 04:14 -------- d-----w- c:\windows\system32\de-DE 2010-12-29 03:50 . 2010-12-29 03:50 -------- d-----w- c:\windows\system32\URTTEMP 2010-12-29 00:54 . 2009-11-03 13:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll 2010-12-29 00:54 . 2009-11-03 13:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll 2010-12-29 00:54 . 2010-12-29 03:21 -------- d-----w- c:\program files\Cheat Engine 2010-12-28 02:27 . 2010-12-28 02:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment 2010-12-28 01:09 . 2010-12-28 01:09 -------- d-----w- c:\program files\ConduitEngine 2010-12-28 01:09 . 2010-12-28 01:09 0 ----a-w- c:\windows\system32\ConduitEngine.tmp 2010-12-28 01:08 . 2010-12-28 01:08 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Conduit 2010-12-27 14:23 . 2010-12-27 15:04 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment 2010-12-27 05:10 . 2010-12-28 20:11 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Winload 2010-12-27 05:10 . 2010-12-28 01:09 -------- d-----w- c:\program files\Winload 2010-12-27 04:00 . 2010-12-27 04:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2010-12-27 01:10 . 2008-10-10 03:52 452440 ----a-w- c:\windows\system32\d3dx10_40.dll 2010-12-27 01:07 . 2010-12-27 01:07 -------- d-----w- c:\windows\Logs 2010-12-27 00:26 . 2010-12-27 00:39 -------- d-----w- c:\program files\Screaming Bee 2010-12-26 23:34 . 2010-12-27 00:36 -------- d-----w- c:\documents and settings\Alin\Application Data\Screaming Bee 2010-12-26 23:33 . 2010-12-26 23:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Screaming Bee 2010-12-20 22:23 . 2010-12-20 22:23 -------- d-----w- c:\program files\DynDNS Updater 2010-12-20 22:23 . 2010-12-20 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\DynDNS 2010-12-20 22:07 . 2010-12-27 19:00 -------- d-----w- c:\documents and settings\All Users\Application Data\boost_interprocess 2010-12-20 00:20 . 2010-12-20 00:20 -------- d-----w- c:\program files\vcmm 2010-12-19 20:45 . 2010-12-19 20:45 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\Locktime 2010-12-19 20:44 . 2010-12-19 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Locktime 2010-12-19 20:44 . 2010-12-19 20:44 -------- d-----w- c:\program files\NetLimiter 3 2010-12-15 16:42 . 2010-12-14 19:07 2577776 ----a-w- c:\windows\system32\pbsvc_heroes.exe 2010-12-15 12:33 . 2010-12-19 14:11 270240 ----a-w- c:\windows\system32\PnkBstrB.xtr 2010-12-15 12:32 . 2010-12-15 12:32 -------- d-----w- c:\documents and settings\Alin\Local Settings\Application Data\PunkBuster 2010-12-14 19:31 . 2008-04-13 19:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2010-12-14 19:31 . 2008-04-13 19:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-12-14 19:27 . 2010-12-14 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother 2010-12-14 19:21 . 2010-12-14 19:36 -------- d-----w- c:\documents and settings\Alin\Application Data\Brother 2010-12-14 19:20 . 2010-12-14 19:29 -------- d-----w- c:\program files\Brother 2010-12-14 19:18 . 2010-12-19 14:11 139080 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-12-14 19:18 . 2010-12-16 11:06 138056 ----a-w- c:\documents and settings\Alin\Application Data\PnkBstrK.sys 2010-12-14 19:17 . 2010-12-19 14:11 270240 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-12-14 19:17 . 2010-12-17 12:05 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0 2010-12-14 19:17 . 2010-12-16 11:05 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-12-11 16:00 . 2010-11-25 15:28 13304 ----a-w- c:\windows\system32\drivers\TVMonitor.sys 2010-12-11 13:44 . 2010-12-11 13:44 -------- d-----w- c:\program files\Rockstar Games 2010-12-11 13:44 . 2002-12-05 13:10 155648 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll 2010-12-11 13:44 . 2002-12-02 12:33 57344 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll 2010-12-11 13:44 . 2002-12-02 12:33 237568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll 2010-12-11 13:44 . 2003-02-27 15:12 696320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll 2010-12-11 13:44 . 2002-12-02 14:22 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe 2010-12-11 13:44 . 2010-12-11 13:44 282756 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll 2010-12-11 13:44 . 2010-12-11 13:44 163972 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll 2010-12-10 22:36 . 2010-12-10 22:36 -------- d-----w- c:\program files\iPod 2010-12-10 22:36 . 2010-12-10 22:37 -------- d-----w- c:\program files\iTunes 2010-12-10 22:34 . 2010-12-10 22:34 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer 2010-12-10 20:27 . 2010-12-10 20:27 -------- d-----w- c:\program files\WinSCP . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-24 14:17 . 2010-10-10 21:24 12920 ----a-w- c:\windows\system32\apl001.sys 2010-12-24 14:17 . 2010-10-10 21:24 10872 ----a-w- c:\windows\system32\apf001.sys 2010-12-24 11:56 . 2010-10-08 18:43 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-11-23 07:39 . 2010-10-08 18:43 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-11-18 18:12 . 2010-10-09 02:27 81920 ----a-w- c:\windows\system32\isign32.dll 2010-11-05 05:05 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll 2010-11-05 05:05 . 2004-08-04 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx 2010-11-05 05:05 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2010-11-03 12:59 . 2004-08-04 12:00 369664 ----a-w- c:\windows\system32\html.iec 2010-11-02 15:17 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2010-10-28 13:13 . 2004-08-04 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll 2010-10-26 13:25 . 2004-08-04 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys 2010-10-19 20:51 . 2010-12-04 22:44 222080 ------w- c:\windows\system32\MpSigStub.exe . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{40c3cc16-7269-4b32-9531-17f2950fb06f}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{40c3cc16-7269-4b32-9531-17f2950fb06f}] 2010-10-18 10:26 3908192 ----a-w- c:\program files\Winload\tbWin0.dll [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{40C3CC16-7269-4B32-9531-17F2950FB06F}"= "c:\program files\Winload\tbWin0.dll" [2010-10-18 3908192] [HKEY_CLASSES_ROOT\clsid\{40c3cc16-7269-4b32-9531-17f2950fb06f}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-21 281768] "VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "SetDefPrt"="c:\program files\Brother\Brmfl04g\BrStDvPt.exe" [2004-11-11 49152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" [HKLM\~\startupfolder\C:^Documents and Settings^Alin^Start Menu^Programs^Startup^iPhoneRingToneMaker.lnk] path=c:\documents and settings\Alin\Start Menu\Programs\Startup\iPhoneRingToneMaker.lnk backup=c:\windows\pss\iPhoneRingToneMaker.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DynDNS Updater Tray Icon.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DynDNS Updater Tray Icon.lnk backup=c:\windows\pss\DynDNS Updater Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TrayMin230.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\TrayMin230.lnk backup=c:\windows\pss\TrayMin230.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer] c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4StoryPrePatch] 2011-01-02 16:29 319488 ----a-w- d:\4story\PrePatch.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-10 11:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-11-10 11:49 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-11-17 19:59 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NetLimiter] 2010-08-30 13:16 1781760 ----a-w- c:\program files\NetLimiter 3\NLClientApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2010-07-09 14:24 13923432 ----a-w- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] 2010-07-09 14:24 110696 ----a-w- c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartVoip] 2010-11-30 13:03 12797232 ----a-w- c:\program files\SmartVoip.com\SmartVoip\SmartVoip.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC230NC_Monitor] 2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPC_Monitor] 2007-12-10 14:55 323584 ----a-w- c:\windows\Philips\SPC230NC\Monitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Voipwise] 2010-10-04 15:43 11704624 ----a-w- c:\program files\Voipwise.com\Voipwise\Voipwise.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WinVNC4"=2 (0x2) "iPod Service"=3 (0x3) "ServiceLayer"=3 (0x3) "PnkBstrA"=2 (0x2) "ose"=3 (0x3) "odserv"=3 (0x3) "npggsvc"=3 (0x3) "nlsvc"=2 (0x2) "JavaQuickStarterService"=2 (0x2) "idsvc"=3 (0x3) "gupdate"=2 (0x2) "DynDNS Updater"=2 (0x2) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\AeriaGames\\WolfTeam\\Wolfteam.bin"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\SoftnyxGame\\WolfTeamIS\\Wolfteam.bin"= "c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"= "c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"= "c:\\Program Files\\Voipwise.com\\Voipwise\\Voipwise.exe"= "c:\\Program Files\\SmartVoip.com\\SmartVoip\\SmartVoip.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "d:\\PacSteamT\\SteamApps\\killahorst482\\counter-strike source\\hl2.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1037:TCP"= 1037:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R1 nltdi;nltdi;c:\program files\NetLimiter 3\nltdi.sys [30.08.2010 14:24 5281672] R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [04.08.2004 13:00 14336] R2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [08.10.2010 19:43 135336] R3 MonitorFunction;Driver for Monitor;c:\windows\system32\drivers\TVMonitor.sys [11.12.2010 17:00 13304] R3 NLNdisMP;NLNdisMP;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [26.11.2009 00:06 34384] S3 apf001;apf001;c:\program files\SoftnyxGame\WolfTeamIS\apf001.sys [10.10.2010 22:09 10872] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\drivers\nlndis.sys [30.08.2010 14:24 5230088] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [11.10.2010 22:02 137344] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [11.10.2010 22:02 8320] S3 PAEAFLT.sys;USB Composite Device;c:\windows\system32\drivers\PAEAFLT.sys [06.11.2010 22:03 8576] S3 SPC230NC;Philips SPC230NC Webcam;c:\windows\system32\drivers\SPC230NC.SYS [06.11.2010 22:03 461056] S4 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [16.04.2010 17:19 103800] S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [08.10.2010 18:40 136176] S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . Inhalt des "geplante Tasks" Ordners 2010-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50] 2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40] 2011-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 17:40] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\Alin\Application Data\Mozilla\Firefox\Profiles\5pnvgmsm.default\ FF - prefs.js: browser.startup.homepage - google.de FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} FF - Ext: Battlefield Heroes Updater: battlefieldheroespatcher@ea.com - %profile%\extensions\battlefieldheroespatcher@ea.com FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb} FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: Mein Gutscheincode Finder: finder@meingutscheincode.de - %profile%\extensions\finder@meingutscheincode.de FF - Ext: Show my Password: {cd617372-6743-4ee4-bac4-fbf60f35719e} - %profile%\extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e} . - - - - Entfernte verwaiste Registrierungseinträge - - - - SafeBoot-WudfPf SafeBoot-WudfRd MSConfigStartUp-JP595IR86O - c:\docume~1\Alin\LOCALS~1\Temp\Ixd.exe MSConfigStartUp-NtWqIVLZEWZU - c:\docume~1\Alin\LOCALS~1\Temp\Ixe.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe MSConfigStartUp-Vectir - c:\program files\Vectir\Vectir.exe AddRemove-Dead Rising 2_is1 - d:\dead s\Dead Rising 2\Uninstall\unins000.exe AddRemove-Multi Theft Auto - c:\fraps\gta\Vice City\Multi Theft Auto\Uninstall.exe AddRemove-PacSteamT - c:\pacsteamt\PacSteamT-Uninstall.exe AddRemove-PunkBusterSvc - d:\woflteam\pbsvc_heroes.exe AddRemove-Steam App 4100 - c:\pacsteamt\steam.exe AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - d:\woflteam\uninstaller.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2011-01-07 17:38 Windows 5.1.2600 Service Pack 3 NTFS Scanne versteckte Prozesse... Scanne versteckte Autostarteinträge... Scanne versteckte Dateien... Scan erfolgreich abgeschlossen versteckte Dateien: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- Gesperrte Registrierungsschluessel --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- - - - - - - - > 'explorer.exe'(2416) c:\windows\system32\WPDShServiceObj.dll c:\program files\WinSCP\DragExt.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Weitere laufende Prozesse ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\program files\Bonjour\mDNSResponder.exe . ************************************************************************** . Zeit der Fertigstellung: 2011-01-07 17:42:23 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2011-01-07 16:42 Vor Suchlauf: 3.704.340.480 bytes free Nach Suchlauf: 5.021.462.528 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 0645C93133C22DAF6A6B30742A3C6964 . |
![]() | #9 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar lade den CCleaner slim: Piriform - Builds falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() | #10 |
| ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbarCode:
ATTFilter 7-Zip 4.65 notwendig AC3Filter 1.63b Alexander Vigovsky 1.63b notwendig Adobe Flash Player 10 ActiveX Adobe Systems Incorporated notwendig Adobe Flash Player 10 Plugin Adobe Systems Incorporated notwendig Adobe Reader X - Deutsch Adobe Systems Incorporated 10.0.0 notwendig Akamai NetSession Interface unbekannt Apple Application Support Apple Inc. 1.4.1 notwendig Apple Mobile Device Support Apple Inc. notwendig Apple Software Update Apple Inc. notwendig Avira AntiVir Personal - Free Antivirus Avira GmbH notwendig Bonjour Apple Inc. notwendig Brother BRAdmin Professional 2.81 Brother 2.81 unnötig Brother MFL-Pro Suite 1.00.000 unnötig CCleaner Piriform 3.02 is klar Cheat Engine 5.6.1 Dark Byte unnötig COMPUTERBILD-Abzockschutz J3S 1.0.30 woher habe ich das ? Counter-Strike: Source Valve notwendig DivX-Setup DivX, Inc. notwendig DynDNS Updater Dynamic Network Services, Inc. 4.1.6 unnötig Fraps (remove only) unnötig Furry Voices for Second Life Screaming Bee 1.3.0 unnötig Grand Theft Auto Vice City 1.00.000 naja notwendig High Definition Audio Driver Package - KB835221 Microsoft Corporation 20040219.000000 notwendig Intel(R) PRO Network Connections Drivers notwendig iTunes Apple Inc. notwendig Java(TM) 6 Update 20 Sun Microsystems, Inc. 6.0.200 ich glaube notwendig JDownloader AppWork UG (haftungsbeschränkt) notwendig Malwarebytes' Anti-Malware Malwarebytes Corporation is klar Microsoft .NET Framework 1.1 notwendig Microsoft .NET Framework 2.0 Service Pack 1 Microsoft Corporation 2.1.21022 notwendig Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU Microsoft Corporation 2.1.21022 notwendig Microsoft .NET Framework 3.0 Service Pack 1 Microsoft Corporation 3.1.21022 notwendig Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU Microsoft Corporation 3.1.21022 notwendig Microsoft .NET Framework 3.5 Microsoft Corporation notwendig Microsoft .NET Framework 3.5 Language Pack - DEU Microsoft Corporation notwendig Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Corporation notwendig Microsoft Office Word 2007 Microsoft Corporation 12.0.4518.1014 notwendig Microsoft User-Mode Driver Framework Feature Pack 1.9 Microsoft Corporation unbekannt ? Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 8.0.59193 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 9.0.30729 notwendig Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 9.0.30729.4148 notwendig MorphVOX Pro Screaming Bee 4.3.3 unnötig Mozilla Firefox (3.6.13) Mozilla 3.6.13 (de) notwendig MSXML 4.0 SP2 (KB973688) Microsoft Corporation 4.20.9876.0 unbekannt MSXML 6.0 Parser (KB925673) Microsoft Corporation 6.00.3888.0 unbekannt NetLimiter 3 Locktime Software s.r.o. unnötig Nokia Connectivity Cable Driver Nokia unnötig Nokia Ovi Suite Nokia unnötig Nokia Ovi Suite Software Updater Nokia Corporation unnötig NVIDIA Display Control Panel NVIDIA Corporation notwendig NVIDIA Drivers NVIDIA Corporation notwendig NVIDIA nView Desktop Manager NVIDIA Corporation notwendig PC Connectivity Solution Nokia unnötig Personality Voices Screaming Bee 1.0.0 unnötig Philips Intelligent Agent Philips 2.2 unnötig Philips SPC230NC Webcam Philips unnötig QuickTime Apple Inc. unnötig SigmaTel Audio SigmaTel 5.10.4600.0 notwendig Skype Toolbars Skype Technologies S.A. 5.0.4137 unnötig Skype™ 5.0 Skype Technologies S.A. 5.0.156 notwendig SmartVoip Finarea S.A. Switzerland 4.07 build 620 notwendig Special Effects Voices Screaming Bee 1.0.2 unnötig System Requirements Lab CYRI Husdawg, LLC unbekannt TeamSpeak 3 Client TeamSpeak Systems GmbH notwendig TeamViewer 5 TeamViewer GmbH 5.1.9385 notwendig TeamViewer 6 TeamViewer GmbH 6.0.9947 notwendig Vegas Pro 9.0 Sony 9.0.1147 notwendig Vice City Mod Manager naja notwendig VirtualCloneDrive Elaborate Bytes notwendig VNC Free Edition 4.1.3 RealVNC Ltd. 4.1.3 unnötig Voipwise Finarea S.A. Switzerland 4.06 build 596 notwendig Webcam Video Viewer ArcSoft unnötig Windows Driver Package - Nokia pccsmcfd (08/22/2008 Nokia 08/22/2008 unnötig Windows Media Format 11 runtime notwendig Windows Media Player 11 notwendig Windows XP Service Pack 3 Microsoft Corporation 20080414.031525 notwendig Winload Toolbar ??? unnötig WinSCP 4.0.7 Martin Prikryl 4.0.7 notwendig WMPKeys lazymf and kbept notwendig WolfTeam notwendig WolfTeam International Softnyx co.,ltd. notwendig WolfTeam-DE notwendig World of Warcraft Blizzard Entertainment unnötig µTorrent 2.0.4 notwendig |
![]() | #11 |
| ![]() Gelöst Also ich weis nicht wie oder wann genau aber mein problem hat sich gelöst woran es am ende lag weis ich immer noch nicht trotzdem. ![]() |
![]() | #12 |
/// Malware-holic ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Rechtklick im ordner geht nicht und ausrühren nicht einstellbar sorry hab deinen post übersehen deinstaliere: Brother beide Cheat Engine COMPUTERBILD vllt von einer computer bild cd?cd, falls nicht nötig, weg damit DynDNS Fraps Furry Voices MorphVOX NetLimiter Nokia alle 3 PC Connectivity Solution Personality Voices Philips beide Skype Toolbars Special Effects TeamViewer 5 eine version reicht und version 6 ist aktuell VNC Free Edition Webcam Winload Toolbar World of Warcraft bereinige dann mit dem ccleaner. hatte avira vllt seit dem 7.januar funde?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
![]() |
Themen zu Rechtklick im ordner geht nicht und ausrühren nicht einstellbar |
ausführen, conduit, explorer rechtsklick ausführen, folge, folgendes, geht nicht, guten, heard, hkus\s-1-5-18, icon, klick, leiste, markiert, nichts, ordner, plug-in, problem, startleiste, winload toolbar, wirkliche |