Internet Explorer öffnet sich automatisch Wiederherstellungspunkt

stumpi_8 · 15.01.2011, 12:37

Hallo zusammen,
hatte ebenfalls das Problem dass sich der Internet Exploerer immer automatisch geöffnet hat, nach einer gewissen Zeit war dann die CPU-Leistung bei 100% und es lies sich nichts mehr bedienen. Habe dann eine Systemwiederherstellung zu einem Zeitpunkt gemacht an dem das Problem noch nicht vorlag und Oberflächlich ist es gelöst. Der IE öffnet sich nicht mehr.
Malware Bytes ergibt folgendes:

Zitat:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5521

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.01.2011 22:56:22
mbam-log-2011-01-14 (22-56-22).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 358065
Laufzeit: 43 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Das Hijack File sieht so aus:

Zitat:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:58:46, on 14.01.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Users\Panzon\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Users\Panzon\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = Panzon\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpcEnum - OPC Foundation - C:\Windows\SysWOW64\OpcEnum.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WEBfactory 2010 Communication Service (WCS) - Copyright: WEBfactory GmbH, 2010 - C:\Program Files (x86)\WEBfactory 2010\Server\WCS.exe
O23 - Service: WEBfactory 2010 MessengerPro (WF2010Messenger) - WEBfactory GmbH - C:\Program Files (x86)\WEBfactory 2010\Server\Messenger\WF2010MessengerProService.exe
O23 - Service: WEBfactory 2010 SchedulerPro (WF2010Scheduler) - WEBfactory Gmbh - C:\Program Files (x86)\WEBfactory 2010\Server\Scheduler\WF2010SchedulerPro.exe
O23 - Service: WEBfactory 2010 Server (WF2010Server) - WEBfactory GmbH - C:\Program Files (x86)\WEBfactory 2010\Server\WF2010Starter.exe
O23 - Service: WEBfactory Simulation OPC Server DA (WFSIMOPCDA) - WEBfactory GmbH - C:\Program Files (x86)\WEBfactory 2010\OPC Server\Simulation OPC Server\WFSIMOPCDA.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WEBfactory 2010 Thread Engine (WTE) - WEBfactory GmbH, 2009 - C:\Program Files (x86)\WEBfactory 2010\Server\WTE.exe
O23 - Service: WEBfactory 2010 Trace Server (WTS) - Copyright: WEBfactory GmbH, 2008 - C:\Program Files (x86)\WEBfactory 2010\Server\WTS.exe

--
End of file - 8442 bytes

Ist das Problem damit gelöst oder muss ich noch weiter Schritte vornehmen?
Vielen Dank für eure Hilfe!! Gruß Stumpi

rea · 15.01.2011, 14:28

Hallo stumpi_8 und Willkommen am Trojaner Board!

Vorweg ein paar Hinweise (Bitte beachten!):

Lies meine Anleitung für dich sorgfältig durch, bevor du beginnst. Führe alle Schritte unbedingt der Reihe nach aus, da manchmal der eine Punkt den anderen voraussetzt.

Wenn dir etwas im Verlauf der Bereinigung unklar ist, frage bitte in deinem Thread nach, bevor du weitermachst.

Lade alle hier angeordneten Programme nur durch die jeweiligen Links herunter! Wenn ein Link nicht funktionieren sollte, melde dich bitte.

Installiere während der Bereinigung keine weiteren Programme, ausser denen, die wir dir für die Bereinigung anordnen.

Berichte zu jedem Schritt, ob Du ihn abgearbeitet hast, bzw. ob und welche Probleme dabei aufgetreten sind.

Sollten beim Abarbeiten der Anleitung Probleme auftauchen, bitte vorerst nicht weitermachen, sondern stoppen und das Problem hier im Thread schildern.

Ich bereinige keine Systeme, auf denen ich Keygens, Cracks, oder sonstige illegale Software finde.

Editiere alle persönlichen Daten wie z.B. vollständige Namen realer und privater Personen aus den geforderten Logfiles, bevor du sie postest.

Und falls eine Antwort mal länger dauern wird, freu ich mich auch über einen Hinweis

Ich geb mir Mühe, alles zu finden, was nicht auf dein System gehört, aber muss dich darauf hiweisen, dass Formatieren und Neuaufsetzen in den meisten Fällen die schnellste und sicherste Variante ist ein sauberes System zu bekommen. Wenn du trotzdem bereinigen möchtest, folgt hier die Anleitung:

Da würde ich gerne noch etwas genauer hinschauen. Deshalb erstell und poste bitte zwei OTL-Logs.

1.) Systemscan mit OTL
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop.

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Was sind Codetags:

Schreibe vor das Log [Code] und hinter das Log [/Code]. Achte auf den "/" !
Du kannst alternativ auch den # - Button oben in der Auswahl beim Antworten benutzen.
Fertig gepostet sollte das ganze dann so aussehen:

Code:

ATTFilter

Text des Logfiles

Bei manchen Logfiles werden die Codetags schon automatisch ohne dein Zutun gesetzt.
Das kannst du vorweg mit der Vorschaufunktion überprüfen.

stumpi_8 · 15.01.2011, 15:10

Hallo rea,
vielen Dank für die schnelle Antwort!! hier sind die beiden Files:
Extra
OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 15.01.2011 14:59:24 - Run 2
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\Panzon\Downloads
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 77,81 Gb Free Space | 66,82% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 208,77 Gb Free Space | 62,75% Space Free | Partition Type: NTFS
 
Computer Name: PANZON-PC | User Name: Panzon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-9001-0407-0102-0060B0CE6BBA}" = AutoCAD 2011 - Deutsch
"{5783F2D7-9001-0407-1102-0060B0CE6BBA}" = AutoCAD 2011 Language Pack - Deutsch
"{639673E9-D53F-44F4-A046-485C8A6ADA16}" = Paint.NET v3.5.6
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}" = ASUS Power4Gear Hybrid
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B6C87B73-79A5-401A-A12A-4DD96EC40442}" = Microsoft SQL Server Management Studio Express
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"AutoCAD 2011 - Deutsch" = AutoCAD 2011 - Deutsch
"Elantech" = ETDWare PS/2-x64 7.0.5.9_WHQL
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"USB 2.0 VGA UVC WebCam" = USB 2.0 VGA UVC WebCam
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{58D379F7-62BC-4748-8237-FE071ECE797C}" = Microsoft SQL Server 2005 Tools
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{803910CC-3A39-45E3-A594-0D5512A60A86}" = Microsoft Silverlight 4 SDK - Deutsch
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 2.8.8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9B945F3F-9728-4AA7-9804-1520572F135A}" = WEBfactory 2010
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{9D6D7811-43B3-463C-BC79-5D1755269989}" = Net4Switch
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1031-7B44-AA0000000001}" = Adobe Reader X - Deutsch
"{B0F9497C-52B4-4686-8E73-74D866BBDF59}" = Microsoft SQL Server 2005 (WEBFACTORY2010)
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AnyDVD" = AnyDVD
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup.divx.com" = DivX-Setup
"ENTERPRISER" = Microsoft Office Enterprise 2007
"IcoFX_is1" = IcoFX 1.6.4
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MiKTeX 2.8" = MiKTeX 2.8
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"RealPlayer 12.0" = RealPlayer
"TeXnicCenter_is1" = TeXnicCenter Version 1.0 Stable RC1
"VLC media player" = VLC media player 1.1.5
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 13.01.2011 13:47:09 | Computer Name = Panzon-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: WSCommCntr2.exe, Version: 3.0.267.0,
 Zeitstempel: 0x4b71796a  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
 Zeitstempel: 0x4ba9b802  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000004cf54
ID
 des fehlerhaften Prozesses: 0x13d0  Startzeit der fehlerhaften Anwendung: 0x01cbb349e556919d
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr\lib\WSCommCntr2.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 24388f61-1f3d-11e0-b095-485b396a6d3e
 
Error - 13.01.2011 15:15:50 | Computer Name = Panzon-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Real\RealPlayer\plugins\rmxrend.dll".  Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 13.01.2011 17:08:21 | Computer Name = Panzon-PC | Source = WF2010DemoInstaller | ID = 3
Description = 
 
Error - 13.01.2011 17:08:21 | Computer Name = Panzon-PC | Source = WF2010DemoInstaller | ID = 3
Description = 
 
Error - 13.01.2011 17:21:51 | Computer Name = Panzon-PC | Source = WF2010DemoInstaller | ID = 3
Description = 
 
Error - 13.01.2011 17:22:10 | Computer Name = Panzon-PC | Source = WF2010DemoInstaller | ID = 3
Description = 
 
Error - 14.01.2011 13:05:19 | Computer Name = Panzon-PC | Source = WF2010Studio | ID = 3
Description = 
 
Error - 14.01.2011 13:06:44 | Computer Name = Panzon-PC | Source = WF2010Studio | ID = 3
Description = 
 
Error - 14.01.2011 13:06:57 | Computer Name = Panzon-PC | Source = WF2010Studio | ID = 3
Description = 
 
Error - 14.01.2011 13:15:04 | Computer Name = Panzon-PC | Source = WF2010Studio | ID = 3
Description = 
 
[ System Events ]
Error - 13.01.2011 17:03:20 | Computer Name = Panzon-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "WEBfactory 2010 MessengerPro" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 13.01.2011 17:03:20 | Computer Name = Panzon-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "WEBfactory 2010 SchedulerPro" ist als interaktiver Dienst
 gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste
 nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 14.01.2011 04:19:41 | Computer Name = Panzon-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 14.01.2011 04:21:38 | Computer Name = Panzon-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.01.2011 07:21:57 | Computer Name = Panzon-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 14.01.2011 12:07:33 | Computer Name = Panzon-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 14.01.2011 13:05:18 | Computer Name = Panzon-PC | Source = DCOM | ID = 10009
Description = 
 
Error - 14.01.2011 15:19:09 | Computer Name = Panzon-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 14.01.2011 15:19:10 | Computer Name = Panzon-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 15.01.2011 08:09:26 | Computer Name = Panzon-PC | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{18B6DD40-E647-47AD-BDB7-5D10C1259426} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
[ WEBfactory Events ]
Error - 13.01.2011 17:31:11 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:2496  Topic : Threads       Text : 000016B8 Timeouted tick
 event : '4580/WF2010Logger.clsLogging.xtmrSendDBCommands' completed after 94 sec
 677 msec
 
Error - 14.01.2011 13:13:21 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WF2010Logger:4980  Topic : GetWFLoggerParameters    Text : Logging
 data will not be deleted
 
Error - 14.01.2011 13:13:22 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WF2010AlarmManager:4564  Topic : GetWFEventLogParameters (SQL)

Text
 : Event log data will not be deleted or archived
 
Error - 14.01.2011 13:13:22 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 0000148C Timeouted tick 
event : '2944/WF2010Server.clsWEBfactoryServer.xtmrAsyncStart'
 
Error - 14.01.2011 13:13:26 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 000017CC Timeouted tick 
event : '2944/WF2010Server.clsWEBfactoryServer.xtmrAsyncStart' completed after 18
 sec 736 msec
 
Error - 14.01.2011 15:17:05 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 0000148C Timeouted tick 
event : '5824/WF2010Logger.clsLogging.xtmrReadSignalUpdateQueue'
 
Error - 14.01.2011 15:17:05 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 0000148C Timeouted tick 
event : '5492/WF2010ScriptEngine.clsAlarmScript.xtmrCalculateAlarmScripts'
 
Error - 14.01.2011 15:17:05 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 0000148C Timeouted tick 
event : '5536/WF2010ScriptEngine.clsVCScript.xtmrCalculateVCScripts'
 
Error - 14.01.2011 15:17:05 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 00001404 Timeouted tick 
event : '5536/WF2010ScriptEngine.clsVCScript.xtmrCalculateVCScripts' completed after
 828 sec 709 msec
 
Error - 14.01.2011 15:17:05 | Computer Name = Panzon-PC | Source = WTS | ID = 103
Description = Channel : WTE:916  Topic : Threads       Text : 000011DC Timeouted tick 
event : '5492/WF2010ScriptEngine.clsAlarmScript.xtmrCalculateAlarmScripts' completed
 after 828 sec 709 msec
 
 
< End of report >

--- --- ---

[/CODE]

rea · 15.01.2011, 15:28

Okay, dann fehlt noch das zweite OTL-Logfile, die Otl.txt

stumpi_8 · 15.01.2011, 15:41

und otl

Code:

ATTFilter

OTL logfile created on: 15.01.2011 14:59:24 - Run 2
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\Panzon\Downloads
64bit- An unknown product  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 61,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 77,81 Gb Free Space | 66,82% Space Free | Partition Type: NTFS
Drive D: | 332,72 Gb Total Space | 208,77 Gb Free Space | 62,75% Space Free | Partition Type: NTFS
 
Computer Name: PANZON-PC | User Name: Panzon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2011.01.15 12:24:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Panzon\Downloads\OTL.exe
PRC - [2011.01.05 10:09:52 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.12.17 03:24:30 | 023,343,848 | ---- | M] (Dropbox, Inc.) -- C:\Users\Panzon\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010.01.04 17:43:36 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.24 13:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.10.26 20:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 10:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.23 10:11:54 | 001,160,320 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
PRC - [2009.08.19 20:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2009.07.31 10:38:24 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.06.24 12:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009.06.19 10:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 10:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.22 17:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () -- C:\Programme\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.01.15 12:24:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Panzon\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.01.12 20:50:33 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009.12.07 16:16:34 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.04.21 12:59:08 | 002,869,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2010.07.12 11:20:54 | 000,015,872 | ---- | M] (WEBfactory Gmbh) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\Scheduler\WF2010SchedulerPro.exe -- (WF2010Scheduler)
SRV - [2010.07.06 12:30:56 | 000,094,208 | ---- | M] (WEBfactory GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\WF2010Starter.exe -- (WF2010Server)
SRV - [2010.06.08 10:59:04 | 000,024,576 | ---- | M] (WEBfactory GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\Messenger\WF2010MessengerProService.exe -- (WF2010Messenger)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.02.11 23:31:26 | 000,118,784 | ---- | M] (Copyright: WEBfactory GmbH, 2008) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\WTS.exe -- (WTS)
SRV - [2010.01.27 16:42:30 | 000,749,568 | ---- | M] (Copyright: WEBfactory GmbH, 2010) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\WCS.exe -- (WCS)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.08.24 23:46:36 | 000,073,728 | ---- | M] (WEBfactory GmbH, 2009) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\Server\WTE.exe -- (WTE)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2009.07.14 02:15:31 | 000,396,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009.07.14 02:14:53 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009.06.15 17:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.03.31 02:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008.01.28 15:56:16 | 000,659,456 | ---- | M] (WEBfactory GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\WEBfactory 2010\OPC Server\Simulation OPC Server\WFSIMOPCDA.exe -- (WFSIMOPCDA)
SRV - [2007.08.08 00:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Programme\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 12:24:54 | 000,125,496 | ---- | M] () [On_Demand | Running] -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.04.17 08:07:50 | 000,135,168 | ---- | M] (OPC Foundation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\OpcEnum.exe -- (OpcEnum)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.01.12 20:30:49 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.12.01 20:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2009.12.14 11:26:50 | 008,034,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.12.01 18:55:31 | 000,359,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.11.26 22:15:14 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009.11.13 10:47:36 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.10.26 05:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.15 10:23:20 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 02:34:00 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.23 02:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.26 07:48:44 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2009.08.06 22:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 11:15:56 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.05.13 02:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.03.13 11:55:38 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2009.01.08 11:55:04 | 000,129,280 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV - [2010.12.01 20:06:31 | 000,125,512 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2007.08.03 05:26:48 | 000,017,464 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.24 11:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Programme\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DD 91 F5 74 39 A8 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.01.03 22:11:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.01.10 21:07:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.01.10 21:07:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.01.03 22:11:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.01.11 14:57:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.01.12 17:47:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011.01.12 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Panzon\AppData\Roaming\mozilla\Extensions
[2011.01.12 17:47:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Panzon\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.01.14 19:05:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Panzon\AppData\Roaming\mozilla\Firefox\Profiles\zfh5gb4x.default\extensions
[2011.01.02 17:22:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Panzon\AppData\Roaming\mozilla\Firefox\Profiles\zfh5gb4x.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.12.30 17:03:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.01.01 13:19:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.01.10 21:07:31 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\HTML5VIDEO
[2011.01.10 21:07:31 | 000,000,000 | ---D | M] (DivX HiQ) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\WPA
[2011.01.03 22:11:10 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - Startup: C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Panzon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\Shell - "" = AutoRun
O33 - MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\Shell\AutoRun\command - "" = F:\Set-up.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.15 12:20:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.01.15 12:19:32 | 000,000,000 | ---D | C] -- C:\Windows\SQLTools9_KB970892_ENU
[2011.01.15 12:18:02 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2011.01.14 20:52:25 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\MiKTeX
[2011.01.14 20:52:22 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\MiKTeX
[2011.01.14 20:50:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2011.01.14 20:50:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter
[2011.01.14 20:50:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeXnicCenter
[2011.01.14 20:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.8
[2011.01.14 20:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX
[2011.01.14 20:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiKTeX 2.8
[2011.01.14 18:28:32 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\IcoFX
[2011.01.14 18:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IcoFX 1.6
[2011.01.14 18:28:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IcoFX 1.6
[2011.01.14 11:35:17 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Malwarebytes
[2011.01.14 11:35:08 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.01.14 11:35:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.14 11:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.14 11:35:04 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.01.14 11:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.01.13 22:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.01.13 22:12:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.01.13 22:06:36 | 000,071,040 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2011.01.13 22:06:35 | 002,869,760 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\hasplms.exe
[2011.01.13 22:06:35 | 002,869,760 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\aksllmtp.exe
[2011.01.13 22:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2011.01.13 22:06:25 | 000,129,280 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\aksfridge.sys
[2011.01.13 22:06:09 | 000,318,464 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2011.01.13 22:05:25 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\WEBfactory 2010 Smart Editor Projects
[2011.01.13 22:05:25 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\IsolatedStorage
[2011.01.13 22:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEBfactory 2010
[2011.01.13 22:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\OPC Foundation
[2011.01.13 22:02:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBfactory 2010
[2011.01.13 21:59:48 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\Visual Studio 2005
[2011.01.13 21:57:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2011.01.13 21:53:54 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server
[2011.01.13 21:53:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2011.01.13 21:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK - Deutsch
[2011.01.13 21:52:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SDKs
[2011.01.13 20:17:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2011.01.13 20:17:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2011.01.13 20:17:25 | 000,000,000 | ---D | C] -- C:\inetpub
[2011.01.13 11:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.01.13 11:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2011.01.12 22:31:01 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.01.12 22:29:49 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\Adobe Scripts
[2011.01.12 22:29:28 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.01.12 22:27:56 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2011.01.12 22:23:47 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2011.01.12 22:22:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2011.01.12 22:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.01.12 22:20:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.01.12 21:33:55 | 000,000,000 | ---D | C] -- C:\Crack
[2011.01.12 21:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011.01.12 20:50:33 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Macrovision Shared
[2011.01.12 20:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[2011.01.12 20:42:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Autodesk Shared
[2011.01.12 20:42:49 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Autodesk
[2011.01.12 20:42:49 | 000,000,000 | ---D | C] -- C:\Programme\Autodesk
[2011.01.12 20:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Autodesk Shared
[2011.01.12 20:40:11 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011.01.12 20:40:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011.01.12 20:40:11 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011.01.12 20:40:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011.01.12 20:40:10 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011.01.12 20:40:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011.01.12 20:40:01 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011.01.12 20:40:01 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011.01.12 20:33:44 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Autodesk
[2011.01.12 20:33:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
[2011.01.12 20:30:49 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.01.12 20:30:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.01.12 20:30:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.01.12 20:30:08 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\DAEMON Tools Lite
[2011.01.12 20:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.01.12 17:47:12 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Thunderbird
[2011.01.12 17:47:12 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Thunderbird
[2011.01.12 17:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird
[2011.01.12 17:47:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011.01.12 11:33:17 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\WinRAR
[2011.01.12 11:25:38 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.01.12 11:25:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.01.12 11:25:33 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.01.12 10:45:14 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2011.01.12 10:45:14 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10warp.dll
[2011.01.12 10:45:13 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.01.12 10:45:13 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.01.12 10:45:13 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.01.12 10:45:12 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2011.01.12 10:45:12 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2011.01.12 10:45:11 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2011.01.12 10:45:11 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.01.12 10:45:11 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.01.12 10:45:10 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.01.12 10:45:10 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.01.12 10:45:09 | 001,863,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ExplorerFrame.dll
[2011.01.12 10:45:09 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2011.01.12 10:45:09 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2011.01.12 10:45:09 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.01.12 10:45:08 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ExplorerFrame.dll
[2011.01.12 10:45:08 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2011.01.12 10:45:08 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll
[2011.01.12 10:45:08 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2011.01.12 10:45:08 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1core.dll
[2011.01.12 10:45:08 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2011.01.12 10:45:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll
[2011.01.12 10:45:08 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2011.01.12 10:45:07 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.01.12 10:45:07 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.01.12 10:45:07 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2011.01.12 10:44:58 | 000,720,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbc32.dll
[2011.01.12 10:44:58 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbc32.dll
[2011.01.11 14:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.01.11 14:57:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.01.10 21:07:36 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Local
[2011.01.10 21:07:17 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\DivX
[2011.01.10 21:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.01.10 21:06:50 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2011.01.10 21:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.01.10 21:06:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.01.10 21:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.01.10 21:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.01.10 15:50:52 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Nitro PDF
[2011.01.10 15:48:51 | 000,028,976 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalmon.dll
[2011.01.10 15:48:51 | 000,017,200 | ---- | C] (Nitro PDF Software) -- C:\Windows\SysNative\nitrolocalui.dll
[2011.01.10 15:48:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Nitro PDF
[2011.01.10 15:47:40 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Downloaded Installations
[2011.01.09 18:51:40 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\pdf24
[2011.01.09 18:41:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2011.01.09 18:09:02 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Documents\Scanned Documents
[2011.01.09 18:09:02 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\Fax
[2011.01.09 15:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
[2011.01.09 15:57:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF24
[2011.01.09 12:55:46 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\AnyDVDHD
[2011.01.09 12:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft
[2011.01.09 12:50:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
[2011.01.09 12:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlySoft
[2011.01.09 12:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
[2011.01.09 12:32:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2011.01.06 14:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2011.01.06 14:18:35 | 000,126,976 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMBEE.DLL
[2011.01.06 14:18:35 | 000,008,704 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2011.01.06 14:18:34 | 000,086,528 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBBEE.DLL
[2011.01.06 14:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2011.01.04 18:38:01 | 000,359,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2011.01.03 22:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2011.01.03 22:11:05 | 000,199,904 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2011.01.03 22:11:01 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2011.01.03 22:11:01 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2011.01.03 22:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2011.01.03 22:10:59 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011.01.03 22:10:57 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011.01.03 22:10:57 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011.01.03 22:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2011.01.03 22:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2011.01.03 22:10:45 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Real
[2011.01.03 11:32:10 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Virtual Machines
[2011.01.03 11:25:47 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2011.01.03 11:25:47 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2011.01.03 11:22:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2011.01.03 11:22:57 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2011.01.03 11:22:56 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2011.01.03 11:22:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcusb.sys.mui
[2011.01.03 11:22:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) --

stumpi_8 · 15.01.2011, 15:54

Code:

ATTFilter

[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2011.01.03 11:22:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2011.01.03 11:22:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2011.01.03 11:22:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcvmm.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2011.01.03 11:22:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2011.01.03 11:22:51 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2011.01.03 11:22:51 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2011.01.03 11:22:51 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2011.01.03 11:22:50 | 002,262,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2011.01.03 11:22:50 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2011.01.03 11:22:50 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2011.01.03 11:22:50 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2011.01.03 11:22:49 | 004,513,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2011.01.03 11:22:49 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2011.01.03 11:22:49 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2011.01.03 11:21:46 | 000,000,000 | ---D | C] -- C:\Programme\Windows XP Mode
[2011.01.03 10:19:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Siemens
[2011.01.03 10:16:29 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2011.01.03 10:00:02 | 000,000,000 | ---D | C] -- C:\Temp
[2011.01.02 17:44:50 | 000,000,000 | ---D | C] -- C:\Programme\Paint.NET
[2011.01.02 17:44:36 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Paint.NET
[2011.01.02 14:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.01.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.01.02 14:42:08 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.01.01 09:50:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.01.01 09:48:58 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll
[2011.01.01 09:48:58 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll
[2011.01.01 09:48:58 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe
[2011.01.01 09:48:58 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe
[2011.01.01 09:48:58 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll
[2011.01.01 09:48:58 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll
[2011.01.01 09:48:58 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll
[2011.01.01 09:48:58 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll
[2010.12.31 14:20:19 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\skypePM
[2010.12.31 11:00:54 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\vlc
[2010.12.31 10:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2010.12.31 10:51:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.12.31 10:10:02 | 000,000,000 | ---D | C] -- C:\Users\Panzon\Documents\ASUS
[2010.12.31 10:09:53 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\ASUS
[2010.12.31 09:52:57 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Adobe
[2010.12.31 09:45:22 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2010.12.31 09:45:15 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.12.31 09:45:15 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.12.31 09:45:15 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.12.31 09:45:13 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010.12.31 09:45:12 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.31 09:45:11 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.31 09:45:11 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.31 09:45:11 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.31 09:45:11 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.31 09:45:11 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.31 09:45:11 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010.12.31 09:45:11 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010.12.31 09:45:10 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll
[2010.12.31 09:45:09 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.12.31 09:45:09 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.31 09:45:09 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.31 09:45:09 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.31 09:45:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.31 09:45:08 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.12.31 09:45:08 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.12.31 09:45:08 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.12.31 09:45:08 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.12.31 09:45:08 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.12.31 09:45:08 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.12.31 09:45:07 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.12.31 09:45:07 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.12.31 09:45:07 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.12.31 09:45:07 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.12.31 09:45:07 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.12.31 09:45:07 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.12.31 09:45:07 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.12.31 09:45:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.12.31 09:45:07 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.12.31 09:45:03 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.12.31 09:45:02 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.12.31 09:44:49 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.12.31 09:44:49 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.12.31 09:44:48 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.12.31 09:44:48 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.12.31 09:44:48 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.12.31 09:44:48 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2010.12.31 09:44:48 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.12.31 09:44:47 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.12.31 09:44:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2010.12.31 09:44:40 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.12.31 09:44:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.12.31 09:44:33 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.12.31 09:44:32 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.12.31 09:44:32 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.12.31 09:44:26 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010.12.31 09:44:24 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.12.31 09:44:24 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2010.12.31 09:44:23 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.12.31 09:44:23 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.12.31 09:44:21 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.12.31 09:44:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.12.31 09:44:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.12.31 09:44:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.12.31 09:44:20 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.12.31 09:44:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.12.31 09:44:20 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.12.31 09:44:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.12.31 09:44:08 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010.12.31 09:44:08 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010.12.31 09:44:07 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.12.31 09:43:56 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010.12.31 09:43:56 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2010.12.31 09:43:55 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.12.31 09:43:55 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.12.31 09:43:55 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.12.31 09:43:55 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.12.31 09:43:40 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.12.31 09:43:40 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.12.31 09:43:40 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2010.12.31 09:43:37 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.12.31 09:43:29 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010.12.31 09:43:29 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010.12.31 09:43:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.12.31 09:43:27 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.12.31 09:43:25 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.12.31 09:43:24 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.12.31 09:43:24 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.12.31 09:43:20 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.31 09:43:19 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010.12.31 09:43:11 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.31 09:43:10 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.31 09:43:09 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.31 09:43:09 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.31 09:43:09 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.31 09:43:09 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.31 09:43:08 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.31 09:43:08 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.31 09:43:08 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.31 09:43:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.31 09:43:07 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.31 09:43:07 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.31 09:43:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.31 09:43:07 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.30 19:14:51 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Macromedia
[2010.12.30 19:14:50 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Adobe
[2010.12.30 17:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2010.12.30 17:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2010.12.30 17:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010.12.30 17:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.12.30 17:39:18 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.12.30 17:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.12.30 17:35:33 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.12.30 17:34:59 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Microsoft Help
[2010.12.30 17:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2010.12.30 17:34:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2010.12.30 17:34:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010.12.30 17:28:41 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.12.30 17:18:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.12.30 17:12:01 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Dropbox
[2010.12.30 17:10:55 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2010.12.30 17:10:38 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Dropbox
[2010.12.30 17:08:30 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Canneverbe Limited
[2010.12.30 17:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2010.12.30 17:07:54 | 000,000,000 | ---D | C] -- C:\Programme\CDBurnerXP
[2010.12.30 17:02:57 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Skype
[2010.12.30 17:02:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.30 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Mozilla
[2010.12.30 17:01:17 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Mozilla
[2010.12.30 16:59:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2010.12.30 16:59:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.12.30 16:54:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2010.12.30 16:54:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2010.12.30 16:54:25 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2010.12.30 16:47:56 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.12.30 16:47:56 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.12.30 16:47:56 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.12.30 16:47:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.12.30 16:02:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ControlDeck
[2010.12.30 16:02:48 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2010.12.30 16:02:25 | 000,000,000 | ---D | C] -- C:\Programme\P4G
[2010.12.30 16:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2010.12.30 16:02:05 | 000,035,384 | ---- | C] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2010.12.30 16:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2010.12.30 16:00:54 | 000,000,000 | ---D | C] -- C:\Programme\ASUS
[2010.12.30 16:00:38 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2010.12.30 16:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2010.12.30 16:00:29 | 001,542,656 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2010.12.30 16:00:23 | 000,000,000 | ---D | C] -- C:\Programme\Elantech
[2010.12.30 16:00:22 | 004,649,472 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2010.12.30 16:00:22 | 000,117,760 | ---- | C] (ELAN Microelectronic Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2010.12.30 15:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2010.12.30 15:59:29 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys
[2010.12.30 15:59:17 | 000,019,008 | ---- | C] (Chicony (C) 2006 ATC) -- C:\Windows\DrvInst.exe
[2010.12.30 15:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2010.12.30 15:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2010.12.30 15:58:33 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\SRS Labs
[2010.12.30 15:58:27 | 000,000,000 | ---D | C] -- C:\Programme\SRS Labs
[2010.12.30 15:58:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs
[2010.12.30 15:58:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
[2010.12.30 15:58:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.12.30 15:58:17 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.12.30 15:57:56 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.12.30 15:57:54 | 000,477,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.12.30 15:57:54 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.12.30 15:57:53 | 001,631,264 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.12.30 15:57:52 | 001,814,560 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.12.30 15:57:52 | 001,206,304 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.12.30 15:57:52 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.12.30 15:57:51 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010.12.30 15:57:51 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010.12.30 15:57:51 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010.12.30 15:57:51 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010.12.30 15:57:50 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.12.30 15:57:50 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.12.30 15:57:50 | 000,068,640 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.12.30 15:57:42 | 000,328,608 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.12.30 15:57:37 | 000,168,864 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010.12.30 15:57:37 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010.12.30 15:57:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.12.30 15:57:30 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.12.30 15:57:28 | 001,247,776 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.12.30 15:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.12.30 15:57:14 | 000,067,072 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys
[2010.12.30 15:56:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2010.12.30 15:56:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.12.30 15:56:04 | 000,000,000 | ---D | C] -- C:\Programme\ATKGFNEX
[2010.12.30 15:56:02 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.12.30 15:55:49 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\InstallShield
[2010.12.30 15:55:41 | 000,015,416 | ---- | C] ( ) -- C:\Windows\SysNative\drivers\kbfiltr.sys
[2010.12.30 15:54:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2010.12.30 15:53:55 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Intel
[2010.12.30 15:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2010.12.30 15:53:38 | 000,244,736 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys
[2010.12.30 15:53:38 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll
[2010.12.30 15:53:20 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2010.12.30 15:53:20 | 008,129,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2010.12.30 15:53:20 | 008,034,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2010.12.30 15:53:20 | 006,060,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2010.12.30 15:53:20 | 005,968,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2010.12.30 15:53:20 | 005,517,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4dev64.dll
[2010.12.30 15:53:20 | 004,499,456 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2010.12.30 15:53:20 | 004,099,072 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
[2010.12.30 15:53:20 | 004,077,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4dev32.dll
[2010.12.30 15:53:20 | 003,896,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2010.12.30 15:53:20 | 003,126,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
[2010.12.30 15:53:20 | 000,550,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2010.12.30 15:53:20 | 000,510,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2010.12.30 15:53:20 | 000,410,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2010.12.30 15:53:20 | 000,390,680 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2010.12.30 15:53:20 | 000,377,856 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2010.12.30 15:53:20 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2010.12.30 15:53:20 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
[2010.12.30 15:53:20 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2010.12.30 15:53:20 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2010.12.30 15:53:20 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2010.12.30 15:53:20 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2010.12.30 15:53:20 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2010.12.30 15:53:20 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2010.12.30 15:53:20 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2010.12.30 15:53:20 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2010.12.30 15:53:20 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2010.12.30 15:53:20 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2010.12.30 15:53:20 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2010.12.30 15:53:20 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2010.12.30 15:53:20 | 000,268,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2010.12.30 15:53:20 | 000,248,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2010.12.30 15:53:20 | 000,226,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2010.12.30 15:53:20 | 000,222,744 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2010.12.30 15:53:20 | 000,166,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2010.12.30 15:53:20 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2010.12.30 15:53:20 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2010.12.30 15:53:20 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
[2010.12.30 15:53:20 | 000,108,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2010.12.30 15:53:20 | 000,091,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2021.dll
[2010.12.30 15:53:20 | 000,061,440 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2010.12.30 15:53:20 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\oemdspif.dll
[2010.12.30 15:53:20 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2010.12.30 15:53:20 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2010.12.30 15:48:33 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010.12.30 15:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.12.30 15:48:11 | 000,000,000 | ---D | C] -- C:\Intel
[2010.12.30 09:12:05 | 000,000,000 | R--D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2010.12.30 09:12:05 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Searches
[2010.12.30 09:12:05 | 000,000,000 | R--D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2010.12.30 09:11:55 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Identities
[2010.12.30 09:11:52 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Contacts
[2010.12.30 09:11:50 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\VirtualStore
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Vorlagen
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\AppData\Local\Verlauf
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\AppData\Local\Temporary Internet Files
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Startmenü
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\SendTo
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Recent
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Netzwerkumgebung
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Lokale Einstellungen
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Documents\Eigene Videos
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Documents\Eigene Musik
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Eigene Dateien
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Documents\Eigene Bilder
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Druckumgebung
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Cookies
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\AppData\Local\Anwendungsdaten
[2010.12.30 09:11:39 | 000,000,000 | -HSD | C] -- C:\Users\Panzon\Anwendungsdaten
[2010.12.30 09:11:38 | 000,000,000 | --SD | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Videos
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Saved Games
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Pictures
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Music
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Links
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Favorites
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Downloads
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Documents
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\Desktop
[2010.12.30 09:11:38 | 000,000,000 | R--D | C] -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2010.12.30 09:11:38 | 000,000,000 | -H-D | C] -- C:\Users\Panzon\AppData
[2010.12.30 09:11:38 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Temp
[2010.12.30 09:11:38 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Local\Microsoft
[2010.12.30 09:11:38 | 000,000,000 | ---D | C] -- C:\Users\Panzon\AppData\Roaming\Media Center Programs
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.12.30 09:11:30 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.12.30 09:07:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.12.30 09:04:44 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.12.30 09:04:18 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.12.30 09:03:51 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.12.30 09:03:37 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.12.16 23:58:14 | 000,040,816 | ---- | C] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.15 13:28:52 | 002,088,287 | ---- | M] () -- C:\Users\Panzon\Desktop\Fliessbilder.pdf
[2011.01.15 13:11:00 | 001,388,045 | ---- | M] () -- C:\Users\Panzon\Desktop\Fliesschema.pdf
[2011.01.15 12:18:54 | 001,909,958 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.15 12:18:54 | 000,853,662 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.01.15 12:18:54 | 000,789,692 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.01.15 12:18:54 | 000,202,478 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.01.15 12:18:54 | 000,167,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.01.15 12:18:07 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.15 12:18:07 | 000,014,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.15 12:16:59 | 001,990,968 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.01.15 12:09:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.15 12:09:32 | 3054,931,968 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.14 20:50:53 | 000,001,034 | ---- | M] () -- C:\Users\Panzon\Desktop\TeXnicCenter.lnk
[2011.01.14 12:22:00 | 000,001,804 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.01.14 11:35:09 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.14 09:19:34 | 000,001,166 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\SS97CGQA.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\QHY5KJOU.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\JIINX5BJ.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\GFCFINI9.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\25NRSXVO.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\GEGORHKR.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ACB3FOAJ.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\7HFJG8RT.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\573GYM3M.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\4CKWK4F4.ocx
[2011.01.13 07:10:11 | 004,974,744 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.01.12 22:28:02 | 000,001,075 | ---- | M] () -- C:\Users\Panzon\Desktop\Adobe Photoshop CS5 (64 Bit).lnk
[2011.01.12 20:50:03 | 000,002,034 | ---- | M] () -- C:\Users\Public\Desktop\AutoCAD 2011 - Deutsch.lnk
[2011.01.12 20:30:49 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.01.12 20:30:44 | 000,001,950 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.01.12 17:47:10 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.01.09 15:58:00 | 000,001,868 | ---- | M] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2011.01.09 14:59:33 | 000,000,125 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.01.09 12:50:08 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2011.01.09 12:32:05 | 000,001,199 | ---- | M] () -- C:\Users\Public\Desktop\CloneDVD2.lnk
[2011.01.07 15:25:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.03 22:11:05 | 000,199,904 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2011.01.03 22:11:01 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2011.01.03 22:11:01 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2011.01.03 22:10:59 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2011.01.03 22:10:57 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2011.01.03 22:10:57 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2011.01.02 17:45:24 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011.01.02 14:42:12 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.12.31 14:20:20 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.12.31 10:51:59 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.12.30 17:11:04 | 000,001,021 | ---- | M] () -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2010.12.30 17:07:58 | 000,001,742 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2010.12.30 16:59:55 | 000,001,939 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.30 16:55:47 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2010.12.30 16:54:54 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2010.12.30 16:24:40 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_U30Jc.alu
[2010.12.30 16:02:05 | 000,035,384 | ---- | M] (ASUSTek Computer Inc) -- C:\Windows\SysNative\drivers\AsDsm.sys
[2010.12.30 16:00:38 | 000,002,617 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2010.12.30 15:58:27 | 000,002,855 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
[2010.12.30 15:55:11 | 000,015,930 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2010.12.30 09:07:53 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.12.30 09:07:53 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.12.30 09:03:39 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys
 
========== Files Created - No Company Name ==========
 
[2011.01.15 13:28:52 | 002,088,287 | ---- | C] () -- C:\Users\Panzon\Desktop\Fliessbilder.pdf
[2011.01.15 13:11:00 | 001,388,045 | ---- | C] () -- C:\Users\Panzon\Desktop\Fliesschema.pdf
[2011.01.14 20:50:53 | 000,001,034 | ---- | C] () -- C:\Users\Panzon\Desktop\TeXnicCenter.lnk
[2011.01.14 11:35:09 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.13 22:08:05 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\SS97CGQA.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\QHY5KJOU.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\JIINX5BJ.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\GFCFINI9.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\25NRSXVO.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\GEGORHKR.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\ACB3FOAJ.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\7HFJG8RT.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\573GYM3M.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | C] () -- C:\Windows\SysWow64\4CKWK4F4.ocx
[2011.01.12 22:37:25 | 000,001,075 | ---- | C] () -- C:\Users\Panzon\Desktop\Adobe Photoshop CS5 (64 Bit).lnk
[2011.01.12 20:50:03 | 000,002,034 | ---- | C] () -- C:\Users\Public\Desktop\AutoCAD 2011 - Deutsch.lnk
[2011.01.12 20:30:44 | 000,001,950 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011.01.12 17:47:10 | 000,002,005 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2011.01.09 15:58:00 | 000,001,868 | ---- | C] () -- C:\Users\Public\Desktop\PDF24 Editor.lnk
[2011.01.09 12:50:08 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\AnyDVD.lnk
[2011.01.09 12:32:29 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.01.09 12:32:05 | 000,001,199 | ---- | C] () -- C:\Users\Public\Desktop\CloneDVD2.lnk
[2011.01.07 15:25:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.01.02 17:45:24 | 000,001,288 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011.01.02 14:42:12 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.12.31 14:20:20 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.31 10:51:59 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.12.30 17:11:04 | 000,001,021 | ---- | C] () -- C:\Users\Panzon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2010.12.30 17:07:58 | 000,001,742 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2010.12.30 16:59:55 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.30 16:54:54 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2010.12.30 16:54:40 | 001,909,958 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.12.30 16:24:40 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_U30Jc.alu
[2010.12.30 16:02:48 | 000,001,804 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010.12.30 16:02:48 | 000,001,166 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010.12.30 16:02:48 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2010.12.30 16:02:48 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2010.12.30 16:02:48 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2010.12.30 16:02:48 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2010.12.30 16:01:24 | 000,017,542 | ---- | C] () -- C:\Programme\Common Files\Net4Switch.ico
[2010.12.30 16:01:24 | 000,017,542 | ---- | C] () -- C:\Program Files (x86)\Common Files\Net4Switch.ico
[2010.12.30 16:00:38 | 000,002,617 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2010.12.30 15:59:17 | 001,806,400 | ---- | C] () -- C:\Windows\SysNative\drivers\snp2uvc.sys
[2010.12.30 15:59:17 | 000,042,176 | ---- | C] () -- C:\Windows\SysNative\drivers\sncduvc.sys
[2010.12.30 15:59:17 | 000,002,694 | ---- | C] () -- C:\Windows\Uninstvga.bat
[2010.12.30 15:59:17 | 000,002,008 | ---- | C] () -- C:\Windows\Uninstsxga.bat
[2010.12.30 15:59:17 | 000,001,682 | ---- | C] () -- C:\Windows\Uninstuxga.bat
[2010.12.30 15:59:17 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstuxga.reg
[2010.12.30 15:59:17 | 000,000,386 | ---- | C] () -- C:\Windows\Uninstsxga.reg
[2010.12.30 15:59:17 | 000,000,384 | ---- | C] () -- C:\Windows\Uninstvga.reg
[2010.12.30 15:58:39 | 000,000,328 | ---- | C] () -- C:\Uninst_1.5.17.iss
[2010.12.30 15:58:39 | 000,000,328 | ---- | C] () -- C:\Uninst_1.3.17.iss
[2010.12.30 15:58:39 | 000,000,328 | ---- | C] () -- C:\Uninst_1.2.17.iss
[2010.12.30 15:58:39 | 000,000,320 | ---- | C] () -- C:\OldUtilityUninst.iss
[2010.12.30 15:58:39 | 000,000,306 | ---- | C] () -- C:\Uninst_1.1.17.iss
[2010.12.30 15:58:27 | 000,002,855 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
[2010.12.30 15:58:10 | 000,000,520 | R--- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2010.12.30 15:55:11 | 000,015,930 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2010.12.30 15:53:20 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2010.12.30 15:53:20 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.12.30 15:53:20 | 000,870,544 | ---- | C] () -- C:\Windows\SysNative\igkrng575.bin
[2010.12.30 15:53:20 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.12.30 15:53:20 | 000,205,824 | ---- | C] () -- C:\Windows\SysNative\iglhsip64.dll
[2010.12.30 15:53:20 | 000,187,765 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2010.12.30 15:53:20 | 000,187,392 | ---- | C] () -- C:\Windows\SysNative\iglhcp64.dll
[2010.12.30 15:53:20 | 000,176,490 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2010.12.30 15:53:20 | 000,163,560 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2010.12.30 15:53:20 | 000,152,600 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2010.12.30 15:53:20 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.12.30 15:53:20 | 000,138,088 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2010.12.30 15:53:20 | 000,134,602 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2010.12.30 15:53:20 | 000,131,904 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2010.12.30 15:53:20 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.12.30 15:53:20 | 000,127,896 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin
[2010.12.30 15:53:20 | 000,123,747 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2010.12.30 15:53:20 | 000,121,451 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2010.12.30 15:53:20 | 000,121,132 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2010.12.30 15:53:20 | 000,120,882 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2010.12.30 15:53:20 | 000,119,326 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2010.12.30 15:53:20 | 000,118,949 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2010.12.30 15:53:20 | 000,118,569 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2010.12.30 15:53:20 | 000,117,762 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2010.12.30 15:53:20 | 000,117,737 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2010.12.30 15:53:20 | 000,117,527 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2010.12.30 15:53:20 | 000,117,229 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2010.12.30 15:53:20 | 000,116,944 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2010.12.30 15:53:20 | 000,116,868 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2010.12.30 15:53:20 | 000,116,629 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2010.12.30 15:53:20 | 000,116,230 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2010.12.30 15:53:20 | 000,113,040 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2010.12.30 15:53:20 | 000,112,529 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2010.12.30 15:53:20 | 000,112,445 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2010.12.30 15:53:20 | 000,108,405 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2010.12.30 15:53:20 | 000,102,229 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2010.12.30 15:53:20 | 000,101,113 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2010.12.30 15:53:20 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2010.12.30 15:53:20 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2010.12.30 15:53:20 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2010.12.30 15:53:20 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.12.30 15:53:20 | 000,051,068 | ---- | C] () -- C:\Windows\SysNative\igfcg575m.bin
[2010.12.30 15:53:20 | 000,005,900 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2010.12.30 15:53:20 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2010.12.30 09:04:18 | 3054,931,968 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.30 09:03:39 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.12.30 09:03:37 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2001.05.05 17:54:34 | 000,012,288 | ---- | C] () -- C:\Windows\SysWow64\WF2006EventLogMessages.dll
 
========== LOP Check ==========
 
[2011.01.12 22:40:12 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Autodesk
[2010.12.30 17:08:30 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Canneverbe Limited
[2011.01.12 22:31:01 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.01.12 20:31:55 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\DAEMON Tools Lite
[2011.01.10 15:47:40 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Downloaded Installations
[2011.01.15 12:11:27 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Dropbox
[2011.01.14 18:31:44 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\IcoFX
[2011.01.10 21:07:36 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Local
[2011.01.10 15:50:52 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Nitro PDF
[2011.01.12 17:47:13 | 000,000,000 | ---D | M] -- C:\Users\Panzon\AppData\Roaming\Thunderbird
[2009.07.14 06:08:49 | 000,010,962 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

stumpi_8 · 15.01.2011, 15:55

das ganze lies sich leider nicht "am Stück" posten, deshalb hats auch etwas länger gedauert...

rea · 15.01.2011, 21:13

Macht ja nichts

Deine Logs sehen ganz gut aus, bei ein paar Dateien bin ich mir aber nicht ganz sicher:

Code:

ATTFilter

[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\SS97CGQA.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\QHY5KJOU.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\JIINX5BJ.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\GFCFINI9.ocx
[2011.01.13 22:08:05 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\25NRSXVO.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\GEGORHKR.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\ACB3FOAJ.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\7HFJG8RT.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\573GYM3M.ocx
[2011.01.13 22:08:04 | 000,003,120 | ---- | M] () -- C:\Windows\SysWow64\4CKWK4F4.ocx

Weißt du, wozu die gehören? Ansonsten lad doch mal drei davon zur Überprüfung bei Virustotal hoch.

1.) Dateiüberprüfung auf Virustotal
Besuche Virustotal
Suche dort nacheinander drei der folgenden Dateien und lade sie über den Button "Send file" hoch.

Code:

ATTFilter

C:\Windows\SysWow64\SS97CGQA.ocx
C:\Windows\SysWow64\QHY5KJOU.ocx
C:\Windows\SysWow64\JIINX5BJ.ocx
C:\Windows\SysWow64\GFCFINI9.ocx
C:\Windows\SysWow64\25NRSXVO.ocx
C:\Windows\SysWow64\GEGORHKR.ocx
C:\Windows\SysWow64\ACB3FOAJ.ocx
C:\Windows\SysWow64\7HFJG8RT.ocx
C:\Windows\SysWow64\573GYM3M.ocx
C:\Windows\SysWow64\4CKWK4F4.ocx

Die Überprüfung kann jeweils einige Minuten dauern. Wenn die Datei bereits von anderen Usern geprüft wurde, lasse sie erneut prüfen. Poste mir die Ergebnisse mit Kopf und allem in Codetags hier in den Thread.
Wenn eine Datei nicht zu finden ist, sag mir bitte Bescheid.

2.) Fixen mit OTL

Was ist dein Laufwerk F:/ ? Stöpsel das mal bitte ab vor dem Fix.

Starte bitte die OTL.exe.
Vista-&Win7-User mit Rechtsklick "als Administrator starten"

Kopiere nun den Inhalt der folgenden Codebox in die Benutzerdefinierte Scans/Fixes - Textbox.

Code:

ATTFilter

:OTL
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\Shell - "" = AutoRun
O33 - MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\Shell\AutoRun\command - "" = F:\Set-up.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
:Commands
[PURITY]
[EMPTYTEMP]
[CREATERESTOREPOINT]

Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
Klick auf OK.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.

3.) Malwarebytes Antimalware

Anwendbar auf Windows 2000, XP, Vista und Win7.
Denke daran, bei Vista & Win 7 das Programm als Admin zu starten, ansonsten per Doppelklick starten.
Lasse es online updaten (Reiter Aktualisierung), wenn das nicht automatisch passiert.
Aktiviere "Vollständigen Suchlauf durchführen" => Scan.
Wähle alle verfügbaren Laufwerke aus und starte den Scan.
Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
Versichere Dich, dass alle Funde markiert sind.
Achtung: Bitte alle Funde, die im Ordner "C:\System Volume Information" gemacht werden sollten, vorerst noch nicht markieren, sie sollen noch bestehen bleiben und können nichts anrichten.
Drücke auf "Löschen"
Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Scan-Berichte" finden.
Berichte, wie der Rechner nun läuft.

stumpi_8 · 16.01.2011, 12:51

Code:

ATTFilter

File name:
SS97CGQA.ocx
Submission date:
2011-01-16 11:48:38 (UTC)
Current status:
queued (#20) queued (#11) analysing finished
Result:
0/ 43 (0.0%)
	
VT Community

not reviewed
 Safety score: - 
Compact
Print results
Antivirus 	Version 	Last Update 	Result
AhnLab-V3	2011.01.15.01	2011.01.15	-
AntiVir	7.11.1.145	2011.01.15	-
Antiy-AVL	2.0.3.7	2011.01.16	-
Avast	4.8.1351.0	2011.01.15	-
Avast5	5.0.677.0	2011.01.15	-
AVG	10.0.0.1190	2011.01.16	-
BitDefender	7.2	2011.01.16	-
CAT-QuickHeal	11.00	2011.01.15	-
ClamAV	0.96.4.0	2011.01.16	-
Command	5.2.11.5	2011.01.15	-
Comodo	7403	2011.01.15	-
DrWeb	5.0.2.03300	2011.01.16	-
Emsisoft	5.1.0.1	2011.01.15	-
eSafe	7.0.17.0	2011.01.13	-
eTrust-Vet	36.1.8100	2011.01.14	-
F-Prot	4.6.2.117	2011.01.15	-
F-Secure	9.0.16160.0	2011.01.16	-
Fortinet	4.2.254.0	2011.01.16	-
GData	21	2011.01.16	-
Ikarus	T3.1.1.97.0	2011.01.16	-
Jiangmin	13.0.900	2011.01.16	-
K7AntiVirus	9.75.3548	2011.01.14	-
Kaspersky	7.0.0.125	2011.01.16	-
McAfee	5.400.0.1158	2011.01.16	-
McAfee-GW-Edition	2010.1C	2011.01.16	-
Microsoft	1.6402	2011.01.16	-
NOD32	5791	2011.01.16	-
Norman	6.06.12	2011.01.15	-
nProtect	2011-01-16.01	2011.01.16	-
Panda	10.0.2.7	2011.01.16	-
PCTools	7.0.3.5	2011.01.16	-
Prevx	3.0	2011.01.16	-
Rising	22.82.05.00	2011.01.15	-
Sophos	4.61.0	2011.01.16	-
SUPERAntiSpyware	4.40.0.1006	2011.01.16	-
Symantec	20101.3.0.103	2011.01.16	-
TheHacker	6.7.0.1.115	2011.01.14	-
TrendMicro	9.120.0.1004	2011.01.16	-
TrendMicro-HouseCall	9.120.0.1004	2011.01.16	-
VBA32	3.12.14.2	2011.01.14	-
VIPRE	8086	2011.01.16	-
ViRobot	2011.1.15.4256	2011.01.16	-
VirusBuster	13.6.148.0	2011.01.15	-

stumpi_8 · 16.01.2011, 12:56

Code:

ATTFilter

File name:
QHY5KJOU.ocx
Submission date:
2011-01-16 11:53:17 (UTC)
Current status:
queued (#9) queued analysing finished
Result:
0/ 42 (0.0%)
 
VT Community
 
not reviewed
 Safety score: - 
Compact
Print results
Antivirus     Version     Last Update     Result
AhnLab-V3    2011.01.15.01    2011.01.15    -
AntiVir    7.11.1.145    2011.01.15    -
Antiy-AVL    2.0.3.7    2011.01.16    -
Avast    4.8.1351.0    2011.01.15    -
Avast5    5.0.677.0    2011.01.15    -
BitDefender    7.2    2011.01.16    -
CAT-QuickHeal    11.00    2011.01.15    -
ClamAV    0.96.4.0    2011.01.16    -
Command    5.2.11.5    2011.01.15    -
Comodo    7403    2011.01.15    -
DrWeb    5.0.2.03300    2011.01.16    -
Emsisoft    5.1.0.1    2011.01.15    -
eSafe    7.0.17.0    2011.01.13    -
eTrust-Vet    36.1.8100    2011.01.14    -
F-Prot    4.6.2.117    2011.01.15    -
F-Secure    9.0.16160.0    2011.01.16    -
Fortinet    4.2.254.0    2011.01.16    -
GData    21    2011.01.16    -
Ikarus    T3.1.1.97.0    2011.01.16    -
Jiangmin    13.0.900    2011.01.16    -
K7AntiVirus    9.75.3548    2011.01.14    -
Kaspersky    7.0.0.125    2011.01.16    -
McAfee    5.400.0.1158    2011.01.16    -
McAfee-GW-Edition    2010.1C    2011.01.16    -
Microsoft    1.6402    2011.01.16    -
NOD32    5791    2011.01.16    -
Norman    6.06.12    2011.01.15    -
nProtect    2011-01-16.01    2011.01.16    -
Panda    10.0.2.7    2011.01.16    -
PCTools    7.0.3.5    2011.01.16    -
Prevx    3.0    2011.01.16    -
Rising    22.82.05.00    2011.01.15    -
Sophos    4.61.0    2011.01.16    -
SUPERAntiSpyware    4.40.0.1006    2011.01.16    -
Symantec    20101.3.0.103    2011.01.16    -
TheHacker    6.7.0.1.115    2011.01.14    -
TrendMicro    9.120.0.1004    2011.01.16    -
TrendMicro-HouseCall    9.120.0.1004    2011.01.16    -
VBA32    3.12.14.2    2011.01.14    -
VIPRE    8086    2011.01.16    -
ViRobot    2011.1.15.4256    2011.01.16    -
VirusBuster    13.6.148.0    2011.01.15    -

Code:

ATTFilter

File name:
JIINX5BJ.ocx
Submission date:
2011-01-16 11:57:12 (UTC)
Current status:
queued (#6) queued (#6) analysing finished
Result:
0/ 43 (0.0%)
 
VT Community
 
not reviewed
 Safety score: - 
Compact
Print results
Antivirus     Version     Last Update     Result
AhnLab-V3    2011.01.15.01    2011.01.15    -
AntiVir    7.11.1.145    2011.01.15    -
Antiy-AVL    2.0.3.7    2011.01.16    -
Avast    4.8.1351.0    2011.01.15    -
Avast5    5.0.677.0    2011.01.15    -
AVG    10.0.0.1190    2011.01.16    -
BitDefender    7.2    2011.01.16    -
CAT-QuickHeal    11.00    2011.01.15    -
ClamAV    0.96.4.0    2011.01.16    -
Command    5.2.11.5    2011.01.15    -
Comodo    7403    2011.01.15    -
DrWeb    5.0.2.03300    2011.01.16    -
Emsisoft    5.1.0.1    2011.01.15    -
eSafe    7.0.17.0    2011.01.13    -
eTrust-Vet    36.1.8100    2011.01.14    -
F-Prot    4.6.2.117    2011.01.15    -
F-Secure    9.0.16160.0    2011.01.16    -
Fortinet    4.2.254.0    2011.01.16    -
GData    21    2011.01.16    -
Ikarus    T3.1.1.97.0    2011.01.16    -
Jiangmin    13.0.900    2011.01.16    -
K7AntiVirus    9.75.3548    2011.01.14    -
Kaspersky    7.0.0.125    2011.01.16    -
McAfee    5.400.0.1158    2011.01.16    -
McAfee-GW-Edition    2010.1C    2011.01.16    -
Microsoft    1.6402    2011.01.16    -
NOD32    5791    2011.01.16    -
Norman    6.06.12    2011.01.15    -
nProtect    2011-01-16.01    2011.01.16    -
Panda    10.0.2.7    2011.01.16    -
PCTools    7.0.3.5    2011.01.16    -
Prevx    3.0    2011.01.16    -
Rising    22.82.05.00    2011.01.15    -
Sophos    4.61.0    2011.01.16    -
SUPERAntiSpyware    4.40.0.1006    2011.01.16    -
Symantec    20101.3.0.103    2011.01.16    -
TheHacker    6.7.0.1.115    2011.01.14    -
TrendMicro    9.120.0.1004    2011.01.16    -
TrendMicro-HouseCall    9.120.0.1004    2011.01.16    -
VBA32    3.12.14.2    2011.01.14    -
VIPRE    8086    2011.01.16    -
ViRobot    2011.1.15.4256    2011.01.16    -
VirusBuster    13.6.148.0    2011.01.15    -

So das waren die 3 Antworten von Virustotal, sieht doch gut aus oder?

Code:

ATTFilter

All processes killed
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a1c09cc2-1e81-11e0-a974-485b396a6d3e}\ not found.
File F:\Set-up.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Panzon
->Temp folder emptied: 147482869 bytes
->Temporary Internet Files folder emptied: 77754032 bytes
->FireFox cache emptied: 105773618 bytes
->Flash cache emptied: 9295 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 30894477 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 267690 bytes
 
Total Files Cleaned = 346,00 mb
 
Restore point Set: OTL Restore Point
 
OTL by OldTimer - Version 3.2.20.2 log created on 01162011_130610
 
Files\Folders moved on Reboot...
C:\Users\Panzon\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.
 
Registry entries deleted on Reboot...

stumpi_8 · 16.01.2011, 14:07

Code:

ATTFilter

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5531

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

16.01.2011 14:04:38
mbam-log-2011-01-16 (14-04-38).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 354464
Laufzeit: 45 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

rea · 16.01.2011, 14:09

Ja sieht gut aus. Da Malwarebytes auch nichts mehr gefunden hat, würd ich sagen, deine Aktion war erfolgreich

stumpi_8 · 16.01.2011, 14:50

SUPER!!!
Vielen Herzlichen Dank für deine schnelle und kompetente Hilfe!!!
Gruß Stumpi

rea · 16.01.2011, 15:01

Stopp, hab fast den Abschluss vergessen

1.) Fixen mit OTL

Starte bitte die OTL.exe.
Vista-&Win7-User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt der folgenden Codebox in die Benutzerdefinierte Scans/Fixes - Textbox.
Code:
ATTFilter
```
:Commands
[CLEARALLRESTOREPOINTS]
         
```
Schliesse bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
Klick auf OK.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Das Log brauchst du mir diesmal nicht posten

2.) Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Doppelklick auf OTL.exe um das Programm auszuführen.
Klicke auf den Button "CleanUp!"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Und für die Zukunft: Sicherheit im Internet

Adios und bitteschön!

15.01.2011, 15:28	#4
rea /// Helfer-Team	Internet Explorer öffnet sich automatisch Wiederherstellungspunkt Okay, dann fehlt noch das zweite OTL-Logfile, die Otl.txt __________________ mfg, rea Auch du brauchst Hilfe bei einem Malwareproblem? TB-Spendenkonto Hier könnte ein schlauer Spruch stehen. Naja .... könnte!

16.01.2011, 14:09	#12
rea /// Helfer-Team	Internet Explorer öffnet sich automatisch Wiederherstellungspunkt Ja sieht gut aus. Da Malwarebytes auch nichts mehr gefunden hat, würd ich sagen, deine Aktion war erfolgreich __________________ mfg, rea Auch du brauchst Hilfe bei einem Malwareproblem? TB-Spendenkonto Hier könnte ein schlauer Spruch stehen. Naja .... könnte!

Internet Explorer öffnet sich automatisch Wiederherstellungspunkt

Log-Analyse und Auswertung: Internet Explorer öffnet sich automatisch Wiederherstellungspunkt