| |
| |||||||
Log-Analyse und Auswertung: Auswertung PC und LaptopWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.02.2011, 14:21
| #1 |
 |  Auswertung PC und Laptop Hallo, ich wollte einfach mal abchecken ob bei meinen zwei Geräten alles okay ist. Ich poste in der folgenden Reihenfolge: Anti-malewarebytes OTL (quickscann - falls normaler scann benötigt habe ich auch noch) Hijackthis Zuerst kommt mein PC --------------------- Anti-Malewarebytes Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5799
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
18.02.2011 18:31:16
mbam-log-2011-02-18 (18-31-16).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|)
Durchsuchte Objekte: 251662
Laufzeit: 13 Minute(n), 3 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL Logfile: Code:
ATTFilter OTL logfile created on: 18.02.2011 18:43:53 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Philipp\Desktop\SchnickSchnack 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 69,00% Memory free 12,00 Gb Paging File | 10,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 922,79 Gb Total Space | 823,27 Gb Free Space | 89,22% Space Free | Partition Type: NTFS Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe PRC - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.09.01 05:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe PRC - [2010.04.07 15:59:42 | 000,013,624 | ---- | M] (Alienware) -- C:\Programme\Alienware\Command Center\AlienFXHook32Mngr.exe PRC - [2010.04.07 15:59:20 | 000,061,256 | ---- | M] (Alienware Corporation) -- C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe ========== Modules (SafeList) ========== MOD - [2011.02.18 18:10:58 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.05 03:57:44 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.04.07 16:04:18 | 000,014,648 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService) SRV - [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA) SRV - [2011.02.05 23:55:12 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.03 15:56:06 | 000,092,160 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.02.07 16:23:26 | 000,019,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys -- (AWOPFilterDriver) DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2011.01.05 04:37:14 | 008,283,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.01.05 03:19:38 | 000,294,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.12.14 18:51:20 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010.11.17 13:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid) DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum) DRV:64bit: - [2009.08.25 14:42:22 | 000,112,240 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.07 00:36:46 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 46 CD 93 63 84 C5 CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.06 00:00:47 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.06 00:00:47 | 000,000,000 | ---D | M] [2011.02.05 23:48:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions [2011.02.18 15:32:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions [2011.02.15 18:31:13 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011.02.05 23:53:48 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\ozoss7bt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.02.05 23:55:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.02.05 23:55:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.05 23:55:10 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programme\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [Skytel] File not found O4:64bit: - HKLM..\Run: [Thermal Controller] C:\Program Files\Alienware\Command Center\ThermalController.exe (Alienware Corp.) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4407195f-3171-11e0-8ac6-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.18 18:21:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung PC [2011.02.11 19:44:41 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys [2011.02.10 17:57:52 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\2K Games [2011.02.10 17:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2011.02.07 23:02:46 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents\Scanned Documents [2011.02.07 23:02:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\Fax [2011.02.07 16:24:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware [2011.02.06 20:00:04 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2011.02.06 16:18:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft [2011.02.06 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment [2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Programme\World of Warcraft [2011.02.06 15:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2011.02.06 15:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard [2011.02.06 12:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2011.02.06 12:21:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech [2011.02.06 12:21:11 | 000,000,000 | ---D | C] -- C:\Programme\Logitech [2011.02.06 12:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2011.02.06 12:19:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\PunkBuster [2011.02.06 12:19:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\BFBC2 [2011.02.06 07:44:00 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2011.02.06 07:43:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\OEM [2011.02.06 07:43:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\OEM [2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia [2011.02.06 02:23:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe [2011.02.06 02:19:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2011.02.06 01:41:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Activision [2011.02.06 01:13:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\AlienFX [2011.02.06 01:12:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Alienware [2011.02.06 01:09:49 | 000,000,000 | ---D | C] -- C:\Programme\Alienware [2011.02.06 00:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.02.06 00:45:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\TS3Client [2011.02.06 00:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client [2011.02.06 00:39:12 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client [2011.02.06 00:34:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes [2011.02.06 00:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.06 00:34:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.02.06 00:34:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.02.06 00:34:43 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.02.06 00:34:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.02.06 00:29:33 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2011.02.06 00:02:01 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer [2011.02.06 00:02:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer [2011.02.06 00:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.02.06 00:01:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.02.06 00:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.02.06 00:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.02.06 00:00:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.02.06 00:00:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple [2011.02.06 00:00:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.02.06 00:00:29 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.02.06 00:00:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.02.06 00:00:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.02.05 23:57:42 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Logitech [2011.02.05 23:55:56 | 000,000,000 | ---D | C] -- C:\Programme\Java [2011.02.05 23:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.02.05 23:55:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.02.05 23:55:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.02.05 23:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.02.05 23:54:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011.02.05 23:50:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira [2011.02.05 23:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.02.05 23:50:01 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.02.05 23:50:01 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.02.05 23:50:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.02.05 23:49:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack [2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla [2011.02.05 23:48:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla [2011.02.05 23:48:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.02.05 23:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI [2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI [2011.02.05 23:44:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies [2011.02.05 23:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2011.02.05 23:41:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ATI Stream SDK v2 [2011.02.05 23:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Stream [2011.02.05 23:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI [2011.02.05 23:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.02.05 23:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.02.05 23:40:42 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2011.02.05 23:40:39 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2011.02.05 23:40:08 | 000,000,000 | ---D | C] -- C:\ATI [2011.02.05 23:39:54 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2011.02.05 23:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2011.02.05 23:28:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broadcom [2011.02.05 23:28:22 | 000,000,000 | ---D | C] -- C:\Programme\Broadcom [2011.02.05 23:27:36 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2011.02.05 23:27:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Downloaded Installations [2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\RaidTool [2011.02.05 23:27:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMicron Technology Corp [2011.02.05 23:26:58 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool [2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.02.05 23:23:42 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2011.02.05 23:23:27 | 000,513,536 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.02.05 23:23:27 | 000,150,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.02.05 23:23:26 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.02.05 23:23:26 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2011.02.05 23:23:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2011.02.05 23:23:24 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.02.05 23:23:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches [2011.02.05 23:19:09 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.02.05 23:18:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities [2011.02.05 23:18:49 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts [2011.02.05 23:18:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten [2011.02.05 23:18:28 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten [2011.02.05 23:18:27 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop [2011.02.05 23:18:27 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.02.05 23:18:27 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData [2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp [2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft [2011.02.05 23:18:27 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.02.05 23:13:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.02.05 22:50:34 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.02.05 22:46:37 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch ========== Files - Modified Within 30 Days ========== [2011.02.18 18:19:02 | 001,613,000 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.02.18 18:19:02 | 000,696,752 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.02.18 18:19:02 | 000,652,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.02.18 18:19:02 | 000,148,048 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.02.18 18:19:02 | 000,121,002 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.18 17:11:21 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.18 17:03:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.18 17:03:37 | 529,731,583 | -HS- | M] () -- C:\hiberfil.sys [2011.02.10 15:21:42 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.02.09 17:48:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.02.07 16:26:28 | 000,001,843 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk [2011.02.07 16:26:06 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf [2011.02.07 16:23:26 | 000,019,464 | ---- | M] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys [2011.02.06 19:43:32 | 008,690,712 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011.02.06 12:19:22 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.02.06 12:18:29 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.02.06 12:18:29 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.02.06 00:39:15 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2011.02.06 00:01:58 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.05 23:58:44 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2011.02.05 23:57:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2011.02.05 23:57:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2011.02.05 23:49:19 | 000,001,031 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk [2011.02.05 23:48:09 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.05 23:44:53 | 000,012,526 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk [2011.02.05 23:42:56 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011.02.05 23:23:54 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc [2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.02.05 23:17:08 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.02.05 22:54:28 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.29 16:51:24 | 000,000,171 | ---- | M] () -- C:\WJYJUIF7.dat ========== Files Created - No Company Name ========== [2011.02.09 17:48:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2011.02.07 16:26:28 | 000,001,843 | ---- | C] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk [2011.02.07 16:26:06 | 000,019,464 | ---- | C] () -- C:\Windows\SysNative\drivers\AWOPFilterDriver.sys [2011.02.07 16:26:06 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AWOPFilterDriver_01007.Wdf [2011.02.06 12:19:22 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2011.02.06 12:18:30 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2011.02.06 12:18:29 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe [2011.02.06 12:18:29 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2011.02.06 01:02:45 | 008,690,712 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.02.06 00:39:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk [2011.02.06 00:01:58 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.06 00:00:35 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.02.05 23:57:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf [2011.02.05 23:57:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf [2011.02.05 23:54:36 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2011.02.05 23:49:19 | 000,001,031 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp - Verknüpfung.lnk [2011.02.05 23:48:09 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.05 23:44:53 | 000,012,526 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk [2011.02.05 23:42:56 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.02.05 23:23:54 | 000,188,416 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL [2011.02.05 23:23:54 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2011.02.05 23:23:54 | 000,088,064 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL [2011.02.05 23:23:54 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL [2011.02.05 23:23:54 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc [2011.02.05 23:19:20 | 000,001,411 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.02.05 23:19:12 | 000,001,445 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.02.05 22:57:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011.02.05 22:57:03 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011.02.05 22:54:28 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2011.01.29 16:51:24 | 000,000,171 | ---- | C] () -- C:\WJYJUIF7.dat [2010.04.07 15:58:22 | 000,097,584 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2011.02.06 14:48:06 | 000,000,000 | ---D | M] -- C:\Users\Philipp\AppData\Roaming\TS3Client [2009.07.14 06:08:49 | 000,012,474 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Hijackthis: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:50:04, on 18.02.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files\Alienware\Command Center\AlienFXHook32Mngr.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6469 bytes Hier mein Laptop: Anti-Malewarebyts Code:
ATTFilter Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 5799
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
18.02.2011 18:38:30
mbam-log-2011-02-18 (18-38-30).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 247251
Laufzeit: 17 Minute(n), 7 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
OTL Logfile: Code:
ATTFilter OTL logfile created on: 18.02.2011 18:42:57 - Run 2 OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Philipp\Desktop\SchnickSchnack 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 67,00% Memory free 8,00 Gb Paging File | 6,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 225,80 Gb Total Space | 194,95 Gb Free Space | 86,34% Space Free | Partition Type: NTFS Drive D: | 226,19 Gb Total Space | 226,09 Gb Free Space | 99,96% Space Free | Partition Type: NTFS Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe PRC - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2011.01.10 14:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.04.08 21:18:40 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe PRC - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe PRC - [2010.04.08 21:18:40 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2010.03.09 00:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe PRC - [2010.02.01 19:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2009.12.25 02:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2009.12.25 02:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe ========== Modules (SafeList) ========== MOD - [2011.02.18 18:10:56 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\SchnickSchnack\OTL.exe MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.03.29 17:41:36 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2011.02.09 19:07:15 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.10 14:23:04 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2011.01.10 14:22:55 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2011.01.05 11:59:50 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.04.23 10:46:22 | 000,867,360 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.04.08 21:18:40 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService) SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2010.02.01 19:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.11.06 01:51:20 | 000,144,640 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc) SRV - [2009.11.06 01:50:50 | 000,050,432 | ---- | M] (NewTech InfoSystems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.01.10 14:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2011.01.10 14:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2010.04.02 01:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2010.03.29 17:51:38 | 006,405,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.03.29 16:46:28 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.03.09 15:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010.03.06 18:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010.03.02 23:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.02.16 04:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.02.09 06:57:22 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.01.14 23:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.01.14 23:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009.10.22 05:55:06 | 000,272,432 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.10.16 11:32:22 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:64bit: - [2009.08.24 02:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.20 03:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) DRV:64bit: - [2009.06.10 21:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs) DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.02.09 19:18:55 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.02.09 19:18:55 | 000,000,000 | ---D | M] [2011.02.09 18:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Extensions [2011.02.17 22:01:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions [2011.02.17 06:59:46 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011.02.09 18:55:43 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Philipp\AppData\Roaming\mozilla\Firefox\Profiles\nmen04xg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.02.09 19:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2011.02.09 19:03:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011.02.09 19:03:26 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.02.18 18:20:17 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Auswertung Laptop [2011.02.18 18:11:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Diagnostics [2011.02.13 19:20:10 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Malwarebytes [2011.02.13 19:20:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2011.02.13 19:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.02.13 19:20:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.02.13 19:20:03 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2011.02.13 19:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011.02.11 17:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2011.02.11 17:26:57 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2011.02.11 17:26:55 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Skype [2011.02.11 17:26:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2011.02.11 17:01:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2011.02.09 19:19:51 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple Computer [2011.02.09 19:19:50 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Apple Computer [2011.02.09 19:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2011.02.09 19:19:25 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2011.02.09 19:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} [2011.02.09 19:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2011.02.09 19:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2011.02.09 19:18:32 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Apple [2011.02.09 19:18:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple [2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour [2011.02.09 19:18:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2011.02.09 19:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2011.02.09 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2011.02.09 19:04:04 | 000,000,000 | ---D | C] -- C:\Programme\Java [2011.02.09 19:03:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2011.02.09 19:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2011.02.09 19:03:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2011.02.09 18:56:31 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\SchnickSchnack [2011.02.09 18:56:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Avira [2011.02.09 18:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2011.02.09 18:51:25 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2011.02.09 18:51:24 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2011.02.09 18:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Mozilla [2011.02.09 18:49:34 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Mozilla [2011.02.09 18:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2011.02.09 18:49:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2011.02.09 18:47:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Adobe [2011.02.09 15:29:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Google [2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\ATI [2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\ATI [2011.02.09 15:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2011.02.09 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess [2011.02.09 15:16:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\EgisTec IPS [2011.02.09 15:16:43 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Macromedia [2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2011.02.09 15:16:12 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2011.02.09 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Searches [2011.02.09 15:16:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM [2011.02.09 15:15:39 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Identities [2011.02.09 15:15:31 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store [2011.02.09 15:15:26 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Contacts [2011.02.09 15:15:22 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\VirtualStore [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Vorlagen [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Verlauf [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Temporary Internet Files [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Startmenü [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\SendTo [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Recent [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Netzwerkumgebung [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Lokale Einstellungen [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Videos [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Musik [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Eigene Dateien [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Documents\Eigene Bilder [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Druckumgebung [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Cookies [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\AppData\Local\Anwendungsdaten [2011.02.09 15:14:46 | 000,000,000 | -HSD | C] -- C:\Users\Philipp\Anwendungsdaten [2011.02.09 15:14:45 | 000,000,000 | --SD | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Videos [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Saved Games [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Pictures [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Music [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Links [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Favorites [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Downloads [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Documents [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\Desktop [2011.02.09 15:14:45 | 000,000,000 | R--D | C] -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2011.02.09 15:14:45 | 000,000,000 | -H-D | C] -- C:\Users\Philipp\AppData [2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Temp [2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\Microsoft [2011.02.09 15:14:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Media Center Programs [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Recovery [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2011.02.09 15:14:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2011.02.08 21:57:08 | 000,000,000 | ---D | C] -- C:\Windows\de-DE [2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer [2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE [2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de [2011.02.08 21:57:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407 [2011.02.08 21:57:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407 [2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE [2011.02.08 21:57:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de [2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2011.02.08 21:56:00 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2011.02.08 21:55:58 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2011.02.08 21:55:58 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2011.02.08 21:50:54 | 000,000,000 | ---D | C] -- C:\Windows\NAPP_Dism_Log [2011.02.08 21:47:16 | 000,349,776 | ---- | C] (Dritek System Inc.) -- C:\Windows\UNINSTLMv4.EXE [2011.02.08 21:46:03 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2011.02.08 21:46:03 | 000,055,296 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2011.02.08 21:46:02 | 000,450,560 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2011.02.08 21:46:02 | 000,202,752 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2011.02.08 21:46:02 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2011.02.08 21:45:31 | 000,525,088 | ---- | C] (Wistron Corp.) -- C:\Windows\WGRegx64.exe [2011.02.08 21:45:31 | 000,000,000 | ---D | C] -- C:\Windows\Lan [2011.02.08 21:45:16 | 000,484,128 | ---- | C] (Wistron Corp.) -- C:\Windows\WISMVIMG.EXE [2011.02.08 21:45:16 | 000,255,264 | ---- | C] (Wistron Corp.) -- C:\Windows\WISI2BAT.EXE [2011.02.08 21:45:16 | 000,176,928 | ---- | C] (Wistron Corp.) -- C:\Windows\PATCHFUL.EXE [2011.02.08 21:45:15 | 000,388,384 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPasx64.exe [2011.02.08 21:45:15 | 000,342,560 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X64.exe [2011.02.08 21:45:14 | 000,326,432 | ---- | C] (Wistron Corp.) -- C:\Windows\WisGAPas.exe [2011.02.08 21:45:14 | 000,231,968 | ---- | C] (Acer Inc.) -- C:\Windows\ParseModule_X86.exe [2011.02.08 13:22:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2011.02.08 13:21:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft [2011.02.08 13:21:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.02.08 13:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive [2011.02.08 13:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2011.02.08 13:21:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2011.02.08 13:21:03 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2011.02.08 13:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2011.02.08 13:19:28 | 000,000,000 | ---D | C] -- C:\BOOK [2011.02.08 13:19:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.02.08 13:19:06 | 000,000,000 | ---D | C] -- C:\Programme\Preload [2011.02.08 13:18:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 [2011.02.08 13:18:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink [2011.02.08 13:17:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink [2011.02.08 13:17:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp [2011.02.08 13:16:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Launch Manager [2011.02.08 13:15:59 | 000,000,000 | ---D | C] -- C:\Programme\Apoint2K [2011.02.08 13:15:44 | 001,664,248 | ---- | C] (SuYin) -- C:\Windows\Acer Crystal Eye webcam.exe [2011.02.08 13:15:44 | 000,049,464 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe [2011.02.08 13:15:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam [2011.02.08 13:13:29 | 000,000,000 | ---D | C] -- C:\Programme\WIDCOMM [2011.02.08 13:12:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM [2011.02.08 13:12:24 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2011.02.08 13:12:22 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll [2011.02.08 13:12:22 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll [2011.02.08 13:12:21 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll [2011.02.08 13:12:21 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll [2011.02.08 13:12:21 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll [2011.02.08 13:12:18 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll [2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll [2011.02.08 13:12:18 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll [2011.02.08 13:12:18 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll [2011.02.08 13:12:18 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll [2011.02.08 13:12:18 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll [2011.02.08 13:12:17 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll [2011.02.08 13:12:17 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll [2011.02.08 13:12:12 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll [2011.02.08 13:12:12 | 000,321,440 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll [2011.02.08 13:12:11 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll [2011.02.08 13:12:11 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll [2011.02.08 13:12:11 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll [2011.02.08 13:12:11 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll [2011.02.08 13:12:11 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll [2011.02.08 13:12:11 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll [2011.02.08 13:12:11 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll [2011.02.08 13:12:11 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll [2011.02.08 13:12:11 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll [2011.02.08 13:12:10 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll [2011.02.08 13:12:10 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll [2011.02.08 13:12:08 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp [2011.02.08 13:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2011.02.08 13:11:42 | 000,000,000 | ---D | C] -- C:\Programme\DIFX [2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2011.02.08 13:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD [2011.02.08 13:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2011.02.08 13:09:41 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2011.02.08 13:09:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2011.02.08 13:06:25 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2011.02.08 13:03:19 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job [2011.02.18 18:14:52 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011.02.18 18:14:52 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2011.02.18 18:14:52 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011.02.18 18:14:52 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2011.02.18 18:14:52 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.02.18 18:06:05 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.02.18 17:58:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.02.18 17:58:21 | 3219,787,776 | -HS- | M] () -- C:\hiberfil.sys [2011.02.11 17:32:08 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011.02.11 17:26:57 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2011.02.09 19:19:47 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.09 19:08:23 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2011.02.09 19:02:40 | 000,000,987 | ---- | M] () -- C:\Users\Philipp\Desktop\Philipp.lnk [2011.02.09 18:49:35 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2011.02.09 18:49:24 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.09 15:24:40 | 000,012,482 | ---- | M] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk [2011.02.09 15:16:37 | 000,000,201 | ---- | M] () -- C:\Windows\USER.XML [2011.02.09 15:14:55 | 000,000,211 | RHS- | M] () -- C:\Preload.rev [2011.02.09 15:14:55 | 000,000,168 | ---- | M] () -- C:\Windows\WisLangCode.ini [2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2011.02.09 15:14:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2011.02.08 22:01:15 | 000,001,690 | ---- | M] () -- C:\Windows\WPatchProgress.ini [2011.02.08 21:56:52 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat [2011.02.08 21:56:52 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat [2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui [2011.02.08 21:56:00 | 000,011,776 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui [2011.02.08 21:55:58 | 000,004,096 | ---- | M] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui [2011.02.08 21:55:58 | 000,002,560 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui [2011.02.08 21:50:54 | 000,011,453 | ---- | M] () -- C:\Windows\ChangeLang_Done.tag [2011.02.08 21:48:54 | 000,000,926 | ---- | M] () -- C:\Windows\MOD01SET74DE0N0003.XML [2011.02.08 13:32:54 | 000,000,213 | ---- | M] () -- C:\Windows\Factory.xml [2011.02.08 13:22:47 | 000,000,020 | ---- | M] () -- C:\Windows\ú© [2011.02.08 13:16:13 | 000,000,184 | ---- | M] () -- C:\Windows\LMv4.UNI [2011.02.08 13:16:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2011.02.08 13:14:45 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011.02.08 13:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2011.02.08 13:06:18 | 000,696,680 | ---- | M] () -- C:\Windows\SysNative\oem7.inf ========== Files Created - No Company Name ========== [2011.02.11 17:26:57 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011.02.11 16:44:08 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job [2011.02.09 19:19:47 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011.02.09 19:18:32 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011.02.09 19:06:26 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2011.02.09 19:02:40 | 000,000,987 | ---- | C] () -- C:\Users\Philipp\Desktop\Philipp.lnk [2011.02.09 18:49:35 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.02.09 18:49:24 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2011.02.09 15:24:40 | 000,012,482 | ---- | C] () -- C:\Users\Philipp\Desktop\Computer - Verknüpfung.lnk [2011.02.09 15:16:25 | 000,001,409 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2011.02.09 15:16:18 | 000,001,443 | ---- | C] () -- C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2011.02.08 22:01:15 | 000,011,453 | ---- | C] () -- C:\Windows\ChangeLang_Done.tag [2011.02.08 21:57:37 | 000,654,166 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat [2011.02.08 21:57:37 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat [2011.02.08 21:57:37 | 000,130,006 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat [2011.02.08 21:57:37 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat [2011.02.08 21:49:01 | 000,000,926 | ---- | C] () -- C:\Windows\MOD01SET74DE0N0003.XML [2011.02.08 21:48:34 | 000,000,385 | RHS- | C] () -- C:\Patch.rev [2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1025_ACER_ACER_Aspire 7552.mrk [2011.02.08 21:48:34 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\drivers\1025_ACER_ACER_Aspire 7552.mrk [2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2011.02.08 21:46:03 | 000,511,072 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2011.02.08 21:46:03 | 000,026,112 | ---- | C] () -- C:\Windows\SysNative\atitmp64.dll [2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.02.08 21:46:03 | 000,002,093 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2011.02.08 21:46:02 | 000,332,288 | ---- | C] () -- C:\Windows\SysNative\ATIODE.exe [2011.02.08 21:46:02 | 000,201,875 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2011.02.08 21:46:02 | 000,051,200 | ---- | C] () -- C:\Windows\SysNative\ATIODCLI.exe [2011.02.08 21:46:02 | 000,020,692 | ---- | C] () -- C:\Windows\atiogl.xml [2011.02.08 21:46:01 | 000,033,616 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2011.02.08 21:45:31 | 000,000,201 | ---- | C] () -- C:\Windows\USER.XML [2011.02.08 21:45:13 | 000,001,690 | ---- | C] () -- C:\Windows\WPatchProgress.ini [2011.02.08 13:24:22 | 000,000,033 | ---- | C] () -- C:\Windows\LaunApp.ini [2011.02.08 13:22:46 | 000,000,020 | ---- | C] () -- C:\Windows\ú© [2011.02.08 13:16:13 | 000,000,184 | ---- | C] () -- C:\Windows\LMv4.UNI [2011.02.08 13:16:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Apfiltr_01007.Wdf [2011.02.08 13:15:44 | 000,632,056 | ---- | C] () -- C:\Windows\Image.dll [2011.02.08 13:15:44 | 000,222,382 | ---- | C] () -- C:\Windows\Acer Crystal Eye webcam.ico [2011.02.08 13:15:44 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe [2011.02.08 13:15:44 | 000,025,848 | ---- | C] () -- C:\Windows\USB_VIDEO_REG.exe [2011.02.08 13:15:44 | 000,009,168 | ---- | C] () -- C:\Windows\Suyin.reg [2011.02.08 13:15:44 | 000,000,637 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini [2011.02.08 13:15:44 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini [2011.02.08 13:13:39 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011.02.08 13:12:24 | 000,231,056 | ---- | C] () -- C:\Windows\SysNative\drivers\RTConvEQ.dat [2011.02.08 13:12:24 | 000,026,448 | ---- | C] () -- C:\Windows\SysNative\drivers\RtPCEE3.DAT [2011.02.08 13:12:24 | 000,001,352 | ---- | C] () -- C:\Windows\SysNative\drivers\RtHdatEx.dat [2011.02.08 13:12:24 | 000,000,712 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat [2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX3.dat [2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX2.dat [2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX1.dat [2011.02.08 13:12:24 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\RTEQEX0.dat [2011.02.08 13:12:24 | 000,000,176 | ---- | C] () -- C:\Windows\SysNative\drivers\RTHDAEQ1.dat [2011.02.08 13:12:24 | 000,000,008 | ---- | C] () -- C:\Windows\SysNative\drivers\rtkhdaud.dat [2011.02.08 13:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.02.08 13:06:22 | 000,696,680 | ---- | C] () -- C:\Windows\SysNative\oem7.inf [2011.02.08 13:03:20 | 3219,787,776 | -HS- | C] () -- C:\hiberfil.sys [2010.05.19 23:08:32 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe [2010.05.19 23:07:19 | 000,000,193 | ---- | C] () -- C:\Windows\Prelaunch.ini [2010.05.19 23:07:19 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini [2010.05.19 23:07:19 | 000,000,147 | ---- | C] () -- C:\Windows\WisPriority.ini [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll ========== LOP Check ========== [2011.02.18 18:30:01 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job [2009.07.14 06:08:49 | 000,008,420 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Hijackthis HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:51:52, on 18.02.2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16722) Boot mode: Normal Running processes: C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Users\Philipp\Desktop\SchnickSchnack\HiJackThis204.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_7552&r=27360211z906l0498z1j5t48i1q59p R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - Global Startup: Bluetooth.lnk = ? O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9360 bytes Vielen dank schonmal  Gruß *push*  |
|
| Themen zu Auswertung PC und Laptop |
| 64-bit, adblock, alienware, antivir, antivir guard, autorun, avg, avgntflt.sys, avira, bho, bonjour, desktop, error, explorer, firefox, format, home, home premium, langs, launch, location, locker, logfile, media center, mozilla, mywinlocker, nvidia, oldtimer, plug-in, programdata, programme, realtek, registry, rundll, searchplugins, senden, software, start menu, symantec, syswow64, teamspeak, webcheck, windows xp |
Linear-Darstellung
