Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: LinkExtend: Google TrojanDownloader durch Schnellansicht?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 25.05.2011, 02:47   #1
Humpestos
 
LinkExtend: Google TrojanDownloader durch Schnellansicht? - Standard

LinkExtend: Google TrojanDownloader durch Schnellansicht?



hi,

jo hab nen neuen PC und mir LinkExtend geholt um immer zu wissen ob Seiten evtl. unseriös sind oder nicht. Als ich auf google.com das Stichwort "Hodir" (Figur aus World of Warcraft) eingegeben habe, erhielt ich von Microsoft Security Essentials eine Meldung: TrojanDownload:HTML/Renos.Q

es wurde natürlich sofort gelöscht und ich musste auch nicht neustarten. Als ich das dreimal wiederholte kam es immer wieder beim eingeben des Begriffes "Hodir" auf google.com. Als ich LinkExtend deaktivierte kam es nicht mehr. Ich sag nur mal: Wat für ein scheiß Addon ^^. Da soll es vorwarnen ob Seiten sicher sind, die eigentlich bei der Suche schon aufgerufen worden.
Als der CCleaner den PC reinigte kam wieder die Meldung von SE, jedoch denke ich normal, da der Pfad zum Cacheordner von Firefox führte, der ja durch CCleaner durchstöbert wird. Anschließend machte ich mit MBAM und SE einen fullscan: es wurde bei beiden nichts gefunden. Was mir aber allgemein auffiel bevor der Trojaner gelöscht wurde ist, dass manche Seiten nicht in der Chronik von Firefox bleiben wenn man sie besucht hat. Ist das normal?

Pfad des letzten fundes:
file:C:\Users\Markus\AppData\Local\Mozilla\Firefox\Profiles\jgn0wioz.default\Cache\9\7E\DB37Ad01->(SCRIPT0000)

Alle jedoch im Cache-Ordner

Hier OTL:
Code:
ATTFilter
OTL logfile created on: 25.05.2011 03:42:57 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Markus\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,29 Gb Available Physical Memory | 78,79% Memory free
15,96 Gb Paging File | 14,14 Gb Available in Paging File | 88,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 100,31 Gb Free Space | 68,52% Space Free | Partition Type: NTFS
Drive D: | 552,15 Gb Total Space | 399,88 Gb Free Space | 72,42% Space Free | Partition Type: NTFS
Drive E: | 7,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: MARKUS-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.05.25 03:33:15 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Markus\Downloads\OTL.exe
PRC - [2011.05.20 00:16:39 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.05.13 14:04:04 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.04.30 17:08:30 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.04.27 21:23:39 | 001,242,448 | ---- | M] (Valve Corporation) -- D:\Program Files (x86)\Steam\Steam.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.02.15 13:20:22 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2010.05.05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2010.05.05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.05.25 03:33:15 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Markus\Downloads\OTL.exe
MOD - [2010.11.21 05:23:55 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.11.11 14:36:38 | 000,282,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2010.11.11 14:36:38 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.05.20 00:16:39 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.05.13 14:04:04 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.27 20:32:22 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.04.06 06:11:44 | 009,323,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.06 03:21:42 | 000,304,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 17:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.12.28 21:45:54 | 000,412,776 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.10.24 21:25:38 | 000,072,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2010.05.05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010.05.05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010.05.05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010.05.05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010.05.05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010.05.05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010.05.05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.05.27 02:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1D 02 09 53 C7 15 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 17:08:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.04.27 20:20:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Extensions
[2011.05.24 23:37:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Markus\AppData\Roaming\mozilla\Firefox\Profiles\jgn0wioz.default\extensions
[2011.04.27 23:47:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.04.27 20:50:27 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.04.27 23:47:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- C:\USERS\MARKUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\JGN0WIOZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.04.30 17:08:30 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.04.30 17:08:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.30 17:08:31 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.04.30 17:08:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.04.30 17:08:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.04.30 17:08:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.04.30 17:08:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Steam] D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.06 18:33:09 | 000,000,043 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O33 - MountPoints2\{89ae6a40-70f8-11e0-85f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{89ae6a40-70f8-11e0-85f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Start.exe -- [2006.01.10 15:49:24 | 000,492,032 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.24 15:14:10 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2011.05.24 15:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2011.05.24 13:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.05.24 13:31:00 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.05.24 13:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.05.24 13:30:15 | 008,411,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011.05.24 13:30:15 | 006,299,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.05.24 13:30:15 | 001,359,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011.05.24 13:30:15 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.05.24 13:30:15 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.05.24 13:30:15 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.05.24 13:30:15 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.05.24 13:30:14 | 020,700,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.05.24 13:30:14 | 018,578,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.05.24 13:30:14 | 015,227,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.05.24 13:30:14 | 013,007,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.05.24 13:30:14 | 012,934,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.05.24 13:30:14 | 010,071,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.05.24 13:30:14 | 006,974,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.05.24 13:30:14 | 005,183,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.05.24 13:30:14 | 002,893,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.05.24 13:30:14 | 002,765,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.05.24 13:30:14 | 002,273,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011.05.24 13:30:14 | 002,204,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.05.24 13:30:14 | 002,074,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.05.24 13:30:14 | 002,034,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.05.24 13:30:14 | 001,619,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420140.dll
[2011.05.24 13:30:14 | 001,404,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642060.dll
[2011.05.24 13:30:14 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2011.05.24 13:29:41 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.05.20 15:39:23 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\Games for Windows - LIVE Demos
[2011.05.20 14:15:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011.05.20 14:13:04 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Lionhead Studios
[2011.05.19 22:03:20 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\ranked
[2011.05.19 03:52:25 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.18 19:45:01 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Malwarebytes
[2011.05.18 19:44:56 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.18 19:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.18 19:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.18 19:44:53 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.18 19:44:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.05.17 17:55:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.14 12:58:07 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.05.14 12:58:07 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.05.11 14:05:43 | 005,562,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 14:05:43 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 14:05:43 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.10 01:39:29 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Microsoft Games
[2011.05.07 03:48:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2011.05.06 21:18:01 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\Crysis
[2011.05.06 20:45:04 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\Hitman Blood Money
[2011.05.06 20:44:14 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.05.06 16:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.05.06 04:01:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft Public Test
[2011.05.05 18:49:46 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.05.05 18:49:44 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\Electronic Arts
[2011.05.05 18:49:01 | 000,447,752 | ---- | C] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2011.05.05 18:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2011.05.03 14:42:55 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\{D95942BC-A412-499F-913C-564089C665B3}
[2011.05.03 14:34:20 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.05.03 14:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011.05.03 14:30:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011.05.03 14:29:36 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Windows Live
[2011.05.03 14:29:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011.05.03 01:12:43 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\NVIDIA
[2011.05.03 01:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.05.01 18:54:33 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.05.01 18:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.05.01 18:54:26 | 000,000,000 | ---D | C] -- C:\Intel
[2011.05.01 16:16:13 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\2K Games
[2011.05.01 16:16:01 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.05.01 16:16:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.05.01 16:16:01 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.05.01 16:16:01 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.05.01 16:16:01 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.05.01 16:16:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.05.01 16:16:01 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011.05.01 16:16:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011.04.30 21:37:22 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\PunkBuster
[2011.04.30 17:08:23 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\3DMark 11
[2011.04.30 17:07:59 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\IsolatedStorage
[2011.04.30 17:07:58 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Futuremark_Corporation
[2011.04.30 17:06:42 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011.04.30 17:06:42 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011.04.30 17:06:42 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011.04.30 17:06:42 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011.04.30 17:06:41 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011.04.30 17:06:41 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011.04.30 17:06:41 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011.04.30 17:06:41 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011.04.30 17:06:40 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011.04.30 17:06:40 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011.04.30 17:06:40 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011.04.30 17:06:40 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011.04.30 17:06:40 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011.04.30 17:06:40 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011.04.30 17:06:39 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011.04.30 17:06:39 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011.04.29 23:41:19 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\BFBC2
[2011.04.29 23:31:14 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011.04.29 23:31:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011.04.29 23:31:13 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.04.29 23:31:13 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.04.29 23:31:13 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.04.29 23:31:13 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.04.29 23:31:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011.04.29 23:31:13 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011.04.29 23:31:12 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.04.29 23:31:12 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.04.29 23:31:12 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.04.29 23:31:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.04.29 23:31:11 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011.04.29 23:31:11 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011.04.29 23:31:11 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011.04.29 23:31:11 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011.04.29 23:31:11 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011.04.29 23:31:10 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011.04.29 23:31:10 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011.04.29 23:31:10 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011.04.29 23:31:10 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011.04.29 23:31:10 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011.04.29 23:31:09 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011.04.29 23:31:09 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.04.29 23:31:09 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.04.29 23:31:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.04.29 23:31:09 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.04.29 23:31:09 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011.04.29 23:31:09 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011.04.29 23:31:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.04.29 23:31:09 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011.04.29 23:31:09 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011.04.29 23:31:08 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011.04.29 23:31:08 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011.04.29 23:31:08 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011.04.29 23:31:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011.04.29 23:31:08 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011.04.29 23:31:08 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011.04.29 23:31:08 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011.04.29 23:31:08 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011.04.29 23:31:08 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011.04.29 23:31:08 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011.04.29 23:31:07 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011.04.29 23:31:07 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011.04.29 23:31:07 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011.04.29 23:31:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011.04.29 23:31:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011.04.29 23:31:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011.04.29 19:02:21 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Acreon
[2011.04.29 19:02:19 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\._Revolution_
[2011.04.29 19:02:14 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Diagnostics
[2011.04.29 15:04:28 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\Rockstar Games
[2011.04.29 15:00:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.04.29 15:00:20 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.04.29 14:59:37 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Rockstar Games
[2011.04.29 14:59:30 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.04.29 14:59:20 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.04.29 14:59:20 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.04.29 14:59:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.04.29 14:59:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.04.29 14:58:54 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011.04.29 14:58:54 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011.04.29 14:58:53 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011.04.29 14:58:53 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011.04.29 14:58:43 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2011.04.29 14:58:43 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2011.04.29 14:58:43 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2011.04.29 14:58:43 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2011.04.29 14:58:43 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2011.04.29 14:58:43 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2011.04.29 14:58:42 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2011.04.29 14:58:42 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2011.04.29 14:58:42 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2011.04.29 14:58:42 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2011.04.29 14:58:42 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2011.04.29 14:58:42 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011.04.29 14:58:42 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011.04.29 14:58:42 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2011.04.29 14:58:42 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2011.04.29 14:58:42 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2011.04.29 14:58:41 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011.04.29 14:58:41 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011.04.29 14:58:41 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011.04.29 14:58:41 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011.04.29 14:58:41 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011.04.29 14:58:41 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011.04.29 14:58:41 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011.04.29 14:58:41 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011.04.29 14:58:41 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011.04.29 14:58:41 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011.04.29 14:58:40 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011.04.29 14:58:40 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011.04.29 14:58:39 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011.04.29 14:58:39 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011.04.29 14:58:39 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011.04.29 14:58:39 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011.04.29 14:58:39 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011.04.29 14:58:39 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011.04.29 14:58:38 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011.04.29 14:58:38 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011.04.29 14:58:36 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011.04.29 14:58:36 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011.04.29 14:58:36 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011.04.29 14:58:36 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011.04.29 14:58:33 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011.04.29 14:58:33 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011.04.29 14:58:33 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011.04.29 14:58:33 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011.04.29 14:58:33 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011.04.29 14:58:33 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011.04.29 14:58:32 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011.04.29 14:58:32 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2011.04.29 14:58:32 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011.04.29 14:58:32 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011.04.29 14:58:32 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011.04.29 14:58:32 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011.04.29 14:58:31 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011.04.29 14:58:31 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011.04.29 14:58:31 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011.04.29 14:58:31 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011.04.29 14:58:31 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011.04.29 14:58:31 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011.04.29 14:58:31 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011.04.29 14:58:31 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011.04.29 14:58:30 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011.04.29 14:58:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011.04.29 14:58:30 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011.04.29 14:58:30 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011.04.29 14:58:30 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011.04.29 14:58:30 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011.04.29 14:58:30 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011.04.29 14:58:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011.04.29 14:58:29 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011.04.29 14:58:29 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011.04.29 14:58:29 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011.04.29 14:58:29 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011.04.29 14:58:25 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011.04.29 14:58:25 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011.04.29 14:58:25 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011.04.29 14:58:25 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011.04.29 14:58:25 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011.04.29 14:58:25 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011.04.29 14:58:24 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011.04.29 14:58:24 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011.04.29 14:58:24 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011.04.29 14:58:24 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011.04.29 14:58:24 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011.04.29 14:58:24 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011.04.29 14:58:24 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011.04.29 14:58:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011.04.29 14:58:23 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011.04.29 14:58:23 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011.04.29 14:58:23 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011.04.29 14:58:23 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011.04.28 23:30:12 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Electronic Arts
[2011.04.28 23:30:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.04.28 23:29:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.04.28 19:21:07 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\TS3Client
[2011.04.28 19:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.04.28 19:14:52 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.04.28 13:40:29 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2011.04.28 00:41:54 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\WinRAR
[2011.04.28 00:41:54 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.28 00:41:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.04.28 00:41:48 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.04.27 23:50:09 | 000,000,000 | ---D | C] -- C:\Users\Markus\Documents\My Games
[2011.04.27 23:49:43 | 000,000,000 | RH-D | C] -- C:\Users\Markus\AppData\Roaming\SecuROM
[2011.04.27 23:49:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.04.27 23:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.04.27 23:47:04 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.04.27 23:47:04 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.04.27 23:47:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.04.27 23:47:04 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.04.27 23:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.04.27 23:44:35 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011.04.27 23:44:35 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011.04.27 23:44:35 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011.04.27 23:44:35 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011.04.27 23:44:35 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011.04.27 23:44:35 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011.04.27 23:44:34 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011.04.27 23:44:34 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011.04.27 23:44:34 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011.04.27 23:44:34 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011.04.27 23:44:34 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011.04.27 23:44:34 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011.04.27 23:44:34 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011.04.27 23:44:34 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.04.27 23:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2011.04.27 22:59:25 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Macromedia
[2011.04.27 22:59:25 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Adobe
[2011.04.27 22:49:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.04.27 22:32:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.04.27 21:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
[2011.04.27 21:35:12 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2011.04.27 21:35:06 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.04.27 21:30:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.04.27 21:30:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.04.27 21:23:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.04.27 21:22:11 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.27 21:22:11 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.27 21:22:10 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.04.27 21:22:10 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.04.27 21:22:09 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.04.27 21:22:09 | 001,076,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.04.27 21:22:09 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.04.27 21:22:09 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.04.27 21:22:08 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.27 21:22:08 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.27 21:22:07 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.27 21:22:07 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.27 21:22:07 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.27 21:22:07 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.27 21:22:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.27 21:22:07 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.27 21:22:07 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.27 21:22:00 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.04.27 21:22:00 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d10_1.dll
[2011.04.27 21:21:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.27 21:21:48 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.27 21:21:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.04.27 21:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.04.27 21:21:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011.04.27 21:09:16 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\ATI
[2011.04.27 21:09:16 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\ATI
[2011.04.27 21:01:35 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.04.27 20:51:21 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\skypePM
[2011.04.27 20:51:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.04.27 20:50:37 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Skype
[2011.04.27 20:50:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.04.27 20:50:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.04.27 20:50:19 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.04.27 20:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.04.27 20:43:30 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Trillian
[2011.04.27 20:43:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2011.04.27 20:40:41 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.04.27 20:40:41 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.04.27 20:40:39 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.04.27 20:40:39 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.04.27 20:40:39 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.04.27 20:40:39 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.04.27 20:40:39 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.04.27 20:40:39 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.04.27 20:40:39 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.04.27 20:40:39 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.04.27 20:40:36 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.04.27 20:40:36 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.04.27 20:40:36 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.04.27 20:40:35 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.04.27 20:40:35 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.04.27 20:40:35 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.04.27 20:40:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.04.27 20:40:35 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.04.27 20:40:35 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.04.27 20:40:31 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.04.27 20:40:31 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.04.27 20:40:31 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.04.27 20:40:31 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.04.27 20:40:30 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.04.27 20:40:30 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.04.27 20:40:30 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.04.27 20:40:30 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.04.27 20:40:30 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.04.27 20:40:30 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.04.27 20:40:30 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.04.27 20:40:29 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.04.27 20:40:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.04.27 20:40:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.04.27 20:40:06 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.04.27 20:37:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.04.27 20:32:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2011.04.27 20:32:27 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2011.04.27 20:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2011.04.27 20:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2011.04.27 20:32:16 | 000,000,000 | ---D | C] -- C:\Programme\Creative
[2011.04.27 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2011.04.27 20:31:55 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2011.04.27 20:31:55 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2011.04.27 20:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2011.04.27 20:31:50 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.04.27 20:31:50 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.04.27 20:31:50 | 000,123,480 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.04.27 20:31:50 | 000,109,144 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.04.27 20:31:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.04.27 20:31:31 | 000,020,480 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysWow64\INRESGER.DLL
[2011.04.27 20:31:31 | 000,020,480 | ---- | C] (Creative Technology Limited) -- C:\Windows\SysNative\INRESGER.DLL
[2011.04.27 20:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2011.04.27 20:31:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2011.04.27 20:31:16 | 022,691,984 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\AppSetup.exe
[2011.04.27 20:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.04.27 20:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.04.27 20:24:29 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2011.04.27 20:22:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2011.04.27 20:22:50 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.04.27 20:22:50 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Security Client
[2011.04.27 20:20:18 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Mozilla
[2011.04.27 20:20:18 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Mozilla
[2011.04.27 20:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.04.27 20:12:15 | 000,412,776 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2011.04.27 20:12:15 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2011.04.27 20:12:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.04.27 20:12:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.04.27 20:09:39 | 000,000,000 | R--D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.04.27 20:09:39 | 000,000,000 | R--D | C] -- C:\Users\Markus\Searches
[2011.04.27 20:09:39 | 000,000,000 | R--D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.04.27 20:09:32 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Identities
[2011.04.27 20:09:30 | 000,000,000 | R--D | C] -- C:\Users\Markus\Contacts
[2011.04.27 20:09:29 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\VirtualStore
[2011.04.27 20:09:20 | 000,000,000 | --SD | C] -- C:\Users\Markus\AppData\Roaming\Microsoft
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Videos
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Saved Games
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Pictures
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Music
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Links
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Favorites
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Downloads
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Documents
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\Desktop
[2011.04.27 20:09:20 | 000,000,000 | R--D | C] -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Vorlagen
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\AppData\Local\Verlauf
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\AppData\Local\Temporary Internet Files
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Startmenü
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\SendTo
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Recent
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Netzwerkumgebung
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Lokale Einstellungen
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Documents\Eigene Videos
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Documents\Eigene Musik
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Eigene Dateien
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Documents\Eigene Bilder
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Druckumgebung
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Cookies
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\AppData\Local\Anwendungsdaten
[2011.04.27 20:09:20 | 000,000,000 | -HSD | C] -- C:\Users\Markus\Anwendungsdaten
[2011.04.27 20:09:20 | 000,000,000 | -H-D | C] -- C:\Users\Markus\AppData
[2011.04.27 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Temp
[2011.04.27 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Local\Microsoft
[2011.04.27 20:09:20 | 000,000,000 | ---D | C] -- C:\Users\Markus\AppData\Roaming\Media Center Programs
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.04.27 20:09:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.04.27 20:05:26 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.04.27 20:03:20 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.04.27 20:02:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.05.05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010.05.05 19:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.25 03:27:58 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.25 03:27:58 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.25 03:25:15 | 001,633,032 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.25 03:25:15 | 000,704,228 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.25 03:25:15 | 000,658,542 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.25 03:25:15 | 000,151,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.25 03:25:15 | 000,123,830 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.25 03:20:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.25 03:20:42 | 2132,991,999 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.25 01:23:23 | 000,061,256 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.05.25 01:23:23 | 000,061,256 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.05.25 01:23:23 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.05.24 15:14:10 | 000,001,090 | ---- | M] () -- C:\Users\Markus\Desktop\MSI Afterburner.lnk
[2011.05.23 22:35:29 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.23 22:35:29 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.23 22:34:18 | 000,281,208 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.05.20 00:16:39 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.19 03:52:25 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.18 19:44:57 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.13 20:49:15 | 011,274,718 | ---- | M] () -- C:\Users\Markus\Documents\hummeltalk.rar
[2011.05.13 20:32:37 | 011,548,763 | ---- | M] () -- C:\Users\Markus\Documents\hummeltalk.wma
[2011.05.07 03:48:45 | 001,659,592 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.07 03:47:19 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.06 19:04:52 | 000,447,752 | ---- | M] (On2.com) -- C:\Windows\SysWow64\vp6vfw.dll
[2011.05.03 14:32:21 | 000,000,020 | ---- | M] () -- C:\Windows\ˆ÷À
[2011.04.29 14:59:30 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.04.29 14:35:19 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011.04.27 23:46:56 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.04.27 23:46:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.04.27 23:46:56 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.04.27 23:46:55 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.04.27 21:53:31 | 000,276,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.27 21:26:23 | 000,000,711 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.04.27 20:54:23 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2011.04.27 20:51:32 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.04.27 20:50:22 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.27 20:43:30 | 000,001,095 | ---- | M] () -- C:\Users\Markus\Desktop\Trillian.lnk
[2011.04.27 20:31:50 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.04.27 20:31:50 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.04.27 20:31:50 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.04.27 20:31:50 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.04.27 20:31:50 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011.04.27 20:24:30 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.27 20:23:13 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011.04.27 20:20:14 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.04.27 20:06:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.04.27 20:06:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2011.05.24 15:14:10 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\rtvcvfw32.dll
[2011.05.24 15:14:10 | 000,001,090 | ---- | C] () -- C:\Users\Markus\Desktop\MSI Afterburner.lnk
[2011.05.24 13:30:14 | 000,007,771 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.05.18 19:44:57 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.13 20:49:13 | 011,274,718 | ---- | C] () -- C:\Users\Markus\Documents\hummeltalk.rar
[2011.05.13 20:32:37 | 011,548,763 | ---- | C] () -- C:\Users\Markus\Documents\hummeltalk.wma
[2011.05.03 14:47:21 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.03 14:33:24 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.05.03 14:32:47 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.05.03 14:32:21 | 000,000,020 | ---- | C] () -- C:\Windows\ˆ÷À
[2011.04.30 21:46:15 | 000,281,208 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.04.30 21:46:15 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.30 21:46:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.30 21:46:13 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.04.28 23:30:08 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2011.04.27 21:23:02 | 000,000,711 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.04.27 20:54:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.27 20:51:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.27 20:50:22 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.04.27 20:43:30 | 000,001,125 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2011.04.27 20:43:30 | 000,001,095 | ---- | C] () -- C:\Users\Markus\Desktop\Trillian.lnk
[2011.04.27 20:33:05 | 000,061,256 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.27 20:33:05 | 000,061,256 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.27 20:33:05 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000004-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.04.27 20:32:48 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2011.04.27 20:31:50 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011.04.27 20:31:50 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.04.27 20:31:50 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011.04.27 20:31:50 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.04.27 20:31:50 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011.04.27 20:31:31 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2011.04.27 20:31:31 | 000,003,072 | ---- | C] () -- C:\Windows\SysNative\CTXFIGER.DLL
[2011.04.27 20:24:30 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.04.27 20:23:13 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011.04.27 20:22:56 | 001,659,592 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.27 20:22:52 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011.04.27 20:20:14 | 000,001,150 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.27 20:20:14 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.04.27 20:12:15 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2011.04.27 20:09:43 | 000,001,409 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.04.27 20:09:41 | 000,001,443 | ---- | C] () -- C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.27 20:05:54 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.04.27 20:05:54 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.04.27 20:02:42 | 2132,991,999 | -HS- | C] () -- C:\hiberfil.sys
[2011.04.13 21:59:14 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.01 19:07:08 | 000,003,949 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.05.05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010.05.05 20:37:50 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010.05.05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010.05.05 19:46:30 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010.05.05 19:46:30 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010.05.05 19:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.06 13:47:08 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011.04.29 19:02:21 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Acreon
[2011.05.20 14:13:04 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Lionhead Studios
[2011.04.27 20:43:50 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\Trillian
[2011.05.24 00:13:47 | 000,000,000 | ---D | M] -- C:\Users\Markus\AppData\Roaming\TS3Client
[2009.07.14 07:08:49 | 000,023,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
Extras:
Code:
ATTFilter
OTL Extras logfile created on: 25.05.2011 03:42:57 - Run 2
OTL by OldTimer - Version 3.2.23.0     Folder = C:\Users\Markus\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,29 Gb Available Physical Memory | 78,79% Memory free
15,96 Gb Paging File | 14,14 Gb Available in Paging File | 88,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,39 Gb Total Space | 100,31 Gb Free Space | 68,52% Space Free | Partition Type: NTFS
Drive D: | 552,15 Gb Total Space | 399,88 Gb Free Space | 72,42% Space Free | Partition Type: NTFS
Drive E: | 7,31 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: MARKUS-PC | User Name: Markus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{446EE0D9-1F6B-42BF-8278-8D0B172BA15D}" = Microsoft IntelliType Pro 8.1
"{774088D4-0777-4D78-904D-E435B318F5D2}" = Microsoft Antimalware
"{7782916E-3D46-4F1F-AC4B-3FB9D17049F4}" = Microsoft Antimalware Service DE-DE Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 270.61
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 270.61
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.1.34
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.22.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E77543EE-6FB5-4FF6-AB70-635392C8C756}" = Microsoft Security Client
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCAB9F73-BF5D-4E3D-92E7-B0F35C568F20}" = Microsoft Security Client DE-DE Language Pack
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft IntelliType Pro 8.1" = Microsoft IntelliType Pro 8.1
"Microsoft Security Client" = Microsoft Security Essentials
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 25
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}" = Die*Sims*Mittelalter
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Afterburner" = MSI Afterburner 2.1.0
"AudioCS" = Creative Audio-Systemsteuerung
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"EADM" = EA Download Manager
"GFWL_{4D53090A-9B45-437B-A66A-831000008300}" = Fable III
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Steam App 12210" = Grand Theft Auto IV
"Steam App 15120" = Tom Clancy's Rainbow Six: Vegas 2
"Steam App 17300" = Crysis
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 220" = Half-Life 2
"Steam App 50130" = Mafia II
"Steam App 6860" = Hitman: Blood Money
"Trillian" = Trillian
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 23.05.2011 07:52:27 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 06:47:26 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 07:01:03 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 07:13:05 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 07:16:58 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 07:34:48 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 17:13:47 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 24.05.2011 18:46:20 | Computer Name = Markus-PC | Source = .NET Runtime | ID = 1026
Description = 
 
Error - 24.05.2011 18:46:21 | Computer Name = Markus-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GFWLClient.exe, Version: 3.5.50.0,
 Zeitstempel: 0x4d93c2a6  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00d8df58  ID des fehlerhaften
 Prozesses: 0xe60  Startzeit der fehlerhaften Anwendung: 0x01cc1a609c0bfc62  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: a4e48bbf-8657-11e0-b64d-6c626dec0912
 
Error - 24.05.2011 21:22:34 | Computer Name = Markus-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 17.05.2011 07:48:36 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 19.05.2011 07:03:05 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 21.05.2011 07:53:48 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 22.05.2011 08:24:11 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 23.05.2011 07:50:48 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 24.05.2011 06:45:56 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 24.05.2011 06:57:26 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 24.05.2011 06:59:33 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 24.05.2011 07:15:26 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 24.05.2011 21:21:04 | Computer Name = Markus-PC | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
 
< End of report >
         

Alt 25.05.2011, 10:41   #2
markusg
/// Malware-holic
 
LinkExtend: Google TrojanDownloader durch Schnellansicht? - Standard

LinkExtend: Google TrojanDownloader durch Schnellansicht?



ja mit google bildersuche gibts im moment einiges an problemen, sehr viel, meist fake antivirus software, wird da verteilt.
download malwarebytes:
Malwarebytes : Malwarebytes Anti-Malware is a free download that removes viruses and malware from your computer
instalieren, öffnen, registerkarte aktualisierung, programm updaten.
schalte alle laufenden programme ab, trenne die internetverbindung.
registerkarte scanner, komplett scan, funde entfernen, log posten.


ich kann dir, nach dem scan, noch zeigen wie du den pc sicherer bekommst.
__________________

__________________

Alt 25.05.2011, 12:25   #3
Humpestos
 
LinkExtend: Google TrojanDownloader durch Schnellansicht? - Standard

LinkExtend: Google TrojanDownloader durch Schnellansicht?



MBAM ist Malwarebytes und das hat nichts gefunden. Ich hab halt kein bock den jetzt zu formatieren... der is halt komplett neu. ich gehe eigentlich nicht auf zwielichtige seiten und wer denkt bitte, dass linkextend seiten öffnet, die auch noch unter "hodir" gefunden werden und einen virus enthalten?
__________________

Alt 25.05.2011, 16:39   #4
markusg
/// Malware-holic
 
LinkExtend: Google TrojanDownloader durch Schnellansicht? - Standard

LinkExtend: Google TrojanDownloader durch Schnellansicht?



hab ich was von formatieren gesagt, nur absichern.

http://www.trojaner-board.de/96344-a...-rechners.html
hier alles unter vista /windows 7 und allgemeines abarbeiten!
außerdem den abschnitt
Maßnahmen für ALLE Windows-Versionen abarbeiten.

als antivirus kannst du zb avast nutzen. pdf zur anleitung gibts hier:
http://www.trojaner-board.de/127580-...igurieren.html
denke die haben das beste gesammt angebot für kostenlose produkte.
als browser opera.
falls er dir nicht zusagt, passe ich die anleitung für nen andern browser an
um das surfen sicherer zu machen, würde ich Sandboxie empfehlen.
Download:
Sandbox*Einstellungen |

(als pdf)
hier noch ein paar zusatzeinstellungen, nicht verunsichern lassen, wenn du das programm instaliert hast, werden sie klar.
den direkten datei zugriff bitte auf opera beschrenken,
bei
Internetzugriff:
opera.exe
öffne dann sandboxie, dann oben im menü auf sandbox klickem, wähle deine sandbox aus und klicke dann auf sandboxeinstellung.
dort auf anwendung, webbrowser, andere dort auf direkten zugriff auf opera bookmarks erlauben. dann auf hinzufügen und ok.
somit kannst du deine lesezeichen auch in der sandbox dauerhaft abspeichern.

wenn du mit dem programm gut auskommst, ist ne lizenz zu empfehlen.
1. es gibt dann noch ein paar mehr funktionen.
2. kommt nach nem monat die anzeige, dass das programm freeware ist, die verschwindet erst nach ner zeit, find ich n bissel nerfig.
3. ist die lizenz lebenslang gültig, kostenpunkt rund 30 €, und du kannst sie auf allen pcs in deinem haushalt einsetzen.

eine sandbox ist eine isulierte umgebung aus der kein programm raus kommt.

um die volle wirkung zu erreichen muss alles umgesetzt und eingehalten werden.
alle benötigten verknüpfungen fürs eingeschrenkte konto nach
c:\benutzer\Default\desktop bzw \startmenü
kopieren. so sind sie für alle sichtbar
wenn du fragen hast, probleme, oder erfolgreich warst, melde dich bitte.
wenn du online banking betreibst, lese den passenden abschnitt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.05.2011, 15:15   #5
Humpestos
 
LinkExtend: Google TrojanDownloader durch Schnellansicht? - Standard

LinkExtend: Google TrojanDownloader durch Schnellansicht?



der log ist aber sauber oder?


Antwort

Themen zu LinkExtend: Google TrojanDownloader durch Schnellansicht?
64-bit, adobe, autorun, bho, c:\windows\system32\rundll32.exe, chronik, downloader, error, firefox, flash player, format, google, grand theft auto, helper, home, install.exe, installation, langs, logfile, microsoft security, microsoft security essentials, mozilla, nvidia update, object, oldtimer, plug-in, realtek, registry, rundll, searchplugins, security, shell32.dll, shortcut, software, start menu, stichwort, syswow64, teamspeak, trojaner, webcheck, windows, windows xp




Ähnliche Themen: LinkExtend: Google TrojanDownloader durch Schnellansicht?


  1. Dauernder Absturz von Google Chrome, veranlasst durch Norton
    Plagegeister aller Art und deren Bekämpfung - 08.02.2014 (17)
  2. Facebook, Youtube , Google, etc durch Surveys gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 04.03.2013 (19)
  3. win32:evo-gen durch Avast gefunden! Alle Internetseiten von Google gesperrt!
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (13)
  4. Vireneinfang allein durch Google Suche?
    Überwachung, Datenschutz und Spam - 30.01.2013 (14)
  5. MY start incredibar entfernen durch Downloads auf Google startseite
    Log-Analyse und Auswertung - 13.10.2012 (2)
  6. Google Suchergebnisse werden durch falsche Verlinkungen nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 26.06.2012 (29)
  7. Weiterleitung durch google/Maleware: Combofix funktioniert nicht.
    Log-Analyse und Auswertung - 19.01.2012 (23)
  8. Falsche weiterleitung durch Google und co.
    Log-Analyse und Auswertung - 16.11.2011 (5)
  9. Google wurde durch searchcompletion ersetzt
    Plagegeister aller Art und deren Bekämpfung - 07.11.2011 (26)
  10. Weiterleitung durch google/Malware
    Log-Analyse und Auswertung - 19.07.2011 (23)
  11. Falsche Verlinkung durch Google
    Log-Analyse und Auswertung - 19.06.2011 (36)
  12. Trojaner/keylogger durch Google Bildersuche?! TR/Dropper.Gen2
    Plagegeister aller Art und deren Bekämpfung - 01.06.2011 (5)
  13. Falsche Internetseitenverlinkung/Umleitung durch google
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (19)
  14. Google verweist auf falsche Seiten / Block durch Firefox
    Log-Analyse und Auswertung - 15.12.2010 (19)
  15. Angriffe auf Google und Co. durch bislang unbekannte Lücke im Internet Explorer
    Nachrichten - 15.01.2010 (0)
  16. Unerwünschte Werbung + Weiterleitung durch Google
    Log-Analyse und Auswertung - 20.07.2009 (5)
  17. Mozilla und MIE drehen durch Google ,av und spybot blockiert
    Log-Analyse und Auswertung - 05.02.2009 (0)

Zum Thema LinkExtend: Google TrojanDownloader durch Schnellansicht? - hi, jo hab nen neuen PC und mir LinkExtend geholt um immer zu wissen ob Seiten evtl. unseriös sind oder nicht. Als ich auf google.com das Stichwort "Hodir" (Figur aus - LinkExtend: Google TrojanDownloader durch Schnellansicht?...
Archiv
Du betrachtest: LinkExtend: Google TrojanDownloader durch Schnellansicht? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.