| |
| |||||||
Log-Analyse und Auswertung: Mozilla etc I-net Browser öffnet Werbung nach Google - klickWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.06.2011, 14:56
| #1 |
 |  Mozilla etc I-net Browser öffnet Werbung nach Google - klick Hallo, ich habe seit 3 wochen ein Netbook der Firma Asus Aspire mit Windows 7 Home Prem.. Seit kurzem öffnen sich immer mal wieder Werbefenster von Casinos (bzw erst goingearth.com dann die Werbung) etc. wenn ich nach einer Google-Suche auf ein Suchergebnis klicke. Weiss net wieso so klein. deffogger Code:
ATTFilter defogger_enable by jpshortstuff (23.02.10.1)
Log created at 15:47 on 03/06/2011 (Familie)
Parsing file...
HKCU:DAEMON Tools Lite -> Value set successfully
-=E.O.F=-
Code:
ATTFilter OTL logfile created on: 03.06.2011 15:37:43 - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Familie\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
5,98 Gb Total Physical Memory | 4,04 Gb Available Physical Memory | 67,60% Memory free
11,96 Gb Paging File | 9,57 Gb Available in Paging File | 79,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,66 Gb Total Space | 287,82 Gb Free Space | 63,86% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: FAMILIE-PC | User Name: Familie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.05.20 13:51:02 | 000,587,072 | ---- | M] (TuneUp Software) -- C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe
PRC - [2011.05.07 20:15:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.04.14 18:40:02 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.12.23 15:46:44 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2010.12.23 15:46:40 | 000,181,632 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2010.12.09 23:25:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2010.12.09 07:27:50 | 001,025,616 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.12.09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.12.09 07:27:50 | 000,287,824 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.11.12 03:21:36 | 000,296,768 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.10.06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.09.28 05:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010.09.18 02:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.09.18 02:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.14 04:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.04.27 04:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
========== Modules (SafeList) ==========
MOD - [2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 03:16:20 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009.07.14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.05.20 13:43:26 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010.10.28 04:38:16 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.10.08 03:24:16 | 000,150,016 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.05.20 13:48:30 | 002,026,304 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.05.20 13:43:18 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.05.18 13:11:53 | 003,275,864 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_8832f4b.dll -- (Akamai)
SRV - [2011.05.14 08:02:02 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.07 20:15:01 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.05 07:15:58 | 004,060,984 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.28 16:14:56 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.03.22 15:25:35 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.12.09 07:27:50 | 000,311,376 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.11.12 03:21:52 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.10.29 20:22:12 | 000,868,224 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.10.06 06:08:48 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.10.06 06:08:44 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.09.28 04:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010.09.14 04:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.06.02 01:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.29 02:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.05.21 08:17:33 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.01 17:07:25 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.04.01 17:07:25 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.10 21:22:10 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2010.12.10 21:22:10 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2010.12.10 21:22:10 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2010.10.28 05:11:46 | 007,877,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.10.28 04:03:40 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.08 03:23:38 | 000,019,192 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.09.30 07:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.09.30 07:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.09.27 09:24:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.14 04:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.07.29 15:30:48 | 001,383,472 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.07.20 11:43:22 | 000,247,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.07.09 05:51:50 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.05.11 12:11:38 | 002,229,608 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.05.05 23:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2010.10.07 12:34:32 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.03.22 15:22:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.03.22 15:22:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.03.22 15:22:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.02 07:21:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.05.07 15:21:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie\AppData\Roaming\mozilla\Extensions
[2011.05.30 16:47:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions
[2011.05.28 13:54:54 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.30 16:47:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.11 17:22:24 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Familie\AppData\Roaming\mozilla\Firefox\Profiles\0rptuvrz.default\extensions\battlefieldplay4free@ea.com
[2011.06.02 07:21:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.05.12 14:13:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\FAMILIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0RPTUVRZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.27 23:44:34 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.05.25 19:59:33 | 000,002,548 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 avg.com
O1 - Hosts: 127.0.0.1 avp.com
O1 - Hosts: 127.0.0.1 rads.mcafee.com
O1 - Hosts: 127.0.0.1 scanner.novirusthanks.org
O1 - Hosts: 127.0.0.1 secure.nai.com
O1 - Hosts: 127.0.0.1 securityresponse.symantec.com
O1 - Hosts: 127.0.0.1 sophos.com
O1 - Hosts: 127.0.0.1 symantec.com
O1 - Hosts: 127.0.0.1 threatexpert.com
O1 - Hosts: 127.0.0.1 trendmicro.com
O1 - Hosts: 127.0.0.1 ca.com
O1 - Hosts: 127.0.0.1 customer.symantec.com
O1 - Hosts: 127.0.0.1 dispatch.mcafee.com
O1 - Hosts: 127.0.0.1 download.mcafee.com
O1 - Hosts: 127.0.0.1 f-secure.com
O1 - Hosts: 127.0.0.1 kaspersky-labs.com
O1 - Hosts: 127.0.0.1 kaspersky.com
O1 - Hosts: 127.0.0.1 liveupdate.symantec.com
O1 - Hosts: 127.0.0.1 liveupdate.symantecliveupdate.com
O1 - Hosts: 127.0.0.1 mast.mcafee.com
O1 - Hosts: 127.0.0.1 mcafee.com
O1 - Hosts: 127.0.0.1 my-etrust.com
O1 - Hosts: 127.0.0.1 nai.com
O1 - Hosts: 127.0.0.1 networkassociates.com
O1 - Hosts: 127.0.0.1 update.symantec.com
O1 - Hosts: 37 more lines...
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer\clear.fi\MediaEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_16_Premium\TrayServer.exe (MAGIX AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {386CEBD9-A207-4573-2DE8-6F6A6FBA3DBF} - Microsoft Windows Media Player 12.0
ActiveX: {391878A6-2877-A370-3BE4-C7D58CF7F0DC} - Java (Sun)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {62A37440-B6B9-5CD9-E604-F2E3690ED5D5} - Microsoft Windows Media Player 12.0
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: UxTuneUp - C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2011.06.03 15:34:52 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
[2011.06.03 12:25:52 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{0D57CAC8-C423-4EE6-ABD2-960268B175E7}
[2011.06.02 07:20:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.06.02 07:20:02 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Google
[2011.06.02 07:09:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{C666DAC9-B419-49F1-959B-6491B854D4ED}
[2011.06.02 07:09:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{3E663B95-62AB-4781-9F28-8F65D40BF9C3}
[2011.06.01 18:45:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\LogoMaker
[2011.06.01 18:45:48 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\LogoMaker
[2011.06.01 18:45:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5
[2011.06.01 18:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Studio V5
[2011.06.01 13:08:16 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{92C7C130-E314-4289-8C30-B9F715AC5DCF}
[2011.06.01 06:59:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{E7557B5C-A042-4F21-B793-505DC2CE36E3}
[2011.05.31 22:00:48 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\TechSmith
[2011.05.31 22:00:42 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Camtasia Studio
[2011.05.31 22:00:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2011.05.31 22:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011.05.31 22:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith
[2011.05.31 22:00:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.05.31 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2011.05.31 22:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2011.05.31 21:36:00 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fiaa
[2011.05.31 21:36:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiaa
[2011.05.31 19:21:13 | 000,000,000 | ---D | C] -- C:\fiaa
[2011.05.31 17:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011.05.31 17:26:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TS3Client
[2011.05.31 17:25:24 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2011.05.31 17:16:17 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.31 17:16:17 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.05.31 17:16:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.05.31 17:09:18 | 000,000,000 | ---D | C] -- C:\Gamigo
[2011.05.31 17:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gamigo
[2011.05.31 13:56:16 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2011.05.31 13:56:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.05.31 13:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011.05.31 06:36:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{45A336D6-A809-48D2-819A-7E9D30485C1A}
[2011.05.30 20:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.05.30 20:41:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.05.30 20:38:58 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Synchronization Services
[2011.05.30 20:38:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Sync Framework
[2011.05.30 20:37:48 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2011.05.30 20:34:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.05.30 20:34:02 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Analysis Services
[2011.05.30 20:30:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{46B39FD9-6AA7-4747-86E1-6224CFEE6678}
[2011.05.30 20:26:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.05.30 16:47:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\dwhelper
[2011.05.30 15:06:22 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2011.05.30 07:28:54 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{2C054160-0546-4CE0-AF5B-59C78C7358E9}
[2011.05.30 07:13:37 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{ED47AFB0-7FC9-4B47-9769-538A44B8EE7C}
[2011.05.30 07:13:29 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\SoftGrid Client
[2011.05.30 07:13:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\SoftGrid Client
[2011.05.29 20:41:31 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\DVDFab
[2011.05.29 20:41:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 8 Qt
[2011.05.29 18:05:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Freemake
[2011.05.29 18:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2011.05.29 18:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2011.05.29 16:03:12 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Emicsoft Studio
[2011.05.29 16:03:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Emicsoft Studio
[2011.05.29 08:01:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Real
[2011.05.29 08:00:47 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2011.05.29 08:00:47 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2011.05.29 08:00:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.05.29 08:00:46 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011.05.29 08:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.05.29 07:58:08 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\SysWow64\pncrt.dll
[2011.05.29 07:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eRightSoft
[2011.05.29 07:42:08 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{019EAE57-1515-45ED-8830-AD308A0842EF}
[2011.05.28 21:48:25 | 000,872,448 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2011.05.28 21:48:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2011.05.28 21:44:07 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Screenshare
[2011.05.28 21:43:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\3D_Maker_embeded
[2011.05.28 21:43:27 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2011.05.28 21:43:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Speed2_burnR_mxcdr
[2011.05.28 21:43:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xara
[2011.05.28 21:34:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_Video_deluxe_16_Premium
[2011.05.28 16:48:07 | 000,000,000 | ---D | C] -- C:\Users\Familie\JDownloader
[2011.05.28 13:58:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\City Interactive
[2011.05.28 13:54:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2011.05.28 13:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2011.05.28 06:43:19 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{B22FD6A0-FCF4-4A39-848C-5EB39C41FC57}
[2011.05.27 23:43:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.05.27 16:59:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Meine empfangenen Dateien
[2011.05.27 14:57:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Plasmoo
[2011.05.27 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.27 13:39:44 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\DVDVideoSoft
[2011.05.27 13:39:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2011.05.27 12:27:27 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{DBD210D9-79C4-4E1F-A949-7763B37EDC50}
[2011.05.26 17:02:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{4848335C-04FB-4F9E-9399-547F516DACED}
[2011.05.26 17:02:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\Tracing
[2011.05.26 16:55:37 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.05.26 16:54:53 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.05.26 16:24:30 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\My Games
[2011.05.26 16:20:23 | 000,000,000 | RH-D | C] -- C:\Users\Familie\AppData\Roaming\SecuROM
[2011.05.26 16:20:12 | 000,000,000 | -HSD | C] -- C:\ProgramData\SecuROM
[2011.05.26 16:04:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.05.26 16:04:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2011.05.26 16:04:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2011.05.26 16:04:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.05.25 20:45:16 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Avira
[2011.05.25 20:29:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX_MusicEditor
[2011.05.25 20:29:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Xara
[2011.05.25 20:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2011.05.25 20:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011.05.25 20:26:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2011.05.25 19:52:27 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.05.25 19:52:25 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.05.25 19:52:25 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.05.25 19:52:25 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.05.25 19:52:25 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.05.25 19:52:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.05.25 19:52:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TuneUp Software
[2011.05.25 19:52:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.05.25 19:52:18 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.05.25 19:52:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.05.25 19:47:12 | 000,000,000 | ---D | C] -- C:\fernsehen
[2011.05.24 18:47:30 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX Downloads
[2011.05.24 18:47:29 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\MAGIX
[2011.05.24 18:46:12 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\MAGIX
[2011.05.24 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2011.05.24 18:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2011.05.24 18:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NtiDvdCopy
[2011.05.24 18:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\NTIRegEt
[2011.05.23 20:47:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TeamViewer
[2011.05.23 18:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.05.23 18:39:58 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.05.23 18:35:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.05.23 17:27:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.05.22 21:31:47 | 000,000,000 | ---D | C] -- C:\Users\Familie\.avpntool
[2011.05.22 21:31:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anonymitynetwork Tool
[2011.05.22 21:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AN VPN Tool
[2011.05.22 18:46:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PTP2 Addons
[2011.05.22 15:58:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bethesda Softworks
[2011.05.22 15:32:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\SKIDROW
[2011.05.22 13:07:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\RenPy
[2011.05.22 12:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo Act 1
[2011.05.22 11:22:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auran
[2011.05.22 11:19:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auran
[2011.05.21 22:03:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brass Restoration English
[2011.05.21 22:03:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brass Restoration English
[2011.05.21 08:36:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\CAPCOM
[2011.05.21 08:36:36 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\CAPCOM
[2011.05.21 08:33:29 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.05.21 08:22:51 | 000,000,000 | ---D | C] -- C:\Users\Familie\Desktop\Programme und Co,
[2011.05.21 08:22:04 | 000,000,000 | ---D | C] -- C:\Fraps
[2011.05.21 08:19:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2011.05.21 08:17:15 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.05.21 08:17:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011.05.21 08:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011.05.21 08:16:43 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\DAEMON Tools Lite
[2011.05.21 08:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2011.05.21 07:46:22 | 000,000,000 | ---D | C] -- C:\Users\Familie\Desktop\DMC
[2011.05.20 21:26:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Cross Fire
[2011.05.20 21:26:48 | 000,000,000 | ---D | C] -- C:\CFLog
[2011.05.20 21:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2011.05.18 14:17:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\vlc
[2011.05.18 14:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.05.18 14:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.05.18 14:03:56 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Pavtube
[2011.05.18 14:03:56 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Pavtube
[2011.05.15 07:36:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eFusion
[2011.05.15 07:36:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFusion
[2011.05.15 07:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eFusion
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft
[2011.05.14 22:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011.05.14 14:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.05.14 08:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.05.13 16:04:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Pinnacle VideoSpin
[2011.05.13 16:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Yahoo!
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle VideoSpin
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Pinnacle
[2011.05.13 16:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pinnacle
[2011.05.13 15:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2011.05.13 15:59:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Downloaded Installations
[2011.05.12 16:51:45 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\LogMeIn Hamachi
[2011.05.12 14:36:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs
[2011.05.12 14:36:37 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Win7codecs
[2011.05.12 14:36:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2011.05.12 14:36:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2011.05.12 14:29:15 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\{D10D7969-EAC1-4519-859B-173AC1F8414B}
[2011.05.12 14:16:54 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.05.12 14:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.05.12 14:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.05.12 14:12:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.05.12 13:42:01 | 000,000,000 | ---D | C] -- C:\vcs5BGEffects
[2011.05.12 13:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.05.12 13:40:36 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.05.12 13:40:35 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.05.12 13:40:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.05.12 13:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.05.12 13:34:49 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Changer Software DIAMOND
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\ATI
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\ATI
[2011.05.12 13:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.05.11 22:24:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\TP
[2011.05.11 21:04:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\CyberLink
[2011.05.11 18:49:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.05.11 18:47:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011.05.11 17:31:15 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Battlefield Play4Free
[2011.05.11 17:23:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2011.05.11 17:02:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.05.11 16:51:07 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2011.05.11 16:51:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011.05.11 16:43:50 | 000,000,000 | ---D | C] -- C:\Programme\AVAST Software
[2011.05.11 16:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011.05.11 14:42:46 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.05.11 14:38:47 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2011.05.11 14:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.05.11 14:37:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Microsoft Help
[2011.05.11 14:37:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.05.10 20:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.10 20:45:48 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.05.10 20:45:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011.05.10 17:09:20 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Adobe
[2011.05.10 17:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.09 20:30:18 | 000,000,000 | ---D | C] -- C:\Programme\CodeGazer
[2011.05.09 20:30:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeGazer
[2011.05.09 14:28:19 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Diagnostics
[2011.05.09 14:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Combat Elite
[2011.05.09 14:27:16 | 000,000,000 | ---D | C] -- C:\Programme\Wolfenstein - Enemy Territory
[2011.05.08 20:46:33 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Cyberlink
[2011.05.08 20:46:32 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\CyberLink
[2011.05.08 20:46:24 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\PowerCinema
[2011.05.08 17:08:18 | 000,000,000 | ---D | C] -- C:\Users\Familie\oni
[2011.05.08 17:07:16 | 000,000,000 | ---D | C] -- C:\CyberStep
[2011.05.08 15:22:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (June 2010)
[2011.05.08 15:20:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft DirectX SDK (June 2010)
[2011.05.08 14:30:41 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\reakktor
[2011.05.08 14:30:25 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\Reakktor Media
[2011.05.08 14:14:44 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\TrackMania
[2011.05.08 14:01:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.05.08 12:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2011.05.08 12:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2011.05.07 22:54:09 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Windows Live
[2011.05.07 22:00:41 | 004,060,984 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011.05.07 22:00:31 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011.05.07 22:00:28 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\INCA Shared
[2011.05.07 21:58:42 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2011.05.07 21:01:34 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.05.07 20:51:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\Documents\GTA San Andreas User Files
[2011.05.07 20:51:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.05.07 20:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.05.07 20:46:05 | 000,000,000 | ---D | C] -- C:\GTA SA
[2011.05.07 20:23:23 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PunkBuster
[2011.05.07 19:41:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.05.07 19:41:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.05.07 19:41:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2011.05.07 19:36:52 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\.minecraft
[2011.05.07 18:09:37 | 000,000,000 | ---D | C] -- C:\ProgramData\clear.fi
[2011.05.07 16:39:04 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\LolClient
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\WinRAR
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.07 16:33:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.05.07 16:33:05 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.05.07 16:07:14 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.05.07 15:40:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2011.05.07 15:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.05.07 15:26:40 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PMB Files
[2011.05.07 15:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.05.07 15:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.05.07 15:22:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Skype
[2011.05.07 15:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.05.07 15:21:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Mozilla
[2011.05.07 15:21:01 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Mozilla
[2011.05.07 15:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.05.07 15:19:39 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Adobe
[2011.05.07 15:18:21 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Intel Corporation
[2011.05.07 15:18:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Macromedia
[2011.05.07 15:18:17 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\EgisTec IPS
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\Searches
[2011.05.07 15:18:04 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.05.07 15:17:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Identities
[2011.05.07 15:17:54 | 000,000,000 | R--D | C] -- C:\Users\Familie\Contacts
[2011.05.07 15:16:58 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\a
[2011.05.07 15:16:57 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Acer
[2011.05.07 15:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OEM
[2011.05.07 15:16:46 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\PowerCinema
[2011.05.07 15:16:42 | 000,000,000 | ---D | C] -- C:\Programme\Acer Accessory Store
[2011.05.07 15:16:33 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\VirtualStore
[2011.05.07 15:16:11 | 000,000,000 | --SD | C] -- C:\Users\Familie\AppData\Roaming\Microsoft
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Videos
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Saved Games
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Pictures
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Music
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Links
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Favorites
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Downloads
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Documents
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\Desktop
[2011.05.07 15:16:11 | 000,000,000 | R--D | C] -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Vorlagen
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Verlauf
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Temporary Internet Files
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Startmenü
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\SendTo
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Recent
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Netzwerkumgebung
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Lokale Einstellungen
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Videos
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Musik
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Eigene Dateien
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Documents\Eigene Bilder
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Druckumgebung
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Cookies
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\AppData\Local\Anwendungsdaten
[2011.05.07 15:16:11 | 000,000,000 | -HSD | C] -- C:\Users\Familie\Anwendungsdaten
[2011.05.07 15:16:11 | 000,000,000 | -H-D | C] -- C:\Users\Familie\AppData
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Temp
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Local\Microsoft
[2011.05.07 15:16:11 | 000,000,000 | ---D | C] -- C:\Users\Familie\AppData\Roaming\Media Center Programs
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.05.07 15:15:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.04.10 20:36:04 | 000,120,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2010.02.04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[1 C:\Users\Familie\AppData\Roaming\*.tmp files -> C:\Users\Familie\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.03 15:38:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.03 15:38:18 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.03 15:34:53 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Familie\Desktop\OTL(1).exe
[2011.06.03 15:34:26 | 000,000,168 | ---- | M] () -- C:\Users\Familie\defogger_reenable
[2011.06.03 15:31:43 | 000,050,477 | ---- | M] () -- C:\Users\Familie\Desktop\Defogger.exe
[2011.06.03 15:30:00 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.06.03 15:26:02 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.06.03 15:25:00 | 000,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001UA.job
[2011.06.03 15:20:02 | 000,000,250 | -H-- | M] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.06.03 15:01:02 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.06.03 12:24:51 | 000,000,312 | -HS- | M] () -- C:\Windows\tasks\LIEKS.job
[2011.06.03 12:24:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.03 12:24:33 | 522,604,543 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.02 22:48:09 | 000,046,085 | ---- | M] () -- C:\Users\Familie\Desktop\22.jpg
[2011.06.02 22:33:40 | 000,216,502 | ---- | M] () -- C:\Users\Familie\Desktop\DIE.jpg
[2011.06.02 21:49:01 | 000,046,888 | ---- | M] () -- C:\Cytriik.cyt
[2011.06.02 21:49:01 | 000,046,888 | ---- | M] () -- C:\Aegis.cyt
[2011.06.02 21:49:01 | 000,009,216 | ---- | M] () -- C:\Cyt64.cyt
[2011.06.02 07:25:00 | 000,001,074 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001Core.job
[2011.06.01 20:32:58 | 001,632,660 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.01 20:32:58 | 000,696,424 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.01 20:32:58 | 000,651,702 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.01 20:32:58 | 000,147,688 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.01 20:32:58 | 000,120,634 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.01 18:45:41 | 000,001,165 | ---- | M] () -- C:\Users\Familie\Desktop\LogoMaker.lnk
[2011.06.01 18:36:02 | 000,001,151 | ---- | M] () -- C:\Users\Familie\Desktop\BlackShot.lnk
[2011.06.01 18:02:29 | 000,006,656 | ---- | M] () -- C:\Users\Familie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.31 22:00:22 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.05.31 19:21:10 | 000,065,536 | ---- | M] () -- C:\Windows\IFinst27.exe
[2011.05.31 17:16:17 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.05.31 17:16:17 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.05.31 06:35:45 | 000,513,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.05.30 07:25:26 | 000,007,605 | ---- | M] () -- C:\Users\Familie\Documents\Poesie.odt
[2011.05.29 18:05:46 | 000,001,328 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2011.05.28 21:59:25 | 000,001,752 | ---- | M] () -- C:\Users\Familie\Desktop\Videodeluxe - Verknüpfung.lnk
[2011.05.28 13:54:47 | 000,001,406 | ---- | M] () -- C:\Users\Familie\Desktop\Free YouTube to MP3 Converter.lnk
[2011.05.28 07:08:52 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9Acer.dll
[2011.05.28 07:08:24 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdateV9.dll
[2011.05.25 20:51:53 | 000,015,582 | ---- | M] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat
[2011.05.24 18:27:10 | 000,102,912 | RHS- | M] () -- C:\Windows\SysWow64\usp10R.dll
[2011.05.24 18:22:49 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTIMMV9REGET.dll
[2011.05.23 15:55:08 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.22 21:34:03 | 000,131,072 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011.05.22 17:59:19 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.22 17:58:21 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.21 08:33:29 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2011.05.21 08:17:33 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011.05.20 13:49:22 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.05.20 13:43:32 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.05.20 13:43:30 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.05.20 13:43:26 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.05.20 13:43:18 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.05.14 22:36:56 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2011.05.13 18:46:58 | 000,001,739 | ---- | M] () -- C:\Users\Familie\Desktop\MinecraftSP - Verknüpfung.lnk
[2011.05.13 17:15:49 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.05.12 14:47:08 | 001,625,520 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.12 14:16:42 | 012,353,066 | ---- | M] () -- C:\Users\Familie\AppData\Roaming\Misa201.zip
[2011.05.12 13:43:23 | 000,090,520 | ---- | M] () -- C:\Users\Familie\Documents\rec_Vcs6Core_13-43-11.mp3
[2011.05.11 18:56:21 | 000,001,660 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.11 18:53:51 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2011.05.11 17:49:29 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.05.11 17:19:01 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.11 17:18:51 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.11 17:01:56 | 288,875,426 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.05.10 21:06:04 | 000,002,535 | ---- | M] () -- C:\Users\Familie\Desktop\Skype.lnk
[2011.05.07 22:13:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.05.07 22:13:24 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.05.07 20:15:01 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.07 19:49:34 | 003,360,624 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.07 19:46:01 | 000,000,221 | ---- | M] () -- C:\Users\Familie\Desktop\America's Army 3.url
[2011.05.07 15:21:06 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[1 C:\Users\Familie\AppData\Roaming\*.tmp files -> C:\Users\Familie\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.03 15:34:26 | 000,000,168 | ---- | C] () -- C:\Users\Familie\defogger_reenable
[2011.06.03 15:31:43 | 000,050,477 | ---- | C] () -- C:\Users\Familie\Desktop\Defogger.exe
[2011.06.02 22:43:50 | 000,046,085 | ---- | C] () -- C:\Users\Familie\Desktop\22.jpg
[2011.06.02 22:33:40 | 000,216,502 | ---- | C] () -- C:\Users\Familie\Desktop\DIE.jpg
[2011.06.02 21:49:01 | 000,046,888 | ---- | C] () -- C:\Cytriik.cyt
[2011.06.02 21:49:01 | 000,046,888 | ---- | C] () -- C:\Aegis.cyt
[2011.06.02 21:49:01 | 000,009,216 | ---- | C] () -- C:\Cyt64.cyt
[2011.06.02 07:21:59 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.06.02 07:20:02 | 000,001,126 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001UA.job
[2011.06.02 07:20:02 | 000,001,074 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2341877200-1600531284-4254082247-1001Core.job
[2011.06.01 18:45:41 | 000,001,165 | ---- | C] () -- C:\Users\Familie\Desktop\LogoMaker.lnk
[2011.06.01 18:36:02 | 000,001,151 | ---- | C] () -- C:\Users\Familie\Desktop\BlackShot.lnk
[2011.05.31 22:01:30 | 000,006,656 | ---- | C] () -- C:\Users\Familie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.31 22:00:22 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\Camtasia Studio 7.lnk
[2011.05.31 19:21:10 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011.05.30 07:21:26 | 000,007,605 | ---- | C] () -- C:\Users\Familie\Documents\Poesie.odt
[2011.05.29 18:05:46 | 000,001,328 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2011.05.29 08:00:46 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.05.28 21:59:25 | 000,001,752 | ---- | C] () -- C:\Users\Familie\Desktop\Videodeluxe - Verknüpfung.lnk
[2011.05.28 21:48:25 | 000,007,256 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011.05.28 13:54:47 | 000,001,406 | ---- | C] () -- C:\Users\Familie\Desktop\Free YouTube to MP3 Converter.lnk
[2011.05.27 23:43:27 | 000,001,974 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.05.27 23:43:27 | 000,001,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.05.27 23:43:26 | 000,001,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.05.25 20:01:31 | 000,015,582 | ---- | C] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat
[2011.05.25 19:52:24 | 000,002,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.05.24 18:27:16 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2011.05.24 18:27:14 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.05.24 18:27:12 | 000,000,250 | -H-- | C] () -- C:\Windows\tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.05.24 18:27:10 | 000,102,912 | RHS- | C] () -- C:\Windows\SysWow64\usp10R.dll
[2011.05.24 18:27:10 | 000,000,312 | -HS- | C] () -- C:\Windows\tasks\LIEKS.job
[2011.05.23 15:55:08 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.05.22 21:33:50 | 000,131,072 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2011.05.14 22:08:07 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft - Brood War.lnk
[2011.05.13 18:46:58 | 000,001,739 | ---- | C] () -- C:\Users\Familie\Desktop\MinecraftSP - Verknüpfung.lnk
[2011.05.13 15:59:24 | 000,000,349 | ---- | C] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2011.05.12 14:16:35 | 012,353,066 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Misa201.zip
[2011.05.12 13:43:16 | 000,090,520 | ---- | C] () -- C:\Users\Familie\Documents\rec_Vcs6Core_13-43-11.mp3
[2011.05.11 18:56:21 | 000,001,660 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.11 18:53:51 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2011.05.11 17:19:01 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.05.11 17:18:51 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.05.11 17:01:56 | 288,875,426 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.05.10 21:06:04 | 000,002,535 | ---- | C] () -- C:\Users\Familie\Desktop\Skype.lnk
[2011.05.10 17:04:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.08 14:17:55 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2011.05.08 14:04:04 | 001,625,520 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.07 22:00:31 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011.05.07 20:23:24 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.05.07 20:14:46 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.07 20:14:41 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.07 20:14:40 | 003,360,624 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.07 19:46:01 | 000,000,221 | ---- | C] () -- C:\Users\Familie\Desktop\America's Army 3.url
[2011.05.07 15:21:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.05.07 15:18:10 | 000,001,413 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.05.07 15:18:05 | 000,001,447 | ---- | C] () -- C:\Users\Familie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.27 11:21:38 | 003,268,096 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2011.04.11 19:09:18 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.03.22 15:10:40 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.22 15:06:11 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.03.19 11:06:02 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.03.19 11:04:28 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.12.10 21:09:56 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2010.12.10 21:06:49 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2010.12.10 20:29:43 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.03.15 05:31:48 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2007.02.05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2007.01.26 01:04:12 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\mase32.dll
[2007.01.26 01:04:12 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\ma32.dll
========== LOP Check ==========
[2011.05.21 18:31:54 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\.minecraft
[2011.05.07 15:16:59 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\a
[2011.05.21 08:18:51 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\DAEMON Tools Lite
[2011.05.27 14:57:56 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\LogoMaker
[2011.05.07 16:39:04 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\LolClient
[2011.05.28 21:44:55 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\MAGIX
[2011.05.18 14:03:56 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\Pavtube
[2011.05.08 20:46:33 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\PowerCinema
[2011.05.22 13:07:57 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\RenPy
[2011.05.30 20:22:40 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\SoftGrid Client
[2011.05.23 20:57:13 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TeamViewer
[2011.05.11 22:25:52 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TP
[2011.06.01 17:40:40 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TS3Client
[2011.05.25 19:52:22 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\TuneUp Software
[2011.05.12 14:36:37 | 000,000,000 | ---D | M] -- C:\Users\Familie\AppData\Roaming\Win7codecs
[2011.06.03 15:30:00 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2011.06.03 12:24:51 | 000,000,312 | -HS- | M] () -- C:\Windows\Tasks\LIEKS.job
[2009.07.14 07:08:49 | 000,020,306 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.06.03 15:26:02 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2011.06.03 15:20:02 | 000,000,250 | -H-- | M] () -- C:\Windows\Tasks\{810401E2-DDE0-454e-B0E2-AA89C9E5967C}.job
[2011.06.03 15:01:02 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.05.07 15:17:53 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.05.31 18:55:29 | 000,000,000 | ---D | M] -- C:\AeriaGames
[2011.03.22 15:12:13 | 000,000,000 | ---D | M] -- C:\book
[2011.05.20 21:26:48 | 000,000,000 | ---D | M] -- C:\CFLog
[2011.06.03 12:24:31 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2011.05.08 17:07:16 | 000,000,000 | ---D | M] -- C:\CyberStep
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.05.25 19:49:31 | 000,000,000 | ---D | M] -- C:\fernsehen
[2011.05.31 21:36:00 | 000,000,000 | ---D | M] -- C:\fiaa
[2011.05.22 18:28:22 | 000,000,000 | ---D | M] -- C:\Fraps
[2011.05.31 18:55:59 | 000,000,000 | ---D | M] -- C:\Gamigo
[2011.05.08 19:27:21 | 000,000,000 | ---D | M] -- C:\GTA SA
[2010.12.10 21:00:43 | 000,000,000 | ---D | M] -- C:\Intel
[2011.05.30 20:26:39 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.05.07 15:17:43 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.05.31 17:25:24 | 000,000,000 | R--D | M] -- C:\Programme
[2011.06.01 18:44:41 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.05.31 22:00:16 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.05.07 15:15:53 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.05.07 16:07:15 | 000,000,000 | ---D | M] -- C:\Riot Games
[2011.05.29 09:12:51 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.05.07 15:16:05 | 000,000,000 | R--D | M] -- C:\Users
[2011.05.12 13:42:01 | 000,000,000 | ---D | M] -- C:\vcs5BGEffects
[2011.06.01 20:32:06 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010.07.17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.07.17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.07.17 21:26:04 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2010.02.04 12:49:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010.07.17 21:26:04 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2010.02.04 12:49:48 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2010.07.17 21:26:04 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >
mfg |
| Themen zu Mozilla etc I-net Browser öffnet Werbung nach Google - klick |
| 64-bit, akamai, alternate, analysis, antivir, avira, bho, browser, c:\windows\system32\rundll32.exe, converter, document, error, firefox, google, home, installation, launch, league of legends, logfile, mozilla, mp3, oldtimer, plug-in, realtek, registry, scan, searchplugins, shark, software, spielen, start menu, studio, symantec, syswow64, teamspeak, usb 3.0, visual studio, webcheck, werbefenster, werbung, windows, windows 7 home, öffnet werbung |
Baum-Darstellung