| JohnyderDepp | 12.03.2012 20:53 |
Voila das log
Combofix Logfile: Code:
ComboFix 12-03-12.03 - Jxxx 12.03.2012 20:24:37.1.3 - x64
Microsoft® Windows Vista™ Business 6.0.6002.2.1252.49.1031.18.4095.2622 [GMT 1:00]
ausgeführt von:: c:\users\Jxxx\Desktop\Virenscan\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\tcpview\tcpview.exe
c:\programdata\hpeE86A.dll
c:\programdata\hpeFC96.dll
c:\users\Jxxx\AppData\Roaming\0ad
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\animal_lion_6f516661.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\aspis_sm_b_99bf6988.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\aspis_sm_f_abe44e89.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\berries_20fb81fc.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\berrybush_059c5d34.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\bridge_edge_wooden_edeaa993.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\brontoburger_1cfd89b7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_1_ac67cc68.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_death_44c94730.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_idle_01_7e9b1450.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_idle_02_28c8d474.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_run_01b741e7.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\camel_walk_25ab7314.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\campfire_3870ca5b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_arch_dc553b0d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_df9a8491.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_props_1_c127f676.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_civic3_props_new_8ea7b7b1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_coolus_caradoc_cfa20650.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_base_6fb1ae78.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_props_1_7bf298c0.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_corral_props_new_6cd5ea76.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_1c7728b3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_hoe_ead1a676.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_props_d4b4db7d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_farmstead_shield_93a54ab6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_helmet_n_ec11a532.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_1_1ce1968c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_beef_c14d3918.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_props_new_d82d8a29.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_kennel_struct_de04fec9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_cdd5bdb2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_props_81130780.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_shield_93a54ab6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_mill_silo_bd5fd1df.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_1d71c6ac.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_door_32493a70.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_shields_38b075cb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost_windows_fee1778b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_373ab217.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_shields_3f6ba41d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_outpost2_windows_9a4075e9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_raven_d4930f0d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_props_1_9b7193a4.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_props_new_4021e026.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\celt_tavern_struct_5b3852d8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_antlers_5aa5511b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_attack_01_60aea225.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_death_01_008cdb71.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_death_02_17ab455b.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_01_8f57d724.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_02_6027a30d.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_03_09115033.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_idle_04_1f18aee6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_mesh_7e179e72.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_run_01_b7986726.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_walk_01_877dac04.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\deer_walk_02_9a6ac547.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\elephant_african_baby_9b995330.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\elephant_asian_male_f87cca60.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_build_01_f745f688.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_death_01_e902be55.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_dress_d6582e3f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_farm_01_306c036f.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_gather_01_a6c77502.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_idle_01_c1351cb6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_lumber_01_09c3af9a.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_mine_01_d73208a5.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\f_walk_01_9ceac3a6.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_e16edb34.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_a_1dbbd6ba.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_b_0750aa92.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\fish_generic_idle_c_65ef51f4.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_2x2_a_a70b0835.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_3x3_b_80a1c938.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\found_3x3_c_cc2bcb1d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\garrison_flag_f37f708e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\garrison_flag_idle_8632305c.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_desert_02_4cd127b6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_mineral_01_3324daee.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_mineral_02_8b5b8039.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\geo_stonemine_large_37708583.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\hawk_bec0076c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_attack_b_b092e0e0.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_ready_a_f29b37ba.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_2_hand_sword_ready_c_996a2745.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_a_add90b58.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_b_96f4b64f.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_c_5f771540.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_d_128149c5.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\inf_sword_ready_e_20c33f4e.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\javelin_ammo_0b87f1c7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\javelin_ammo2_f124f100.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_death_7bf22576.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_01_acef20b2.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_02_33579a02.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_idle_03_4ad9694b.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_run_8a01f7ca.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\lion_walk_c2db63c3.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\luggage_57005a76.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\luggage_female_back_7b709590.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_hero_cape_06c3a3e6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_hero_e2e7685d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_pants_celt_3c48cccd.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tights_196ca7c6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tunic_long_ff4cfd10.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\m_tunic_short_bf81a5c0.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\metal_block_ed185799.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_angle_spike_90f03f7f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_curve_0aca83d3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_end_44ec1be2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_fort_e9128bc8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_rocks_straight_2b7d6ab8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_small_spikes_ab356f9f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\palisade_tall_spikes_5b762a92.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_dddf64fe.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_props_a_702a0d7c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_civic_props_b_49578ed1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_a_b4cbb197.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_b_973df2a8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_house_c_6a9d11e9.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_kidaris_loose_c82046be.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_kidaris_tied_459f1bc3.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_mill_1_b292ecc7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_mill_f8ab42e6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_sb2_21d519e7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\pers_scout_tower_b_2d251b90.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\plant_desert_01_d87df278.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\plant_desert_02_e329731c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\quiver_hip_7989795e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_a_33d26c70.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_b_12690341.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_c_1249c49e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_d_1e601b5d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_e_8739e261.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_f_6e689e03.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\rome_coolus_g_ae9c08be.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_a_cd77f06a.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_b_f03428d5.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_c_09887d73.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_d_34fde743.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\standingstone_e_85eeddbd.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\stone_block_3f9040fb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\stone_pile_9c569417.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_a_a807a235.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_b_3cd81558.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_c_8ff6ea6e.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_top_d_c5729816.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_trunk_a_dbb03f41.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_apple_trunk_b_97fd46a6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_a_04582214.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_b_140f90de.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_c_7a379c04.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_top_d_84bf6cd7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_a_2a222ef6.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_b_9c6d284d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_c_9bc46ea8.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_baobab_trunk_d_d9f21b57.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_01_1c3746e2.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_02_227c19b7.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_03_d8e62752.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_04_e5b5800c.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_05_0d03b60d.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_06_46276bcb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_07_441109cc.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_08_b68894e1.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_cretan_date_palm_patch_01_a73aa9ad.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_top_a_36684040.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_top_b_1fcbf339.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_trunk_a_0bcb05b5.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_fig_trunk_b_c121c68f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_02_54b18499.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_03_43d8a90f.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_04_8c315116.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_05_dfa3af91.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\tree_pine_06_6ab067eb.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\waypoint_flag_c2959b3b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\waypoint_flag_idle_71b4d815.psa
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\wood_pile_dcf82a09.pmd
c:\users\Jxxx\AppData\Roaming\0ad\cache\mods\public\public.zip\wood_shuttle_c875152b.pmd
c:\users\Jxxx\AppData\Roaming\0ad\config\user.cfg
c:\users\Jxxx\AppData\Roaming\0ad\logs\interestinglog.html
c:\users\Jxxx\AppData\Roaming\0ad\logs\mainlog.html
c:\users\Jxxx\AppData\Roaming\0ad\logs\sim_log\3252\commands.txt
c:\users\Jxxx\AppData\Roaming\0ad\logs\sim_log\6016\commands.txt
c:\users\Jxxx\AppData\Roaming\0ad\logs\system_info.txt
c:\users\Jxxx\AppData\Roaming\Roaming
c:\users\Jxxx\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\windows\IsUn0407.exe
F:\install.exe
H:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-02-12 bis 2012-03-12 ))))))))))))))))))))))))))))))
.
.
2012-03-12 19:44 . 2012-03-12 19:44 -------- d-----w- c:\users\hofmaier\AppData\Local\temp
2012-03-12 19:44 . 2012-03-12 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-10 16:47 . 2012-03-10 16:47 -------- d-----w- C:\_OTL
2012-03-08 19:22 . 2012-03-08 19:22 -------- d-----w- c:\program files (x86)\ESET
2012-03-08 12:12 . 2012-03-08 12:12 -------- d-----w- c:\users\Jxxx\AppData\Local\Citrix
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\users\Jxxx\AppData\Roaming\Malwarebytes
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\programdata\Malwarebytes
2012-03-07 15:59 . 2012-03-07 15:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-03-07 15:59 . 2011-12-10 14:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-06 09:16 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{518E8024-D569-4BEB-B0C6-D57B72133D6A}\mpengine.dll
2012-03-05 11:13 . 2012-03-05 11:13 -------- d-----w- c:\program files\Microsoft Network Monitor 3
2012-03-02 17:35 . 2012-03-02 17:35 -------- d-----w- c:\users\Jxxx\AppData\Local\THQ
2012-03-02 17:35 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-03-02 17:35 . 2008-07-12 07:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-02-29 22:22 . 2011-12-19 13:16 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-02-29 12:31 . 2012-03-12 19:14 -------- d-----w- c:\users\Jxxx\AppData\Roaming\Dropbox
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files (x86)\Nitro PDF Reader
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files\Common Files\Nitro PDF
2012-02-19 16:09 . 2012-02-19 16:09 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF
2012-02-15 14:30 . 2011-12-20 10:56 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
2012-02-15 14:30 . 2011-12-20 10:56 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-02-15 14:29 . 2012-01-03 14:25 404992 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-15 14:29 . 2012-01-12 20:16 2765824 ----a-w- c:\windows\system32\win32k.sys
2012-02-15 14:29 . 2011-12-14 16:38 621056 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 14:29 . 2011-12-14 16:17 680448 ----a-w- c:\windows\SysWow64\msvcrt.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-12 09:10 . 2009-07-26 12:20 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-03-12 09:10 . 2009-03-02 10:44 280736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-03-12 09:08 . 2009-03-02 10:44 215128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-02-29 23:06 . 2009-03-02 10:44 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-02-29 06:50 . 2011-05-23 01:18 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2009-10-06 02:45 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-21 23:59 . 2009-03-02 10:44 674600 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-02-15 09:49 . 2011-10-15 16:17 132320 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-02-08 21:59 . 2011-08-15 20:12 30200 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-02-08 21:59 . 2011-08-15 20:12 18424 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-15 16:36 . 2012-01-15 16:36 57344 ----a-r- c:\users\Jxxx\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2012-01-15 16:35 . 2012-01-15 16:35 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
2011-12-25 20:32 . 2009-07-05 23:16 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-12-25 20:32 . 2009-07-05 23:16 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-12-25 20:32 . 2009-07-05 23:16 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-12-25 20:32 . 2009-07-05 23:16 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-12-16 13:04 . 2011-12-16 13:04 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-12-16 13:04 . 2011-12-16 13:04 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-12-16 13:04 . 2011-10-14 08:52 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2011-12-16 13:04 . 2011-12-16 13:04 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-12-16 13:04 . 2011-12-16 13:04 325632 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-12-16 13:04 . 2011-12-16 13:04 41984 ----a-w- c:\windows\system32\atiuxp64.dll
2011-12-16 13:04 . 2011-10-14 08:57 494592 ----a-w- c:\windows\system32\atiadlxx.dll
2011-12-16 13:03 . 2011-12-16 13:03 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-12-16 13:03 . 2011-12-16 13:03 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-12-16 13:03 . 2011-10-14 08:01 25218048 ----a-w- c:\windows\system32\atio6axx.dll
2011-12-16 13:03 . 2011-12-16 13:02 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-12-16 13:02 . 2010-07-07 01:24 58880 ----a-w- c:\windows\system32\coinst.dll
2011-12-16 13:02 . 2010-07-07 01:14 39424 ----a-w- c:\windows\system32\atiu9p64.dll
2011-12-16 13:02 . 2010-07-07 01:14 45056 ----a-w- c:\windows\system32\atitmp64.dll
2011-12-16 13:02 . 2011-12-16 13:02 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-12-16 13:02 . 2011-12-16 13:02 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-12-16 13:02 . 2011-12-16 13:01 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-12-16 13:02 . 2011-12-16 13:01 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-12-16 13:02 . 2011-12-16 12:59 11300864 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-12-16 13:01 . 2011-12-16 13:01 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-12-16 13:01 . 2011-12-16 13:01 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-12-16 13:01 . 2011-12-16 13:01 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-12-16 13:01 . 2011-12-16 13:01 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-12-16 13:01 . 2011-12-01 00:08 32256 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-12-16 13:00 . 2011-12-16 13:00 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-12-16 13:00 . 2011-12-16 13:00 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-12-16 13:00 . 2011-12-16 13:00 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-12-16 13:00 . 2011-12-01 00:17 4200960 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-12-16 12:59 . 2011-12-16 12:59 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-12-16 12:59 . 2011-12-01 00:14 5852672 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-12-16 12:59 . 2011-12-16 12:58 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-12-16 12:58 . 2011-10-14 08:01 927232 ----a-w- c:\windows\system32\aticfx64.dll
2011-12-16 12:58 . 2011-10-14 08:57 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-12-16 12:58 . 2011-12-16 12:58 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-12-16 12:58 . 2011-12-16 12:57 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-12-16 12:58 . 2011-12-01 00:10 774656 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-12-16 12:58 . 2010-07-07 01:14 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-12-16 12:57 . 2011-12-16 12:57 348160 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-12-16 12:57 . 2011-12-16 12:57 360448 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-12-16 12:57 . 2011-12-16 12:52 10567680 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-12-16 12:56 . 2011-12-16 12:49 18996224 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-12-16 12:56 . 2011-12-16 12:55 516608 ----a-w- c:\windows\system32\atieclxx.exe
2011-12-16 12:55 . 2011-12-16 12:54 90128 ----a-w- c:\windows\system32\drivers\AtihdLH6.sys
2011-12-16 12:55 . 2011-12-16 12:49 13552640 ----a-w- c:\windows\system32\aticaldd64.dll
2011-12-16 12:54 . 2011-12-01 00:14 6077952 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-12-16 12:53 . 2011-12-16 12:50 7439360 ----a-w- c:\windows\system32\atiumd64.dll
2011-12-16 12:53 . 2011-12-16 12:53 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-12-16 12:52 . 2011-12-16 12:49 7405056 ----a-w- c:\windows\system32\atidxx64.dll
2011-12-16 12:50 . 2011-12-16 12:49 4061696 ----a-w- c:\windows\system32\atiumd6a.dll
2011-12-16 12:49 . 2011-12-16 12:49 21504 ----a-w- c:\windows\system32\atimuixx.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoftAuto.exe"="c:\program files (x86)\Creative\Software Update 3\SoftAuto.exe" [2008-08-13 405504]
"Remote Control Editor"="c:\program files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" [2010-06-09 1689088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"V0400Mon.exe"="c:\windows\V0400Mon.exe" [2007-08-22 28672]
"NUSB3MON"="c:\program files (x86)\CalDigit\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE" [2007-11-19 128352]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-25 619008]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
c:\users\Jxxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jxxx\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AODDRIVER
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skytel"="Skytel.exe" [2007-11-20 1826816]
"RtHDVCpl"="RAVCpl64.exe" [2008-05-13 6293504]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 110360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page =
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} -
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\Jxxx\AppData\Roaming\Mozilla\Firefox\Profiles\sd6qyevz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
AddRemove-BattlEye for A2 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\arma 2BattlEye\UnInstallBE.exe
AddRemove-Hard Disk Low Level Format Tool_is1 - c:\program files (x86)\Low level format tool\unins000.exe
AddRemove-Jagged Alliance 2 - c:\windows\IsUn0407.exe
AddRemove-MINERVA: Metastasis - c:\progra~2\Steam\STEAMA~1\SOURCE~1\METAST~1\UNWISE.EXE
AddRemove-Planetfall v14 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\sid meier's civilization iv beyond the sword\Beyond the Sword\Mods\Planetfall v14\Uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-Steam App 12120 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 12810 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 15120 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 15170 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 17470 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 20900 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 2100 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 22350 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 22380 - y:\hd system tray\Vista\Steam\steam.exe
AddRemove-Steam App 24960 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 24980 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 33910 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 34010 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 34330 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 35510 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 40400 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 40990 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 48720 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 49300 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 55100 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 63000 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 7620 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 8190 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 8850 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 92000 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-Steam App 99400 - h:\microsoft\Vista\Anwendungsdaten\Steam\steam.exe
AddRemove-{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB} - c:\program files (x86)\Common Files\BioWare\Uninstall Mass Effect 2.exe
AddRemove-{EFAE77E4-0AF7-4B6D-8140-538EE6481CA2}_is1 - h:\microsoft\vista\anwendungsdaten\steam\steamapps\common\sid meier's civilization iv beyond the sword\Beyond the Sword\Mods\Rise from Erebus\unins000.exe
AddRemove-UnityWebPlayer - c:\users\Jxxx\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c5,c2,fe,4a,5f,ca,ae,a2,22,dd,ab,40,f0,f2,02,27,43,a5,d9,4e,c5,e2,cc,
af,c5,70,2f,b7,ec,2a,fe,e7,a3,72,81,80,1a,88,f2,c5,04,6e,ff,a9,f3,5b,ed,d3,\
"??"=hex:65,34,23,f1,ac,3e,ae,99,14,20,f8,2a,53,ca,02,2f
.
[HKEY_USERS\S-1-5-21-1942734557-2161052330-659072145-1000\Software\SecuROM\License information*]
"datasecu"=hex:23,00,34,69,27,ad,57,ff,d6,b0,1d,0b,a6,45,ed,28,b6,bb,5d,6c,66,
2d,51,a2,d5,d8,ba,b2,30,b4,16,66,ed,f7,5b,53,45,70,56,fe,29,3e,77,7d,51,4e,\
"rkeysecu"=hex:3f,4c,5b,78,74,f6,be,6c,82,4f,6a,87,17,1c,9d,5a
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11f_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-03-12 20:48:07
ComboFix-quarantined-files.txt 2012-03-12 19:48
.
Vor Suchlauf: 17 Verzeichnis(se), 261.846.065.152 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 261.789.462.528 Bytes frei
.
- - End Of File - - B2B775D9C5A887E1A6364C0216AC33EF
--- --- --- |
