|
Thunderbird verschickt automatisch Spam-Emails an Adressbuch Hi, Thunderbird verschickt bei mir an mein Adressbuch automatisch Spam-Emails. Anbei die Logfiles. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}" = Medieval II Total War : Kingdoms : Crusades "{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour "{0FEA9A38-B993-0969-3A78-4D5CDDACEFEE}" = ATI Catalyst Install Manager "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 17 "{31ECA0DA-4EE0-8C1E-484A-C304BAA9179A}" = Catalyst Control Center Graphics Previews Common "{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword "{350FB27C-CF62-4EF3-AF9D-70FF313FE221}" = iTunes "{3878A9A3-2448-7607-01EA-0DB9E31B7242}" = Catalyst Control Center Graphics Previews Vista "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger "{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}" = Sid Meier's Civilization 4 "{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6CC95B76-D380-46B2-9022-9353938E48BA}" = Logitech GamePanel Software 3.03.133 "{71D5559C-85E5-5206-3B1C-A8A9DDDE4AC9}" = AMD Drag and Drop Transcoding "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75670A63-A18E-5066-0A78-93F6865BA3AA}" = ccc-core-static "{75983B66-804C-40D1-BA13-64DAF652A6F1}" = Medieval II Total War : Kingdoms : Americas "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}" = Medieval II Total War : Kingdoms : Teutonic "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec "{845FDC75-F31E-A75A-4300-593CAB195847}" = ccc-utility "{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player "{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage "{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab "{94FB5B63-A65F-7E5D-560D-A79FB29EA52F}" = Catalyst Control Center InstallProxy "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9699C9AA-8990-904D-FD1B-D931E437434D}" = CCC Help English "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter "{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War "{C2D129C0-7508-11DF-9F1B-005056806466}" = Google Earth "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2010.SP2 "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support "{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}" = Medieval II Total War : Kingdoms : Britannia "{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D3120436-1358-4253-9EB2-257FFE8CE1D9}" = Logitech SetPoint 5.20 "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware "{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials "Ad-Aware" = Ad-Aware "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "BitTorrent" = BitTorrent "CCleaner" = CCleaner "Civilization4 Caesium Modifikation v1.4_is1" = Caesium Mod v1.4 Uninstall "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "GMX SMS-Manager" = GMX SMS-Manager "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "MozBackup" = MozBackup 1.4.9 "Mozilla Firefox (3.5.12)" = Mozilla Firefox (3.5.12) "Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24) "Notepad++" = Notepad++ "StarCraft II" = StarCraft II "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "VLC media player" = VLC media player 1.1.1 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR "World of Warcraft" = World of Warcraft ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Schwert und Speer Ultimat" = Schwert und Speer Ultimat "TeamSpeak 3 Client" = TeamSpeak 3 Client ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 05.09.2010 15:19:05 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\mozbackup\dll\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 05.09.2010 15:19:21 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 05.09.2010 15:19:24 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x64\RpcSandraSrv.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 06.09.2010 12:07:07 | Computer Name = Pierre-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: Civilization4.exe, Version: 1.7.4.0, Zeitstempel: 0x464b0000 Name des fehlerhaften Moduls: Civilization4.exe, Version: 1.7.4.0, Zeitstempel: 0x464b0000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x003a4d74 ID des fehlerhaften Prozesses: 0x16ac Startzeit der fehlerhaften Anwendung: 0x01cb4dd4029a1bab Pfad der fehlerhaften Anwendung: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe Pfad des fehlerhaften Moduls: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Civilization4.exe Berichtskennung: cbc9e0c3-b9d0-11df-a6a0-001fd08bfbec Error - 06.09.2010 14:48:10 | Computer Name = Pierre-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.0.0.68, Zeitstempel: 0x4c7e6c10 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559, Zeitstempel: 0x4ba9b21e Ausnahmecode: 0xc0000374 Fehleroffset: 0x000c2913 ID des fehlerhaften Prozesses: 0x914 Startzeit der fehlerhaften Anwendung: 0x01cb4df3ec71bfef Pfad der fehlerhaften Anwendung: C:\Program Files\iTunes\iTunes.exe Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll Berichtskennung: 4b53d0f3-b9e7-11df-a6a0-001fd08bfbec Error - 07.09.2010 13:56:00 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mozbackup\dll\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\mozbackup\dll\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.09.2010 13:56:21 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842815 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig. Error - 07.09.2010 13:56:26 | Computer Name = Pierre-PC | Source = SideBySide | ID = 16842785 Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sisoftware\sisoftware sandra lite 2010.sp2\wnt500x64\RpcSandraSrv.exe". Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error - 07.09.2010 20:37:20 | Computer Name = Pierre-PC | Source = Google Update | ID = 20 Description = Error - 07.09.2010 21:37:20 | Computer Name = Pierre-PC | Source = Google Update | ID = 20 Description = [ System Events ] Error - 02.04.2010 14:25:50 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 04.04.2010 06:42:47 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 06.04.2010 05:56:58 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 08.04.2010 05:37:23 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 08.04.2010 05:38:54 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 08.04.2010 05:45:28 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 08.04.2010 10:08:00 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 11.04.2010 07:06:30 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 12.04.2010 10:29:20 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = Error - 13.04.2010 16:51:22 | Computer Name = Pierre-PC | Source = bowser | ID = 8003 Description = < End of report > color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010.09.10 15:28:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre\Downloads\OTL.exe PRC - [2010.09.09 18:39:25 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2010.09.04 13:51:51 | 000,864,624 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe PRC - [2010.09.04 13:51:50 | 001,355,928 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\AAWService.exe PRC - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.07.07 03:51:10 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010.07.07 03:50:42 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010.06.15 17:28:00 | 001,701,888 | ---- | M] (Curse) -- C:\Users\Pierre\AppData\Local\Apps\2.0\N3YV8489.NO0\P4J5XTML.D1D\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.08.29 08:56:10 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe PRC - [2009.08.13 19:02:34 | 000,357,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe PRC - [2009.08.13 18:59:22 | 003,161,608 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe PRC - [2009.08.13 18:38:34 | 000,498,696 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDRSS.exe PRC - [2009.08.13 18:38:26 | 000,473,608 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDPop3.exe PRC - [2009.08.13 18:37:56 | 001,573,384 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe PRC - [2009.08.13 18:37:44 | 000,522,760 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe PRC - [2009.08.13 18:37:34 | 000,523,784 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDCountdown.exe PRC - [2009.08.13 18:37:24 | 000,676,360 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDClock.exe PRC - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2009.07.14 03:14:48 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\WMPSideShowGadget.exe PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.07.14 03:14:24 | 000,157,184 | ---- | M] (Microsoft Corporation) -- c:\Programme\Windows Defender\MpCmdRun.exe PRC - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2009.03.05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\TeaTimer.exe PRC - [2009.03.02 14:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe ========== Modules (SafeList) ========== MOD - [2010.09.10 15:28:33 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Pierre\Downloads\OTL.exe MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.09.04 13:51:50 | 001,355,928 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service) SRV - [2010.08.13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2010.07.07 03:50:42 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.10 13:34:40 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe -- (SandraAgentSrv) SRV - [2009.07.21 15:34:28 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc) SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc) SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power) SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes) SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify) SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc) SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider) SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener) SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp) SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc) SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC) SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV) SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc) SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc) SRV - [2009.05.13 17:48:18 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Pierre\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) DRV - [2010.08.11 15:54:59 | 000,015,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Programme\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer) DRV - [2010.07.12 10:55:39 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd) DRV - [2010.07.07 04:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2010.07.07 04:29:16 | 005,882,368 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2010.07.07 03:15:24 | 000,210,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010.05.06 11:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009.12.11 09:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg) DRV - [2009.12.08 12:39:59 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\sandra.sys -- (SANDRA) DRV - [2009.07.14 16:35:30 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide) DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci) DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx) DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs) DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320) DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas) DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata) DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc) DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata) DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide) DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor) DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid) DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960) DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS) DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV) DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR) DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI) DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC) DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2) DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp) DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas) DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy) DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor) DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx) DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD) DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends) DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid) DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp) DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide) DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300) DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost) DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx) DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4) DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw) DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2) DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor) DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG) DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\rdpbus.sys -- (rdpbus) DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP) DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2) DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf) DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap) DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus) DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci) DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass) DRV - [2009.07.14 01:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM) DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf) DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig) DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus) DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID) DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter) DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache) DRV - [2009.07.14 01:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt) DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi) DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM) DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo) DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp) DRV - [2009.07.14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167) DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x) DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv) DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv) DRV - [2009.06.17 10:56:18 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2009.06.17 10:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2009.05.11 11:12:20 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.03.30 11:33:03 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2009.02.13 13:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio) DRV - [2007.12.06 14:40:12 | 000,761,856 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2007.01.26 02:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB) DRV - [2007.01.26 02:00:00 | 000,004,352 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com?o=14978&l=dis IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1;*.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.gayromeo.com/-BerlinCalling-" FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.09.09 18:39:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.09.09 18:39:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.09.04 13:56:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010.09.04 13:56:22 | 000,000,000 | ---D | M] [2009.11.07 18:22:11 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\mozilla\Extensions [2010.09.09 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\i6x02if6.default\extensions [2010.06.25 11:25:38 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Pierre\AppData\Roaming\mozilla\Firefox\Profiles\i6x02if6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009.11.08 20:05:54 | 000,002,255 | ---- | M] () -- C:\Users\Pierre\AppData\Roaming\Mozilla\FireFox\Profiles\i6x02if6.default\searchplugins\askcom.xml [2010.09.09 18:49:38 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.11.03 04:14:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2009.11.03 04:14:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2009.11.03 04:14:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.11.03 04:14:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.11.03 04:14:39 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.) O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{a713ab93-cbb6-11de-8f42-001fd08bfbec}\Shell - "" = AutoRun O33 - MountPoints2\{a713ab93-cbb6-11de-8f42-001fd08bfbec}\Shell\AutoRun\command - "" = F:\pushinst.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe () O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.09.04 13:57:40 | 000,000,000 | ---D | C] -- C:\Programme\iTunes [2010.09.04 13:57:40 | 000,000,000 | ---D | C] -- C:\Programme\iPod [2010.09.04 13:56:14 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime [2010.09.04 13:55:32 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2010.08.25 15:11:20 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2010.08.25 15:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2010.08.25 15:07:20 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.08.12 22:58:57 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2010.08.12 22:58:57 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.08.12 22:58:56 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.08.12 22:58:52 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.08.12 22:58:51 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.08.12 22:58:49 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.08.12 22:58:49 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.08.12 22:58:49 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.08.12 22:58:49 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.08.12 22:58:49 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.08.12 22:58:49 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.08.12 22:58:49 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.08.12 22:58:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.08.12 22:58:47 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.09.10 15:31:23 | 002,097,152 | -HS- | M] () -- C:\Users\Pierre\NTUSER.DAT [2010.09.10 15:24:44 | 000,014,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.09.10 15:24:44 | 000,014,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.09.10 15:17:57 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.09.10 15:17:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.09.10 15:17:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.09.10 15:17:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.09.10 15:17:20 | 2616,057,856 | -HS- | M] () -- C:\hiberfil.sys [2010.09.10 10:58:58 | 002,284,117 | -H-- | M] () -- C:\Users\Pierre\AppData\Local\IconCache.db [2010.09.10 09:35:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.09.09 18:46:02 | 000,000,689 | ---- | M] () -- C:\Users\Pierre\Desktop\World of Warcraft.lnk [2010.09.08 12:30:09 | 000,100,895 | ---- | M] () -- C:\Users\Pierre\Desktop\pi2.jpg [2010.09.08 12:29:07 | 000,087,479 | ---- | M] () -- C:\Users\Pierre\Desktop\pi.jpg [2010.09.05 00:12:32 | 000,058,613 | ---- | M] () -- C:\Users\Pierre\Desktop\lol.jpg [2010.09.04 13:57:52 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.08.25 15:09:26 | 000,042,274 | ---- | M] () -- C:\Users\Pierre\Documents\10-08-25 sicherung reg..reg [2010.08.13 11:46:40 | 000,284,560 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] [3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.09.10 07:33:48 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2010.09.08 12:30:09 | 000,100,895 | ---- | C] () -- C:\Users\Pierre\Desktop\pi2.jpg [2010.09.08 12:29:07 | 000,087,479 | ---- | C] () -- C:\Users\Pierre\Desktop\pi.jpg [2010.09.05 00:12:32 | 000,058,613 | ---- | C] () -- C:\Users\Pierre\Desktop\lol.jpg [2010.09.04 13:57:52 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2010.08.25 15:09:20 | 000,042,274 | ---- | C] () -- C:\Users\Pierre\Documents\10-08-25 sicherung reg..reg [2010.07.24 12:29:23 | 012,980,224 | ---- | C] () -- C:\ProgramData\sandra.mda [2010.05.25 11:01:17 | 000,000,284 | ---- | C] () -- C:\Windows\reimage.ini [2009.11.07 18:45:06 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll ========== LOP Check ========== [2010.09.10 00:06:24 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\BitTorrent [2009.11.09 17:58:49 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\MobMapUpdater [2009.12.05 09:22:12 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\Notepad++ [2009.11.07 18:24:13 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\Thunderbird [2010.01.09 03:25:47 | 000,000,000 | ---D | M] -- C:\Users\Pierre\AppData\Roaming\TS3Client [2010.09.10 15:17:57 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job [2010.08.02 10:21:28 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows [Version 6.1.7600] C: C:\pagefile.sys --------- C:\hiberfil.sys --------- 10.09.2010 15:17 C:\aaw7boot.log --------- 31247 08.09.2010 23:33 C:\System Volume Information --------- 24576 05.09.2010 11:12 C:\Config.Msi --------- 0 04.09.2010 13:57 C:\Program Files --------- 20480 25.08.2010 16:02 C:\ProgramData --------- 8192 31.07.2010 17:28 C:\Windows --------- 24576 02.05.2010 16:44 C:\tracert.txt --------- 487 22.04.2010 12:55 C:\MSDOS.SYS --------- 0 22.04.2010 12:55 C:\IO.SYS --------- 0 25.03.2010 22:19 C:\temp --------- 0 07.11.2009 19:30 C:\ATI --------- 0 07.11.2009 18:09 C:\$Recycle.Bin --------- 0 07.11.2009 18:09 C:\Users --------- 4096 07.11.2009 18:09 C:\Recovery --------- 0 07.11.2009 18:09 C:\Programme --------- 0 07.11.2009 18:09 C:\Dokumente und Einstellungen --------- 0 14.07.2009 06:53 C:\Documents and Settings --------- 0 14.07.2009 04:37 C:\PerfLogs --------- 0 10.06.2009 23:42 C:\config.sys --------- 10 10.06.2009 23:42 C:\autoexec.bat --------- 24 ---------------------------------------- C:\Windows 10.09.2010 15:20 C:\Windows\WindowsUpdate.log --------- 1374841 10.09.2010 15:17 C:\Windows\setupact.log --------- 61475 10.09.2010 15:17 C:\Windows\bootstat.dat --------- 67584 26.08.2010 11:21 C:\Windows\PFRO.log --------- 6566 18.06.2010 07:13 C:\Windows\atiogl.xml --------- 21682 09.06.2010 18:20 C:\Windows\DirectX.log --------- 358198 25.05.2010 11:01 C:\Windows\reimage.ini --------- 284 11.01.2010 10:04 C:\Windows\nsreg.dat --------- 0 04.12.2009 14:08 C:\Windows\KB893803v2.log --------- 548 07.11.2009 23:56 C:\Windows\MEMORY.DMP --------- 268615071 07.11.2009 18:45 C:\Windows\ODBC.INI --------- 400 07.11.2009 18:26 C:\Windows\SetPointII_000.log --------- 1110360 07.11.2009 18:25 C:\Windows\LDPINST.LOG --------- 2998 07.11.2009 18:12 C:\Windows\avmfwlanci.log --------- 11187 07.11.2009 17:59 C:\Windows\TSSysprep.log --------- 1313 07.11.2009 17:58 C:\Windows\ativpsrm.bin --------- 0 07.11.2009 17:56 C:\Windows\DtcInstall.log --------- 1774 31.10.2009 07:45 C:\Windows\explorer.exe --------- 2614272 14.07.2009 06:54 C:\Windows\win.ini --------- 403 14.07.2009 06:41 C:\Windows\WindowsShell.Manifest --------- 749 14.07.2009 06:39 C:\Windows\setuperr.log --------- 0 14.07.2009 03:16 C:\Windows\twain_32.dll --------- 51200 14.07.2009 03:14 C:\Windows\write.exe --------- 9216 14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728 14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232 14.07.2009 03:14 C:\Windows\regedit.exe --------- 398336 14.07.2009 03:14 C:\Windows\notepad.exe --------- 179712 14.07.2009 03:14 C:\Windows\hh.exe --------- 15360 14.07.2009 03:14 C:\Windows\HelpPane.exe --------- 497152 14.07.2009 03:14 C:\Windows\fveupdate.exe --------- 13824 14.07.2009 03:14 C:\Windows\bfsvc.exe --------- 65024 14.07.2009 00:58 C:\Windows\mib.bin --------- 43131 17.06.2009 10:55 C:\Windows\KHALMNPR.Exe --------- 55824 10.06.2009 23:46 C:\Windows\system.ini --------- 219 10.06.2009 23:42 C:\Windows\_default.pif --------- 707 10.06.2009 23:42 C:\Windows\winhelp.exe --------- 256192 10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680 10.06.2009 23:41 C:\Windows\twain.dll --------- 94784 10.06.2009 23:34 C:\Windows\WMSysPr9.prx --------- 316640 10.06.2009 23:19 C:\Windows\msdfmap.ini --------- 1405 10.06.2009 23:14 C:\Windows\Starter.xml --------- 48201 10.06.2009 23:14 C:\Windows\HomePremium.xml --------- 48265 ---------------------------------------- C:\Windows\System 13.07.2009 23:41 C:\Windows\System\OLESVR.DLL --------- 24064 13.07.2009 23:41 C:\Windows\System\WFWNET.DRV --------- 12704 13.07.2009 23:41 C:\Windows\System\COMMDLG.DLL --------- 32816 13.07.2009 23:41 C:\Windows\System\TIMER.DRV --------- 4048 13.07.2009 23:41 C:\Windows\System\MMSYSTEM.DLL --------- 68992 13.07.2009 23:41 C:\Windows\System\mmtask.tsk --------- 1152 13.07.2009 23:41 C:\Windows\System\mouse.drv --------- 2032 13.07.2009 23:41 C:\Windows\System\vga.drv --------- 2176 13.07.2009 23:41 C:\Windows\System\sound.drv --------- 1744 13.07.2009 23:41 C:\Windows\System\keyboard.drv --------- 2000 13.07.2009 23:41 C:\Windows\System\SHELL.DLL --------- 5120 13.07.2009 23:41 C:\Windows\System\system.drv --------- 3360 10.06.2009 23:42 C:\Windows\System\ver.dll --------- 9008 10.06.2009 23:42 C:\Windows\System\olecli.dll --------- 82944 10.06.2009 23:42 C:\Windows\System\lzexpand.dll --------- 9936 10.06.2009 23:25 C:\Windows\System\stdole.tlb --------- 5532 10.06.2009 23:21 C:\Windows\System\msvideo.dll --------- 126912 10.06.2009 23:21 C:\Windows\System\mciwave.drv --------- 28160 10.06.2009 23:21 C:\Windows\System\mciseq.drv --------- 25264 10.06.2009 23:21 C:\Windows\System\mciavi.drv --------- 73376 10.06.2009 23:21 C:\Windows\System\avifile.dll --------- 109456 10.06.2009 23:21 C:\Windows\System\avicap.dll --------- 69584 ---------------------------------------- C:\Windows\System32 10.09.2010 15:24 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14064 10.09.2010 15:24 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14064 10.09.2010 10:59 C:\Windows\system32\config --------- 16384 08.09.2010 15:56 C:\Windows\system32\Tasks --------- 4096 05.09.2010 01:48 C:\Windows\system32\catroot --------- 4096 04.09.2010 13:55 C:\Windows\system32\DriverStore --------- 4096 27.08.2010 01:53 C:\Windows\system32\catroot2 --------- 16384 13.08.2010 11:46 C:\Windows\system32\FNTCACHE.DAT --------- 284560 13.08.2010 11:45 C:\Windows\system32\drivers --------- 65536 13.08.2010 11:45 C:\Windows\system32\migration --------- 0 10.08.2010 05:15 C:\Windows\system32\QuickTimeVR.qtx --------- 94208 10.08.2010 05:15 C:\Windows\system32\QuickTime.qts --------- 69632 03.08.2010 20:09 C:\Windows\system32\MRT.exe --------- 35962312 31.07.2010 17:25 C:\Windows\system32\CCCInstall_201007311725324803.log --------- 18078 29.07.2010 08:30 C:\Windows\system32\ir32_32.dll --------- 197632 29.07.2010 08:30 C:\Windows\system32\iccvid.dll --------- 82944 28.07.2010 09:56 C:\Windows\system32\wdi --------- 4096 27.07.2010 16:03 C:\Windows\system32\shell32.dll --------- 12867584 21.07.2010 15:54 C:\Windows\system32\DRVSTORE --------- 0 12.07.2010 10:55 C:\Windows\system32\lsdelete.exe --------- 15880 07.07.2010 03:55 C:\Windows\system32\atioglxx.dll --------- 15461888 07.07.2010 03:54 C:\Windows\system32\atiapfxx.blb --------- 63416 07.07.2010 03:54 C:\Windows\system32\atiapfxx.exe --------- 143360 07.07.2010 03:54 C:\Windows\system32\aticfx32.dll --------- 513024 07.07.2010 03:51 C:\Windows\system32\ATIDEMGX.dll --------- 446464 07.07.2010 03:51 C:\Windows\system32\atieclxx.exe --------- 380928 07.07.2010 03:50 C:\Windows\system32\atiesrxx.exe --------- 176128 07.07.2010 03:49 C:\Windows\system32\atitmmxx.dll --------- 159744 07.07.2010 03:49 C:\Windows\system32\atipdlxx.dll --------- 356352 07.07.2010 03:49 C:\Windows\system32\Oemdspif.dll --------- 278528 07.07.2010 03:49 C:\Windows\system32\atimuixx.dll --------- 11776 07.07.2010 03:49 C:\Windows\system32\ati2edxx.dll --------- 43520 07.07.2010 03:46 C:\Windows\system32\atidxx32.dll --------- 3826688 07.07.2010 03:29 C:\Windows\system32\aticalrt.dll --------- 46080 07.07.2010 03:29 C:\Windows\system32\aticalcl.dll --------- 44032 07.07.2010 03:28 C:\Windows\system32\atiumdag.dll --------- 3975680 07.07.2010 03:27 C:\Windows\system32\aticaldd.dll --------- 4323840 07.07.2010 03:24 C:\Windows\system32\coinst.dll --------- 50176 07.07.2010 03:23 C:\Windows\system32\atiumdva.dll --------- 3058688 07.07.2010 03:22 C:\Windows\system32\atiumdva.cap --------- 543664 07.07.2010 03:16 C:\Windows\system32\atiadlxx.dll --------- 237568 07.07.2010 03:15 C:\Windows\system32\atiglpxx.dll --------- 12800 07.07.2010 03:15 C:\Windows\system32\atigktxx.dll --------- 16896 07.07.2010 03:14 C:\Windows\system32\atiuxpag.dll --------- 30208 07.07.2010 03:14 C:\Windows\system32\atiu9pag.dll --------- 22528 07.07.2010 03:11 C:\Windows\system32\amdpcom32.dll --------- 52736 07.07.2010 03:11 C:\Windows\system32\atimpc32.dll --------- 52736 30.06.2010 08:25 C:\Windows\system32\wininet.dll --------- 978432 30.06.2010 08:25 C:\Windows\system32\urlmon.dll --------- 1226240 30.06.2010 08:22 C:\Windows\system32\mstime.dll --------- 606208 30.06.2010 08:22 C:\Windows\system32\mshtml.dll --------- 5971456 30.06.2010 08:22 C:\Windows\system32\msfeedsbs.dll --------- 64512 30.06.2010 08:21 C:\Windows\system32\jsproxy.dll --------- 48128 30.06.2010 08:21 C:\Windows\system32\ieui.dll --------- 176640 30.06.2010 08:21 C:\Windows\system32\iepeers.dll --------- 185856 30.06.2010 08:21 C:\Windows\system32\ieframe.dll --------- 10985472 30.06.2010 08:21 C:\Windows\system32\iedkcs32.dll --------- 381440 30.06.2010 08:19 C:\Windows\system32\msfeedssync.exe --------- 12800 30.06.2010 06:21 C:\Windows\system32\mshtml.tlb --------- 1638912 26.06.2010 00:03 C:\Windows\system32\de-DE --------- 327680 26.06.2010 00:02 C:\Windows\system32\perfc009.dat --------- 110216 26.06.2010 00:02 C:\Windows\system32\perfh007.dat --------- 664396 26.06.2010 00:02 C:\Windows\system32\perfh009.dat --------- 624578 26.06.2010 00:02 C:\Windows\system32\perfc007.dat --------- 134564 26.06.2010 00:02 C:\Windows\system32\PerfStringBackup.INI --------- 1542636 26.06.2010 00:01 C:\Windows\system32\en-US --------- 4096 19.06.2010 08:33 C:\Windows\system32\ntoskrnl.exe --------- 3899784 19.06.2010 08:33 C:\Windows\system32\ntkrnlpa.exe --------- 3955080 19.06.2010 08:23 C:\Windows\system32\rtutils.dll --------- 37376 19.06.2010 06:07 C:\Windows\system32\win32k.sys --------- 2326016 16.06.2010 07:48 C:\Windows\system32\schannel.dll --------- 224256 16.06.2010 00:28 C:\Windows\system32\atipblag.dat --------- 2857 08.06.2010 08:02 C:\Windows\system32\msxml3.dll --------- 1233920 27.05.2010 09:24 C:\Windows\system32\atmlib.dll --------- 34304 27.05.2010 05:49 C:\Windows\system32\atmfd.dll --------- 293888 24.05.2010 12:51 C:\Windows\system32\CmdLineExt.dll --------- 107888 23.05.2010 14:34 C:\Windows\system32\URTTEMP --------- 0 21.05.2010 14:14 C:\Windows\system32\MpSigStub.exe --------- 221568 18.05.2010 16:35 C:\Windows\system32\dnssd.dll --------- 91424 18.05.2010 16:35 C:\Windows\system32\dns-sd.exe --------- 107808 18.05.2010 16:35 C:\Windows\system32\dnssdX.dll --------- 197920 11.05.2010 22:42 C:\Windows\system32\atiicdxx.dat --------- 205156 09.05.2010 11:14 C:\Windows\system32\CPFilters.dll --------- 641536 09.05.2010 11:14 C:\Windows\system32\msdri.dll --------- 417792 09.05.2010 11:13 C:\Windows\system32\mpg2splt.ax --------- 199680 09.05.2010 11:13 C:\Windows\system32\MSNP.ax --------- 204288 05.05.2010 07:12 C:\Windows\system32\mlfcache.dat --------- 91816 23.04.2010 09:13 C:\Windows\system32\tzres.dll --------- 2048 19.04.2010 20:47 C:\Windows\system32\usbaaplrc.dll --------- 3062048 07.04.2010 09:10 C:\Windows\system32\oleaut32.dll --------- 571904 24.03.2010 08:37 C:\Windows\system32\ntdll.dll --------- 1286456 21.03.2010 23:35 C:\Windows\system32\NDF --------- 0 18.03.2010 13:16 C:\Windows\system32\msvcr100_clr0400.dll --------- 771424 08.03.2010 23:33 C:\Windows\system32\vbscript.dll --------- 427520 05.03.2010 09:42 C:\Windows\system32\asycfilt.dll --------- 67584 04.03.2010 09:33 C:\Windows\system32\inetcomm.dll --------- 740864 15.02.2010 16:14 C:\Windows\system32\ezsidmv.dat --------- 56 11.02.2010 09:10 C:\Windows\system32\browserchoice.exe --------- 293376 19.01.2010 01:29 C:\Windows\system32\secproc_ssp_isv.dll --------- 85504 19.01.2010 01:29 C:\Windows\system32\secproc_ssp.dll --------- 85504 ---------------------------------------- C:\Windows\Prefetch 10.09.2010 15:39 C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 6724 10.09.2010 15:38 C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 14350 10.09.2010 15:38 C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf --------- 44032 10.09.2010 15:38 C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 19070 10.09.2010 15:38 C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 15436 10.09.2010 15:38 C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 16526 10.09.2010 15:38 C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf --------- 93444 10.09.2010 15:35 C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf --------- 36420 10.09.2010 15:33 C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 33808 10.09.2010 15:33 C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 84164 10.09.2010 15:32 C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 15364 10.09.2010 15:30 C:\Windows\Prefetch\RUNDLL32.EXE-02CC9EFF.pf --------- 46688 10.09.2010 15:30 C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 12398 10.09.2010 15:30 C:\Windows\Prefetch\OTL.EXE-A94AB752.pf --------- 33082 10.09.2010 15:30 C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf --------- 138722 10.09.2010 15:29 C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf --------- 29530 10.09.2010 15:27 C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf --------- 133232 10.09.2010 15:27 C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf --------- 153400 10.09.2010 15:21 C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 17964 10.09.2010 15:21 C:\Windows\Prefetch\THUNDERBIRD.EXE-5119524C.pf --------- 140688 10.09.2010 15:20 C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 76532 10.09.2010 15:19 C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf --------- 10076 10.09.2010 15:19 C:\Windows\Prefetch\SPPSVC.EXE-B0F8131B.pf --------- 50896 10.09.2010 15:19 C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf --------- 19052 10.09.2010 15:18 C:\Windows\Prefetch\ReadyBoot --------- 4096 10.09.2010 15:18 C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf --------- 18584 10.09.2010 15:18 C:\Windows\Prefetch\AAWTRAY.EXE-75D4AE19.pf --------- 23360 10.09.2010 15:18 C:\Windows\Prefetch\WMPSIDESHOWGADGET.EXE-6F46D654.pf --------- 28106 10.09.2010 15:18 C:\Windows\Prefetch\AAWWSC.EXE-AC2B49A2.pf --------- 26326 10.09.2010 15:18 C:\Windows\Prefetch\DXDIAG.EXE-1F1A4BF5.pf --------- 86588 10.09.2010 15:18 C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 25992 10.09.2010 15:18 C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 34440 10.09.2010 15:18 C:\Windows\Prefetch\IPODSERVICE.EXE-37C43D64.pf --------- 278184 10.09.2010 10:59 C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 1008889 10.09.2010 10:59 C:\Windows\Prefetch\AgGlFaultHistory.db --------- 404284 10.09.2010 10:59 C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 3178568 10.09.2010 10:59 C:\Windows\Prefetch\AgRobust.db --------- 167064 10.09.2010 10:59 C:\Windows\Prefetch\PfSvPerfStats.bin --------- 508 10.09.2010 10:52 C:\Windows\Prefetch\APPLEMOBILEBACKUP.EXE-6FE90255.pf --------- 43246 10.09.2010 10:46 C:\Windows\Prefetch\WMIAPSRV.EXE-29F35ED0.pf --------- 17698 10.09.2010 10:46 C:\Windows\Prefetch\SYNCSERVER.EXE-5B564BE1.pf --------- 66416 10.09.2010 10:46 C:\Windows\Prefetch\CCC.EXE-AE792174.pf --------- 259816 10.09.2010 10:46 C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf --------- 217718 10.09.2010 10:46 C:\Windows\Prefetch\DISTNOTED.EXE-BFFB20F1.pf --------- 18546 10.09.2010 10:46 C:\Windows\Prefetch\APPLEMOBILEDEVICEHELPER.EXE-96A367D7.pf --------- 43314 10.09.2010 10:46 C:\Windows\Prefetch\CSC.EXE-A3B8D95D.pf --------- 47410 10.09.2010 10:46 C:\Windows\Prefetch\CVTRES.EXE-069169FB.pf --------- 13266 10.09.2010 10:46 C:\Windows\Prefetch\ITUNES.EXE-2A42B776.pf --------- 248928 10.09.2010 10:46 C:\Windows\Prefetch\SVCHOST.EXE-3AB35CA7.pf --------- 17228 10.09.2010 10:46 C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf --------- 98162 10.09.2010 10:46 C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf --------- 40528 10.09.2010 10:46 C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf --------- 12802 10.09.2010 09:35 C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 16074 10.09.2010 09:33 C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf --------- 23276 10.09.2010 09:33 C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf --------- 140694 10.09.2010 09:28 C:\Windows\Prefetch\SKYPEPM.EXE-EECA8925.pf --------- 37688 10.09.2010 09:28 C:\Windows\Prefetch\SKYPE.EXE-4929A84C.pf --------- 121732 10.09.2010 07:42 C:\Windows\Prefetch\CIVILIZATION4.EXE-1C4814FF.pf --------- 808840 10.09.2010 07:42 C:\Windows\Prefetch\RUNDLL32.EXE-B48AD96A.pf --------- 26266 10.09.2010 07:38 C:\Windows\Prefetch\MDCRASHREPORTTOOL.EXE-711A29B9.pf --------- 62234 10.09.2010 07:38 C:\Windows\Prefetch\WSQMCONS.EXE-118B52B7.pf --------- 4796 10.09.2010 07:35 C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 177388 10.09.2010 07:34 C:\Windows\Prefetch\SETUP_WM.EXE-674F654A.pf --------- 37140 10.09.2010 07:33 C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 2537262 10.09.2010 00:24 C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 45588 09.09.2010 23:45 C:\Windows\Prefetch\BITTORRENT.EXE-BE42A0B0.pf --------- 142490 09.09.2010 22:17 C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2115650759-1465992338-3137618595-1000.db --------- 925751 09.09.2010 22:17 C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2115650759-1465992338-3137618595-1000.db --------- 1681934 09.09.2010 19:50 C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf --------- 24996 09.09.2010 18:46 C:\Windows\Prefetch\WOW.EXE-CBFBE6A4.pf --------- 304064 09.09.2010 18:46 C:\Windows\Prefetch\LAUNCHER.EXE-6E57B615.pf --------- 129014 09.09.2010 18:39 C:\Windows\Prefetch\CURSECLIENT.EXE-F2258FE7.pf --------- 221396 09.09.2010 18:39 C:\Windows\Prefetch\HELPER.EXE-8AEDE3E3.pf --------- 22964 09.09.2010 18:39 C:\Windows\Prefetch\UPDATER.EXE-9373041B.pf --------- 203156 09.09.2010 18:39 C:\Windows\Prefetch\RUNDLL32.EXE-90EFA705.pf --------- 27042 09.09.2010 16:39 C:\Windows\Prefetch\Layout.ini --------- 1235136 09.09.2010 16:31 C:\Windows\Prefetch\AVNOTIFY.EXE-FEC2FEC4.pf --------- 190244 09.09.2010 16:31 C:\Windows\Prefetch\UPDATE.EXE-026DCA13.pf --------- 63850 09.09.2010 11:35 C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-8C113626.pf --------- 15816 09.09.2010 02:50 C:\Windows\Prefetch\SVCHOST.EXE-7AC6742A.pf --------- 15548 09.09.2010 02:50 C:\Windows\Prefetch\DEFRAG.EXE-588F90AD.pf --------- 14566 09.09.2010 02:30 C:\Windows\Prefetch\AITAGENT.EXE-DA3E7689.pf --------- 1392 09.09.2010 00:30 C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 148228 09.09.2010 00:10 C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 15078 09.09.2010 00:10 C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 22408 09.09.2010 00:10 C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf --------- 29064 08.09.2010 22:25 C:\Windows\Prefetch\MSPAINT.EXE-76E10B24.pf --------- 37136 08.09.2010 16:20 C:\Windows\Prefetch\RUNDLL32.EXE-FB698F2D.pf --------- 26262 08.09.2010 15:56 C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf --------- 14550 08.09.2010 15:56 C:\Windows\Prefetch\AAWSERVICE.EXE-FA222F6E.pf --------- 60612 08.09.2010 15:56 C:\Windows\Prefetch\AD-AWAREADMIN.EXE-6DA58883.pf --------- 16964 07.09.2010 22:54 C:\Windows\Prefetch\RUNDLL32.EXE-E527DB14.pf --------- 26338 07.09.2010 20:02 C:\Windows\Prefetch\PING.EXE-7E94E73E.pf --------- 11988 07.09.2010 20:02 C:\Windows\Prefetch\SDIAGNHOST.EXE-8D72177C.pf --------- 131162 07.09.2010 20:01 C:\Windows\Prefetch\W32TM.EXE-1101AF41.pf --------- 14212 07.09.2010 17:12 C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-74B3ADF6.pf --------- 44336 07.09.2010 16:33 C:\Windows\Prefetch\MPAS-D_BD1.EXE-97E29C40.pf --------- 16908 07.09.2010 16:33 C:\Windows\Prefetch\MPSIGSTUB.EXE-6CB27A06.pf --------- 31152 07.09.2010 16:33 C:\Windows\Prefetch\MPMINISIGSTUB.EXE-640A8C81.pf --------- 6534 07.09.2010 16:33 C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 31320 07.09.2010 16:31 C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf --------- 42122 06.09.2010 20:48 C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf --------- 35464 06.09.2010 18:09 C:\Windows\Prefetch\RUNDLL32.EXE-063E1BA5.pf --------- 26200 06.09.2010 16:58 C:\Windows\Prefetch\RUNDLL32.EXE-0216977B.pf --------- 26200 06.09.2010 14:25 C:\Windows\Prefetch\RUNDLL32.EXE-D17BE71E.pf --------- 26314 06.09.2010 13:02 C:\Windows\Prefetch\SC.EXE-945D79AE.pf --------- 9546 05.09.2010 20:10 C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf --------- 367366 08.11.2009 00:58 C:\Windows\Prefetch\AgCx_SC1.db --------- 261276 08.11.2009 00:57 C:\Windows\Prefetch\AgCx_SC1.db.trx --------- 79238 07.11.2009 17:57 C:\Windows\Prefetch\AgAppLaunch.db --------- 332116 ---------------------------------------- C:\Windows\Tasks 10.09.2010 15:35 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 886 10.09.2010 15:17 C:\Windows\Tasks\Ad-Aware Update (Weekly).job --------- 370 10.09.2010 15:17 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 882 10.09.2010 15:17 C:\Windows\Tasks\SA.DAT --------- 6 02.08.2010 10:21 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632 ---------------------------------------- C:\Windows\Temp 10.09.2010 15:29 C:\Windows\Temp\MpCmdRun.log --------- 10928 10.09.2010 10:59 C:\Windows\Temp\fwtsqmfile17.sqm --------- 608 10.09.2010 10:07 C:\Windows\Temp\fwtsqmfile16.sqm --------- 608 08.09.2010 02:08 C:\Windows\Temp\fwtsqmfile15.sqm --------- 608 07.09.2010 16:33 C:\Windows\Temp\MpSigStub.log --------- 13254 06.09.2010 23:57 C:\Windows\Temp\fwtsqmfile14.sqm --------- 608 05.09.2010 22:07 C:\Windows\Temp\fwtsqmfile13.sqm --------- 608 05.09.2010 14:36 C:\Windows\Temp\fwtsqmfile12.sqm --------- 608 03.09.2010 18:00 C:\Windows\Temp\fwtsqmfile11.sqm --------- 608 03.09.2010 07:21 C:\Windows\Temp\fwtsqmfile10.sqm --------- 608 03.09.2010 01:06 C:\Windows\Temp\fwtsqmfile09.sqm --------- 608 02.09.2010 21:18 C:\Windows\Temp\fwtsqmfile08.sqm --------- 608 01.09.2010 20:47 C:\Windows\Temp\fwtsqmfile07.sqm --------- 608 01.09.2010 12:58 C:\Windows\Temp\fwtsqmfile06.sqm --------- 608 31.08.2010 02:00 C:\Windows\Temp\fwtsqmfile05.sqm --------- 608 30.08.2010 02:09 C:\Windows\Temp\fwtsqmfile04.sqm --------- 608 29.08.2010 00:56 C:\Windows\Temp\fwtsqmfile03.sqm --------- 608 28.08.2010 01:58 C:\Windows\Temp\fwtsqmfile02.sqm --------- 608 27.08.2010 01:53 C:\Windows\Temp\fwtsqmfile01.sqm --------- 608 26.08.2010 01:57 C:\Windows\Temp\fwtsqmfile00.sqm --------- 608 24.07.2010 12:31 C:\Windows\Temp\History --------- 0 24.07.2010 12:31 C:\Windows\Temp\Cookies --------- 0 24.07.2010 12:31 C:\Windows\Temp\Temporary Internet Files --------- 0 21.07.2010 16:00 C:\Windows\Temp\MPInstrumentation --------- 0 26.06.2010 00:03 C:\Windows\Temp\Microsoft .NET Framework Client Profile Language Pack Setup_4.0.30319 --------- 0 26.06.2010 00:01 C:\Windows\Temp\Microsoft .NET Framework 4 Client Profile Setup_4.0.30319 --------- 0 08.01.2010 04:48 C:\Windows\Temp\MPTelemetrySubmit --------- 0 07.11.2009 21:26 C:\Windows\Temp\RtSigs --------- 0 ---------------------------------------- C:\Users\Pierre\AppData\Local\Temp 10.09.2010 15:38 C:\Users\Pierre\AppData\Local\Temp\Rar$DI00.292 --------- 0 10.09.2010 15:17 C:\Users\Pierre\AppData\Local\Temp\Curse --------- 0 10.09.2010 15:17 C:\Users\Pierre\AppData\Local\Temp\Deployment --------- 4096 10.09.2010 15:17 C:\Users\Pierre\AppData\Local\Temp\WPDNSE --------- 0 10.09.2010 10:58 C:\Users\Pierre\AppData\Local\Temp\WER6910.tmp.resp.erc.xml --------- 0 10.09.2010 07:34 C:\Users\Pierre\AppData\Local\Temp\wmsetup.log --------- 1218 08.09.2010 21:37 C:\Users\Pierre\AppData\Local\Temp\MessengerCache --------- 40960 04.09.2010 13:59 C:\Users\Pierre\AppData\Local\Temp\MSI98f24.LOG --------- 10912 04.09.2010 13:59 C:\Users\Pierre\AppData\Local\Temp\QTInstallCode.log --------- 10101 04.09.2010 13:56 C:\Users\Pierre\AppData\Local\Temp\SetupAdmin12FC.log --------- 84 04.09.2010 13:56 C:\Users\Pierre\AppData\Local\Temp\qtplugin.log --------- 4714 27.08.2010 21:28 C:\Users\Pierre\AppData\Local\Temp\StructuredQuery.log --------- 1423 27.08.2010 21:28 C:\Users\Pierre\AppData\Local\Temp\{816de4e8-bc04-4d77-8cab-c3d21ec86d3a} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\~rnsetup --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{FB1E6957-C060-4BEB-A939-43675AADF1A9} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{ED720AE4-1104-4B93-9519-66D8011FE073} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{E7E6F679-EA48-4759-A995-883A6869DCF6} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{E61302C5-A600-4ACE-BD38-6CF3F6E7AB72} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{E60E2E04-DEC5-4AB9-B880-95A846EC5F15} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{E073F0B5-12DB-44E6-852D-DF1C134349F3} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{D9141B94-BD2A-4BD1-812D-66AF9E950CD2} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{D7302515-009A-4261-8257-C3E870A3D27F} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{D5D4F55C-3834-466F-8A0C-38D42F061859} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{CEA0E401-A1A4-4FB2-9908-770DDFD92051} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{C64DAAC7-FFC2-48BA-B9DC-83035BFDF54B} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{C022484D-F24B-488B-A905-7AE9430DFD28} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{A967ABBF-F0DE-4741-806B-A8D2C18D20C8} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{A658085D-BBC5-4302-B973-C4790A27B4EC} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{70C70D3B-CCC5-4EB9-BA48-74FA54846926} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{706EF8A4-E78B-4414-9DA5-FCC526C87F9A} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{6D538B93-75B7-435E-AE79-9635C9BC17ED} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{6CD00F88-71E6-41D7-80A9-8FDB225359B7} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{6BFA536E-6743-4A16-9C8D-C89194C98053} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{695AD823-1B0B-4FC7-9FCA-B033A3A4EFC6} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{6305AAE2-6437-4699-B2EF-01EB2C77264C} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{66F564F1-68A0-47CB-9F42-76FAF66A74D9} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{614F790C-817A-45DB-8194-33583FD05938} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{59FB0E2D-7565-4898-92E1-89F887C05DB1} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{46EAD6C0-B2EA-4485-9163-A65A2571D0C1} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{3DC5FB18-997D-4C56-8ACA-6BCC0F770EED} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{3B5B4031-BA65-4B51-8DD6-D61777E482D6} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{39B9FB75-4741-4FE4-B7A3-9297A795BD8A} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{33125F0A-92F3-44DF-A7C4-65B478015A94} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{24B385FE-2057-4AB0-A473-27201CEDB6DD} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{1F981021-C66B-49BB-9380-F0F66F880E0E} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{149EF91B-C8FA-43EB-8C44-43FC0849E574} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{0E74F57B-C50F-4DEE-95EC-4D39FEFD91E3} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{0D900C78-5D37-4E12-8074-99E81174F0D6} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{0745B6A9-04D0-412A-B26B-3A48FB0945D8} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\{01E30EA0-74C4-4C06-A472-01D8AC2A16AE} --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\VSDE6D9.tmp --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\VBE --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\Temp1_134503.zip --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\plugtmp-1 --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\PCTInstaller --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\nsj930E.tmp --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\mProjector957005698 --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\nsf6386.tmp --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\ispF421.tmp --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\is-DDGD3.tmp --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\AskSearch --------- 0 25.08.2010 15:27 C:\Users\Pierre\AppData\Local\Temp\._msige52 --------- 0 31.07.2010 17:27 C:\Users\Pierre\AppData\Local\Temp\Blizzard Installer Temporary Data - 3fb6dffd --------- 0 31.07.2010 11:48 C:\Users\Pierre\AppData\Local\Temp\ge4748 --------- 0 21.07.2010 15:53 C:\Users\Pierre\AppData\Local\Temp\plugtmp-3 --------- 0 21.06.2010 18:25 C:\Users\Pierre\AppData\Local\Temp\plugtmp-2 --------- 0 13.06.2010 16:30 C:\Users\Pierre\AppData\Local\Temp\hsperfdata_Pierre --------- 0 09.06.2010 17:44 C:\Users\Pierre\AppData\Local\Temp\{561529f6-045b-4848-94bb-022874de6662} --------- 0 24.05.2010 18:14 C:\Users\Pierre\AppData\Local\Temp\{a7b07110-45d5-419d-9f52-d3b7404139c9} --------- 0 24.05.2010 12:43 C:\Users\Pierre\AppData\Local\Temp\{46640a0e-d3c9-4640-bb2e-b41305e5d3f6} --------- 0 24.05.2010 12:02 C:\Users\Pierre\AppData\Local\Temp\Temp1_134505.zip --------- 0 23.05.2010 14:14 C:\Users\Pierre\AppData\Local\Temp\{4b734145-0772-4f60-ac03-22994bf14fbf} --------- 0 23.05.2010 14:14 C:\Users\Pierre\AppData\Local\Temp\{332aeed7-8918-46c2-9095-9eb0877a15fd} --------- 0 23.05.2010 14:13 C:\Users\Pierre\AppData\Local\Temp\{81527f30-1293-44e2-972c-f342f038bd18} --------- 0 22.05.2010 21:46 C:\Users\Pierre\AppData\Local\Temp\msdtadmin --------- 0 22.04.2010 12:55 C:\Users\Pierre\AppData\Local\Temp\{e806f302-0ed5-44e8-a7ab-d8d71418b3be} --------- 0 22.04.2010 12:55 C:\Users\Pierre\AppData\Local\Temp\{a2f64357-f7d1-410b-a59e-00bf78b2ce45} --------- 0 22.04.2010 12:54 C:\Users\Pierre\AppData\Local\Temp\{0fa120de-1787-4daf-9a85-d529e9f28ff9} --------- 0 18.04.2010 00:41 C:\Users\Pierre\AppData\Local\Temp\{C857EC85-88A4-4E20-8E3F-09AF37157A92} --------- 0 18.04.2010 00:37 C:\Users\Pierre\AppData\Local\Temp\byeA718.tmp --------- 0 25.03.2010 22:23 C:\Users\Pierre\AppData\Local\Temp\{7FBD8FBD-1EDD-452D-9AF4-AF9BF0E20557} --------- 0 20.01.2010 11:27 C:\Users\Pierre\AppData\Local\Temp\1 --------- 0 05.12.2009 21:04 C:\Users\Pierre\AppData\Local\Temp\offer --------- 0 05.12.2009 09:09 C:\Users\Pierre\AppData\Local\Temp\plugtmp --------- 0 15.11.2009 03:53 C:\Users\Pierre\AppData\Local\Temp\Cookies --------- 0 14.11.2009 20:53 C:\Users\Pierre\AppData\Local\Temp\History --------- 0 14.11.2009 20:53 C:\Users\Pierre\AppData\Local\Temp\Temporary Internet Files --------- 0 07.11.2009 23:56 C:\Users\Pierre\AppData\Local\Temp\Blizzard --------- 0 07.11.2009 18:46 C:\Users\Pierre\AppData\Local\Temp\AVSETUP_4af5a42d --------- 0 07.11.2009 18:31 C:\Users\Pierre\AppData\Local\Temp\pft704.tmp --------- 0 07.11.2009 18:23 C:\Users\Pierre\AppData\Local\Temp\pft671D.tmp --------- 0 07.11.2009 18:18 C:\Users\Pierre\AppData\Local\Temp\Low --------- 0 07.11.2009 18:13 C:\Users\Pierre\AppData\Local\Temp\msdt --------- 0 07.11.2009 18:10 C:\Users\Pierre\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 25.09.2007 22:22 C:\Users\Pierre\AppData\Local\Temp\_isD5C6.exe --------- 455600 25.09.2007 22:22 C:\Users\Pierre\AppData\Local\Temp\_isF05B.exe --------- 455600 25.09.2007 22:21 C:\Users\Pierre\AppData\Local\Temp\_is8891.exe --------- 455600 25.09.2007 22:21 C:\Users\Pierre\AppData\Local\Temp\_isFBDF.exe --------- 455600 25.09.2007 22:20 C:\Users\Pierre\AppData\Local\Temp\_is95DA.exe --------- 455600 25.09.2007 22:20 C:\Users\Pierre\AppData\Local\Temp\_isFBCF.exe --------- 455600 25.09.2007 22:20 C:\Users\Pierre\AppData\Local\Temp\_is8A55.exe --------- 455600 25.09.2007 22:20 C:\Users\Pierre\AppData\Local\Temp\_is1384.exe --------- 455600 27.02.2007 23:08 C:\Users\Pierre\AppData\Local\Temp\_isE6CC.exe --------- 456416 27.02.2007 23:08 C:\Users\Pierre\AppData\Local\Temp\_isDDE7.exe --------- 456416 27.02.2007 23:08 C:\Users\Pierre\AppData\Local\Temp\_is8BCB.exe --------- 456416 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_isBE50.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_isE871.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_isDFD4.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_is4A30.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_is402C.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_is3382.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_is9389.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_is9D1.exe --------- 455600 24.05.2006 13:10 C:\Users\Pierre\AppData\Local\Temp\_isA526.exe --------- 455600 07.04.2005 01:39 C:\Users\Pierre\AppData\Local\Temp\setF1EC.tmp --------- 121064 ---------------------------------------- C:\Program Files 10.09.2010 15:27 C:\Program Files\Mozilla Firefox --------- 24576 04.09.2010 13:57 C:\Program Files\iTunes --------- 8192 04.09.2010 13:57 C:\Program Files\iPod --------- 0 04.09.2010 13:56 C:\Program Files\QuickTime --------- 4096 25.08.2010 15:14 C:\Program Files\Spybot - Search & Destroy --------- 8192 25.08.2010 15:07 C:\Program Files\CCleaner --------- 0 21.08.2010 12:19 C:\Program Files\BitTorrent --------- 4096 13.08.2010 11:45 C:\Program Files\Internet Explorer --------- 4096 31.07.2010 17:28 C:\Program Files\StarCraft II --------- 12288 31.07.2010 17:26 C:\Program Files\ATI --------- 0 31.07.2010 17:26 C:\Program Files\Common Files --------- 4096 31.07.2010 17:25 C:\Program Files\ATI Technologies --------- 0 31.07.2010 11:31 C:\Program Files\Google --------- 0 24.07.2010 12:29 C:\Program Files\SiSoftware --------- 0 21.07.2010 15:44 C:\Program Files\Lavasoft --------- 0 21.07.2010 10:46 C:\Program Files\GMX --------- 0 02.07.2010 19:29 C:\Program Files\Bonjour --------- 4096 26.06.2010 00:01 C:\Program Files\Microsoft.NET --------- 0 13.06.2010 16:30 C:\Program Files\InstallJammer Registry --------- 0 25.05.2010 14:00 C:\Program Files\InstallShield Installation Information --------- 0 24.05.2010 13:01 C:\Program Files\SEGA --------- 0 12.05.2010 18:58 C:\Program Files\Windows Mail --------- 0 18.04.2010 00:30 C:\Program Files\Firaxis Games --------- 0 02.04.2010 13:21 C:\Program Files\SystemRequirementsLab --------- 0 18.03.2010 15:55 C:\Program Files\Mozilla Thunderbird --------- 24576 19.01.2010 09:00 C:\Program Files\TeamSpeak 3 Client --------- 4096 30.12.2009 13:51 C:\Program Files\Skype --------- 0 17.12.2009 09:53 C:\Program Files\VideoLAN --------- 0 05.12.2009 21:04 C:\Program Files\Real --------- 0 05.12.2009 09:15 C:\Program Files\Notepad++ --------- 4096 05.12.2009 09:09 C:\Program Files\WinRAR --------- 4096 04.12.2009 18:55 C:\Program Files\Java --------- 0 04.12.2009 13:48 C:\Program Files\JoWood --------- 0 13.11.2009 02:19 C:\Program Files\DivX --------- 8192 08.11.2009 20:14 C:\Program Files\Microsoft --------- 0 08.11.2009 20:14 C:\Program Files\Windows Live --------- 0 08.11.2009 20:14 C:\Program Files\Windows Live SkyDrive --------- 0 07.11.2009 23:56 C:\Program Files\Windows Media Player --------- 4096 07.11.2009 21:35 C:\Program Files\Teamspeak2_RC2 --------- 0 07.11.2009 18:49 C:\Program Files\Apple Software Update --------- 0 07.11.2009 18:45 C:\Program Files\Avira --------- 0 07.11.2009 18:44 C:\Program Files\Microsoft Office --------- 0 07.11.2009 18:25 C:\Program Files\Logitech --------- 0 07.11.2009 18:23 C:\Program Files\MozBackup --------- 0 07.11.2009 18:22 C:\Program Files\Adobe --------- 0 07.11.2009 18:12 C:\Program Files\avmwlanstick --------- 0 07.11.2009 18:09 C:\Program Files\Windows NT --------- 4096 07.11.2009 18:09 C:\Program Files\Gemeinsame Dateien --------- 0 14.07.2009 10:56 C:\Program Files\DVD Maker --------- 0 14.07.2009 10:56 C:\Program Files\Windows Journal --------- 0 14.07.2009 10:56 C:\Program Files\Microsoft Games --------- 4096 14.07.2009 10:47 C:\Program Files\Windows Sidebar --------- 4096 14.07.2009 10:47 C:\Program Files\Windows Photo Viewer --------- 4096 14.07.2009 10:47 C:\Program Files\Windows Defender --------- 4096 14.07.2009 06:53 C:\Program Files\Uninstall Information --------- 0 14.07.2009 06:52 C:\Program Files\Windows Portable Devices --------- 0 14.07.2009 06:52 C:\Program Files\MSBuild --------- 0 14.07.2009 06:52 C:\Program Files\Reference Assemblies --------- 0 14.07.2009 06:41 C:\Program Files\desktop.ini --------- 174 ---------------------------------------- C:\ProgramData\.. Pierre Default Public Default User All Users desktop.ini ---------------------------------------- C:\Windows\system32\drivers\etc\hosts ---------------------------------------- Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung ========================= ======== ================ =========== =============== System Idle Process 0 Services 0 24 K System 4 Services 0 3.440 K smss.exe 264 Services 0 1.668 K csrss.exe 368 Services 0 8.260 K wininit.exe 440 Services 0 9.488 K csrss.exe 448 Console 1 11.656 K services.exe 488 Services 0 14.020 K lsass.exe 504 Services 0 19.472 K lsm.exe 512 Services 0 6.644 K svchost.exe 644 Services 0 7.080 K svchost.exe 736 Services 0 6.384 K atiesrxx.exe 788 Services 0 12.900 K winlogon.exe 840 Console 1 13.264 K svchost.exe 892 Services 0 18.056 K svchost.exe 924 Services 0 72.928 K svchost.exe 964 Services 0 28.176 K svchost.exe 1072 Services 0 11.404 K WUDFHost.exe 1148 Services 0 21.968 K WUDFHost.exe 1200 Services 0 6.608 K svchost.exe 1268 Services 0 11.072 K AAWService.exe 1368 Services 0 34.348 K atieclxx.exe 1420 Console 1 15.636 K spoolsv.exe 1572 Services 0 25.608 K sched.exe 1612 Services 0 1.304 K svchost.exe 1632 Services 0 12.664 K dwm.exe 1856 Console 1 61.860 K explorer.exe 1904 Console 1 66.648 K taskhost.exe 1996 Console 1 43.220 K avguard.exe 2044 Services 0 10.900 K AppleMobileDeviceService. 336 Services 0 14.800 K LGDevAgt.exe 340 Console 1 36.568 K LCDMon.exe 380 Console 1 42.956 K mDNSResponder.exe 532 Services 0 27.676 K LGDCore.exe 508 Console 1 48.256 K taskeng.exe 732 Services 0 12.408 K GoogleUpdate.exe 2052 Services 0 27.424 K avgnt.exe 2072 Console 1 2.160 K MOM.exe 2144 Console 1 98.952 K svchost.exe 2332 Services 0 4.140 K SDWinSec.exe 2556 Services 0 35.444 K iTunesHelper.exe 2600 Console 1 73.436 K sidebar.exe 2608 Console 1 92.620 K TeaTimer.exe 2620 Console 1 122.452 K LCDClock.exe 2720 Console 1 32.552 K LCDMedia.exe 2808 Console 1 65.820 K LCDPop3.exe 2816 Console 1 32.832 K LCDCountdown.exe 2852 Console 1 33.488 K LCDRSS.exe 2860 Console 1 43.148 K CurseClient.exe 3020 Console 1 3.176 K unsecapp.exe 3104 Services 0 12.556 K WmiPrvSE.exe 3208 Services 0 16.416 K CCC.exe 3752 Console 1 93.812 K iPodService.exe 3936 Services 0 16.740 K SearchIndexer.exe 2572 Services 0 19.592 K WMPSideShowGadget.exe 1940 Console 1 66.696 K wmplayer.exe 3596 Console 1 133.520 K svchost.exe 2520 Services 0 4.716 K svchost.exe 2996 Services 0 11.368 K wmpnetwk.exe 4448 Services 0 2.616 K svchost.exe 4640 Services 0 11.836 K taskhost.exe 5056 Services 0 12.752 K AAWTray.exe 5344 Console 1 3.780 K svchost.exe 5100 Services 0 24.452 K firefox.exe 5264 Console 1 78.600 K OTL.exe 4032 Console 1 46.732 K notepad.exe 5776 Console 1 4.884 K notepad.exe 5312 Console 1 5.192 K audiodg.exe 5536 Services 0 14.748 K notepad.exe 3316 Console 1 5.336 K SearchProtocolHost.exe 4208 Services 0 6.476 K SearchFilterHost.exe 4060 Services 0 4.668 K notepad.exe 2508 Console 1 5.348 K WinRAR.exe 4300 Console 1 13.100 K cmd.exe 4252 Console 1 3.332 K conhost.exe 4064 Console 1 4.292 K tasklist.exe 5552 Console 1 4.412 K WmiPrvSE.exe 4776 Services 0 5.160 K ***** Ende des Scans 10.09.2010 um 15:39:20,34 *** |
1. deinstaliere spybot, der teatimer macht probleme beim reinigen. starte neu. 2. download malwarebytes: Malwarebytes instalieren, öffnen, registerkarte aktualisierung, programm updaten, schalte nun alles an laufenden programmen ab, auch den avira guard, trenne die internetverbindung, starte nun einen komplett scan, funde löschen, avira + internet ein, log posten. 3. bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 22:51 Uhr. |
Copyright ©2000-2025, Trojaner-Board