| |
| |||||||
Log-Analyse und Auswertung: abnow entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
27.02.2012, 14:18
| #1 |
 |  abnow entfernen hallo, ich habe wohl den abnow virus also wenn ich bei google was such werde ich umgeleitet  wie werde ich den wieder los ???? dar ich nicht so viel ahnugn von computern hab bitte ich die antworn so unkomplizirt wie moglich zu halten bitte helft mir ihr seid meine zetzte hoffnugn danke schon mal im vornaus |
|
27.02.2012, 16:11
| #2 |
| /// Malware-holic   | abnow entfernen hi,
__________________nutzt du den pc für onlinebanking, einkäufe, sonstige zahlungsabwicklungen, oder ähnlich wichtiges, wie berufliches?
__________________ |
|
27.02.2012, 17:45
| #3 |
| | abnow entfernen nein eigentlich nicht nur für games.
__________________kannst du mir bitte sagen wie ich ihn wieder loswerde????? |
|
27.02.2012, 17:47
| #4 |
| /// Malware-holic | abnow entfernen hi, heißt eigendlich nein, oder doch... ist doch eig klar zu beantworten die frage. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2012, 18:26
| #5 |
| | abnow entfernen danke also hir OTL_TxtOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.02.2012 19:38:48 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Daxter\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 67,18% Memory free
4,21 Gb Paging File | 3,36 Gb Available in Paging File | 79,70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 275,07 Gb Total Space | 198,65 Gb Free Space | 72,22% Space Free | Partition Type: NTFS
Computer Name: DAXTER-PC | User Name: Daxter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{63FE62C1-A665-45A5-ABD4-E08FEDD92BDB}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{6596B9CD-4F65-4CFB-9076-CCBA1759FC83}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\warhammer 40,000 space marine demo\spacemarine.exe |
"{D5ECF135-51B6-4C95-9C7E-2753021DE12C}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{DEAAB074-139C-40CC-9DEF-72460AD9D3FA}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\warhammer 40,000 space marine demo\spacemarine.exe |
"TCP Query User{837CACB8-86C5-4E76-8CA0-14A7B665AF8E}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |
"TCP Query User{9EAD6450-4C73-4F22-A216-7BAE8B3FEE0F}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{D98F5672-C81D-48CE-BA32-73AF7C47EEF4}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=6 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |
"TCP Query User{FAAC385A-C983-44A0-B968-93C55CCD0A22}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=6 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{32160A85-66C5-4676-885B-63524966B2CC}C:\program files\wolfenstein - enemy territory\et.exe" = protocol=17 | dir=in | app=c:\program files\wolfenstein - enemy territory\et.exe |
"UDP Query User{3D437F70-C320-46ED-9DD9-AB1272D40657}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{47A34548-33FB-44A2-B5D3-F603956849D8}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |
"UDP Query User{E4090C96-EE0E-45BD-ACDB-5DC33A3198BE}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" = protocol=17 | dir=in | app=c:\program files\thq\dawn of war - dark crusade\darkcrusade.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217002FF}" = Java(TM) 7 Update 2
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{57C39411-6747-489C-A226-46885FB0D2D0}" = DriverBoost
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: Angel Of Darkeness
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"{FF39FC01-819B-42E4-AE49-1968AF12DDD4}" = Dawn of War - Dark Crusade
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AT&T WorldNet Software" = AT&T WorldNet Setup
"Chica Password Manager_is1" = Chica Password Manager 1.10.0.6
"DriverNavigator_is1" = DriverNavigator 2.7.5
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"FinalTorrent_is1" = FinalTorrent 2011
"Free Studio_is1" = Free Studio version 5.3.3
"FreeHideIP" = Free Hide IP
"HyperCam 3" = HyperCam 3
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{93656878-FF8B-4935-99BB-F3F260037C57}" = Lara Croft Tomb Raider: The Angel Of Darkness
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"SimCity 3000" = SimCity 3000
"Starsiege TRIBES" = Starsiege TRIBES 1.8
"Steam" = Steam
"Trusted Software Assistant_is1" = File Type Assistant
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"VLC classic" = VLC classic
"VLC media player" = VLC media player 2.0.0
"WinRAR archiver" = WinRAR 4.10 (32-Bit)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"ClickPotatoLiteSA" = ClickPotato
"FileHunter" = FileHunter
"Google Chrome" = Google Chrome
"RewardsArcadeSuite" = RewardsArcadeSuite
"Whoislive" = Whoislive
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 24.02.2012 15:00:38 | Computer Name = Daxter-PC | Source = Perflib | ID = 1005
Description =
Error - 24.02.2012 15:00:38 | Computer Name = Daxter-PC | Source = Perflib | ID = 1017
Description =
Error - 24.02.2012 15:04:34 | Computer Name = Daxter-PC | Source = VSS | ID = 8194
Description =
Error - 25.02.2012 12:51:42 | Computer Name = Daxter-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung SpaceMarine.exe, Version 1.0.12345.0, Zeitstempel
0x4e4c3940, fehlerhaftes Modul kernel32.dll, Version 6.0.6000.16820, Zeitstempel
0x49952034, Ausnahmecode 0xc0000005, Fehleroffset 0x00047359, Prozess-ID 0xfc0,
Anwendungsstartzeit 01ccf3ddb39b91a0.
Error - 25.02.2012 12:54:46 | Computer Name = Daxter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\DriverTuner\DPInst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.02.2012 13:51:29 | Computer Name = Daxter-PC | Source = EventSystem | ID = 4621
Description =
Error - 25.02.2012 15:18:56 | Computer Name = Daxter-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung winlogon.exe, Version 6.0.6000.16386, Zeitstempel
0x4549aff7, fehlerhaftes Modul ntdll.dll, Version 6.0.6000.16386, Zeitstempel 0x4549bdc9,
Ausnahmecode 0xc0000005, Fehleroffset 0x0002726f, Prozess-ID 0x1244, Anwendungsstartzeit
01ccf3e61d58d90b.
Error - 25.02.2012 17:07:57 | Computer Name = Daxter-PC | Source = EventSystem | ID = 4621
Description =
Error - 26.02.2012 11:47:58 | Computer Name = Daxter-PC | Source = EventSystem | ID = 4621
Description =
Error - 26.02.2012 14:22:21 | Computer Name = Daxter-PC | Source = EventSystem | ID = 4621
Description =
[ System Events ]
Error - 26.02.2012 12:12:09 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 12:12:09 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
12, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 12:12:09 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
13, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 12:12:09 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
14, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
15, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
10, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
11, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
12, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
13, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
Error - 26.02.2012 14:23:08 | Computer Name = Daxter-PC | Source = ACPI | ID = 327686
Description = IRQARB: ACPI-BIOS enthält keinen IRQ für das Gerät im PCI-Steckplatz
14, Funktion 0. Wenden Sie sich an den Systemhersteller, um technische Unterstützung
zu erhalten.
< End of report >
|
|
27.02.2012, 18:28
| #6 |
| | abnow entfernen hir is der OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.02.2012 19:38:48 - Run 1 OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Daxter\Downloads Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation Internet Explorer (Version = 7.0.6000.16982) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,34 Gb Available Physical Memory | 67,18% Memory free 4,21 Gb Paging File | 3,36 Gb Available in Paging File | 79,70% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 275,07 Gb Total Space | 198,65 Gb Free Space | 72,22% Space Free | Partition Type: NTFS Computer Name: DAXTER-PC | User Name: Daxter | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.02.26 19:36:57 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Daxter\Downloads\OTL.exe PRC - [2012.02.23 15:39:21 | 000,489,256 | ---- | M] (Valve Corporation) -- C:\Programme\Common Files\Steam\SteamService.exe PRC - [2012.02.23 14:58:13 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Programme\Steam\Steam.exe PRC - [2012.02.20 12:03:40 | 000,260,608 | ---- | M] () -- C:\Users\Daxter\AppData\Roaming\SuperPump\updater.exe PRC - [2012.02.14 19:28:41 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ieuser.exe PRC - [2012.02.14 18:37:05 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2012.02.14 18:01:30 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2012.02.09 11:59:08 | 001,529,152 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe PRC - [2012.02.09 11:59:08 | 001,220,928 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe PRC - [2012.01.03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Programme\Ask.com\Updater\Updater.exe PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin PRC - [2010.01.15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe PRC - [2009.08.10 17:15:42 | 000,178,720 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe PRC - [2009.08.10 17:15:36 | 000,387,616 | ---- | M] () -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe PRC - [2006.11.02 10:45:21 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpksetup.exe PRC - [2006.11.02 10:45:21 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpremove.exe ========== Modules (No Company Name) ========== MOD - [2012.02.25 15:49:15 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,692,224 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2012.02.25 15:49:15 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2012.02.25 15:49:15 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll MOD - [2012.02.25 15:49:15 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2012.02.25 15:49:14 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:14 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:12 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:12 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2012.02.25 15:49:11 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2012.02.25 15:49:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2012.02.25 15:49:09 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:09 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2012.02.25 15:49:09 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2012.02.25 15:49:08 | 000,798,720 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:08 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:08 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:08 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:08 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2012.02.25 15:49:08 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2012.02.25 15:49:07 | 000,675,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:07 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:07 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2012.02.25 15:49:07 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2012.02.25 15:49:07 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2012.02.25 15:49:07 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2012.02.25 15:49:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2012.02.25 15:49:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2012.02.25 15:49:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2012.02.25 15:49:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll MOD - [2012.02.25 15:49:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2012.02.25 15:49:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2012.02.25 15:49:04 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2012.02.25 15:49:04 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2012.02.25 15:49:03 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2012.02.25 15:49:03 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll MOD - [2012.02.25 15:49:02 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll MOD - [2012.02.25 15:49:02 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2012.02.25 15:49:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll MOD - [2012.02.25 15:49:02 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2012.02.25 15:49:01 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll MOD - [2012.02.25 15:49:01 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2012.02.25 15:49:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2012.02.25 15:49:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2012.02.25 15:49:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2012.02.25 15:49:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2012.02.25 15:49:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2012.02.25 15:49:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll MOD - [2012.02.25 15:49:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2012.02.25 15:49:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2012.02.25 15:49:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2012.02.25 15:49:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2012.02.25 15:49:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2012.02.25 15:49:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2012.02.25 15:48:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2012.02.25 15:48:58 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll MOD - [2012.02.25 15:48:58 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll MOD - [2012.02.25 15:48:58 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2012.02.25 15:48:58 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2012.02.25 15:48:58 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2012.02.25 15:48:58 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2012.02.25 15:48:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2012.02.25 15:48:58 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2012.02.25 15:48:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2012.02.25 15:48:58 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2012.02.25 15:48:58 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2012.02.25 15:48:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll MOD - [2012.02.25 15:48:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2012.02.25 15:48:58 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll MOD - [2012.02.25 15:48:58 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2012.02.25 15:48:58 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2012.02.25 15:48:58 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2012.02.25 15:48:58 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2012.02.25 15:48:57 | 000,544,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2012.02.25 15:48:57 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2012.02.25 15:48:57 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2012.02.25 15:48:56 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2012.02.25 15:48:55 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2012.02.25 15:48:54 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2012.02.25 15:48:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2012.02.25 15:48:50 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2012.02.25 15:48:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2012.02.25 15:48:48 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2012.02.25 15:48:45 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll MOD - [2012.02.25 15:48:43 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll MOD - [2012.02.25 15:48:42 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2012.02.25 15:48:39 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll MOD - [2012.02.25 15:48:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll MOD - [2012.02.23 15:39:19 | 014,415,144 | ---- | M] () -- C:\Programme\Steam\bin\libcef.dll MOD - [2012.02.23 15:39:15 | 000,857,896 | ---- | M] () -- C:\Programme\Steam\bin\chromehtml.dll MOD - [2012.02.23 15:39:13 | 000,091,432 | ---- | M] () -- C:\Programme\Steam\bin\avutil-50.dll MOD - [2012.02.23 15:39:11 | 000,155,432 | ---- | M] () -- C:\Programme\Steam\bin\avformat-52.dll MOD - [2012.02.23 15:39:09 | 000,914,216 | ---- | M] () -- C:\Programme\Steam\bin\avcodec-52.dll MOD - [2012.02.22 17:20:58 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\cccf9e783368088a6d357cc45f446478\Accessibility.ni.dll MOD - [2012.02.22 17:20:56 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll MOD - [2012.02.22 17:20:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll MOD - [2012.02.22 17:20:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll MOD - [2012.02.22 14:29:54 | 000,985,088 | ---- | M] () -- C:\Programme\OpenOffice.org 3\program\libxml2.dll MOD - [2012.02.22 10:44:24 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll MOD - [2012.02.22 10:44:07 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll MOD - [2012.02.22 10:43:55 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll MOD - [2012.02.22 10:42:51 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll MOD - [2012.02.22 10:42:43 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll MOD - [2012.02.20 12:03:40 | 000,260,608 | ---- | M] () -- C:\Users\Daxter\AppData\Roaming\SuperPump\updater.exe MOD - [2012.02.14 17:54:24 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2012.02.14 17:34:38 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.02.11 06:30:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2009.11.24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2006.11.02 10:46:10 | 000,227,328 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll ========== Win32 Services (SafeList) ========== SRV - [2012.02.23 15:39:21 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.02.09 11:59:08 | 001,529,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService) SRV - [2009.08.10 17:15:42 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp) SRV - [2009.08.10 17:15:36 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2006.11.02 10:45:47 | 000,005,120 | ---- | M] (Iomega) [Auto | Running] -- C:\Windows\System32\CiscoVpnInstallService.dll -- (syntp) ========== Driver Services (SafeList) ========== DRV - [2012.02.09 11:48:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv) DRV - [2010.02.11 08:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300) DRV - [2010.02.11 08:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32) DRV - [2009.07.01 12:19:00 | 000,362,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmimx32.sys -- (NVNET55) DRV - [2006.11.02 09:57:06 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir) DRV - [2006.11.02 08:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.funmoods.com/results.php?f=4&a=ironto&q={searchTerms} IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb118?a=6PQppcC5hR&i=26 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - No CLSID value found IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=;ftp=;https=; FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Daxter\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Daxter\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp1950@crossrider.com: C:\Users\Daxter\AppData\Local\RewardsArcadeSuite\1950\Firefox [2012.02.26 17:32:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Users\Daxter\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions [2012.02.24 20:03:58 | 000,000,000 | ---D | M] [2012.02.13 16:05:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daxter\AppData\Roaming\mozilla\Extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Daxter\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Daxter\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Daxter\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Daxter\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java(TM) Platform SE 7 U2 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Google Update (Enabled) = C:\Users\Daxter\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Daxter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Daxter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\ CHR - Extension: Youtube Download Button = C:\Users\Daxter\AppData\Local\Google\Chrome\User Data\Default\Extensions\milhcembhfbldemlmhielmckdbadkeno\1.0_0\ CHR - Extension: Google Mail = C:\Users\Daxter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {11111111-1111-1111-1111-110011221158} - No CLSID value found. O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found. O2 - BHO: (no name) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - No CLSID value found. O2 - BHO: (no name) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - No CLSID value found. O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O2 - BHO: (RewardsArcadeSuite) - {B6EF6C45-5E8D-4c3b-B580-A5073261A381} - C:\Programme\RewardsArcadeSuite\RewardsArcadeSuite.dll (215 Apps) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found. O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No CLSID value found. O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (no name) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe File not found O4 - HKCU..\Run: [CompuCare Check for updates] C:\Users\Daxter\AppData\Roaming\SuperPump\updater.exe () O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: Free YouTube Download - C:\Users\Daxter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Daxter\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\pnrpnsp.dll File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.7.0_02) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{228B9693-5730-4550-AACB-79B92E415CD7}: DhcpNameServer = 192.168.2.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Daxter\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Daxter\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: syntp - C:\Windows\System32\CiscoVpnInstallService.dll (Iomega) NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.02.26 17:45:35 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Documents\My Downloads [2012.02.26 17:45:35 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\FinalTorrent [2012.02.26 17:35:29 | 000,000,000 | --SD | C] -- C:\Users\Daxter\Documents\Chica Passwords [2012.02.26 17:33:48 | 000,000,000 | ---D | C] -- C:\Program Files\File Type Assistant [2012.02.26 17:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalTorrent [2012.02.26 17:33:38 | 000,000,000 | ---D | C] -- C:\Program Files\FinalTorrent [2012.02.26 17:33:28 | 000,000,000 | ---D | C] -- C:\ProgramData\whoislive [2012.02.26 17:33:17 | 000,000,000 | ---D | C] -- C:\Program Files\Free Offers from Freeze.com [2012.02.26 17:32:22 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\RewardsArcadeSuite [2012.02.26 17:32:21 | 000,000,000 | ---D | C] -- C:\Program Files\RewardsArcadeSuite [2012.02.26 17:27:43 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\SystemUpdaterApp [2012.02.26 17:27:29 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\SuperPump [2012.02.25 19:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\100 [2012.02.25 19:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate [2012.02.25 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\RegistryKeys [2012.02.25 17:45:34 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\PC Speed Maximizer [2012.02.25 17:45:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer [2012.02.25 17:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Device Doctor [2012.02.25 17:37:20 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Device Doctor [2012.02.25 15:49:44 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\ATI [2012.02.25 15:49:44 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\ATI [2012.02.25 15:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.02.25 15:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.02.25 15:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.02.25 15:40:44 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.02.25 15:39:32 | 000,000,000 | ---D | C] -- C:\ATI [2012.02.25 15:20:41 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Easeware [2012.02.25 15:20:41 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware [2012.02.25 15:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverNavigator [2012.02.25 14:54:51 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\.minecraft [2012.02.25 14:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB [2012.02.25 14:49:52 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\PC_Drivers_Headquarters [2012.02.25 14:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverBoost [2012.02.25 14:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverBoost [2012.02.25 14:47:36 | 000,000,000 | ---D | C] -- C:\Program Files\DriverBoost [2012.02.24 20:03:59 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClickPotato [2012.02.24 20:03:58 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\ClickPotatoLiteSA [2012.02.24 19:50:36 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\I Want This [2012.02.24 19:50:12 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC [2012.02.24 19:49:12 | 000,000,000 | ---D | C] -- C:\Program Files\Vlcclassic [2012.02.24 19:41:17 | 000,000,000 | ---D | C] -- C:\Program Files\JDownloader [2012.02.24 19:29:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2012.02.24 19:17:13 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\SKIDROW [2012.02.24 19:17:13 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\DarknessII [2012.02.23 16:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.02.23 16:55:02 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.02.23 16:49:59 | 000,000,000 | ---D | C] -- C:\NVIDIA [2012.02.22 20:21:59 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\THQ [2012.02.22 16:33:14 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\DarknessIIDemo [2012.02.22 16:23:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.02.22 16:22:09 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valve [2012.02.22 16:22:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve [2012.02.22 16:01:40 | 000,000,000 | ---D | C] -- C:\Program Files\Valve [2012.02.22 15:31:10 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory [2012.02.22 15:31:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein - Enemy Territory [2012.02.22 15:27:54 | 000,054,784 | ---- | C] (Blue Sky Software Corporation.) -- C:\Windows\System32\inetwh32.dll [2012.02.22 15:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AT&T WorldNet Software [2012.02.22 15:27:53 | 000,000,000 | ---D | C] -- C:\Program Files\AT&T [2012.02.22 15:27:52 | 000,000,000 | ---D | C] -- C:\Windows\WNBackup [2012.02.22 15:26:54 | 000,000,000 | ---D | C] -- C:\Windows\solcache [2012.02.22 15:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dynamix [2012.02.22 15:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra On-Line [2012.02.22 15:26:07 | 000,000,000 | ---D | C] -- C:\Dynamix [2012.02.22 15:00:11 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\OpenOffice.org [2012.02.22 14:59:14 | 000,000,000 | ---D | C] -- C:\ARENA [2012.02.22 14:57:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner [2012.02.22 14:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle of Endor v2.1 [2012.02.22 14:29:24 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.02.22 14:27:12 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3 [2012.02.22 13:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2012.02.22 13:59:47 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2012.02.21 18:41:04 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\vlc [2012.02.21 18:40:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.02.21 16:29:31 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Desktop\musik [2012.02.21 16:29:16 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Desktop\funny [2012.02.21 16:08:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullfrog [2012.02.21 16:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis [2012.02.21 16:00:11 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis [2012.02.21 14:52:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio [2012.02.21 14:43:44 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Solveig Multimedia [2012.02.21 14:43:25 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Documents\HyperCam3 [2012.02.21 14:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HyperCam 3 [2012.02.21 14:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Solveig Multimedia [2012.02.21 14:42:02 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 3 [2012.02.21 09:44:17 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\TempDIR [2012.02.21 09:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2012.02.21 09:37:30 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Conduit [2012.02.21 09:37:29 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoftTB [2012.02.21 09:26:29 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\DVDVideoSoftIEHelpers [2012.02.21 09:25:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.02.21 09:25:45 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\DVDVideoSoft [2012.02.21 09:24:41 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Documents\DVDVideoSoft [2012.02.21 09:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2012.02.21 09:24:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2012.02.18 11:48:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive [2012.02.18 11:40:09 | 000,000,000 | ---D | C] -- C:\Program Files\Eidos Interactive [2012.02.18 11:39:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2012.02.15 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Adobe [2012.02.13 21:48:18 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Microsoft Games [2012.02.13 20:35:39 | 000,000,000 | ---D | C] -- C:\Users\Daxter\Desktop\mp3 [2012.02.13 17:33:52 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.02.13 17:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan [2012.02.13 17:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2012.02.13 17:26:19 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan [2012.02.13 17:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.02.13 17:24:09 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.02.13 17:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2012.02.13 17:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.02.13 17:04:24 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.02.13 17:04:24 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.02.13 17:03:39 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\TuneUp Software [2012.02.13 17:03:25 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012 [2012.02.13 17:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.02.13 17:02:36 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.02.13 16:42:34 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\FreeHideIP [2012.02.13 16:42:34 | 000,000,000 | ---D | C] -- C:\ProgramData\FreeHideIP [2012.02.13 16:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com [2012.02.13 16:41:02 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\APN [2012.02.13 16:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Hide IP [2012.02.13 16:40:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2012.02.13 16:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\FreeHideIP [2012.02.13 16:05:16 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Mozilla [2012.02.13 15:53:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.02.13 15:53:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2012.02.13 15:51:40 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.02.13 15:51:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.02.13 15:48:18 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\WinRAR [2012.02.13 15:48:18 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.02.13 15:48:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2012.02.13 15:47:58 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2012.02.13 15:36:21 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Babylon [2012.02.13 15:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012.02.13 15:36:19 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Babylon [2012.02.13 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Macromedia [2012.02.13 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Adobe [2012.02.13 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012.02.13 15:19:05 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Google [2012.02.13 15:18:21 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Apps [2012.02.13 15:18:20 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Deployment [2012.02.12 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Xfire [2012.02.12 13:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire [2012.02.12 13:23:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ [2012.02.12 13:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\THQ [2012.02.12 13:23:31 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2012.02.12 13:22:03 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\InstallShield [2012.02.12 13:14:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.02.12 13:14:11 | 000,000,000 | R--D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.02.12 13:14:11 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Searches [2012.02.12 13:14:11 | 000,000,000 | R--D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.02.12 13:14:03 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Identities [2012.02.12 13:14:01 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Contacts [2012.02.12 13:14:00 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\VirtualStore [2012.02.12 13:13:55 | 000,000,000 | --SD | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Videos [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Saved Games [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Pictures [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Music [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Links [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Favorites [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Downloads [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Documents [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\Desktop [2012.02.12 13:13:55 | 000,000,000 | R--D | C] -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Vorlagen [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\AppData\Local\Verlauf [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\AppData\Local\Temporary Internet Files [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Startmenü [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\SendTo [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Recent [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Netzwerkumgebung [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Lokale Einstellungen [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Documents\Eigene Videos [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Documents\Eigene Musik [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Eigene Dateien [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Documents\Eigene Bilder [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Druckumgebung [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Cookies [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\AppData\Local\Anwendungsdaten [2012.02.12 13:13:55 | 000,000,000 | -HSD | C] -- C:\Users\Daxter\Anwendungsdaten [2012.02.12 13:13:55 | 000,000,000 | -H-D | C] -- C:\Users\Daxter\AppData [2012.02.12 13:13:55 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Temp [2012.02.12 13:13:55 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Local\Microsoft [2012.02.12 13:13:55 | 000,000,000 | ---D | C] -- C:\Users\Daxter\AppData\Roaming\Media Center Programs [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Programme [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.02.12 13:10:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.02.12 13:07:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.02.12 13:03:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2012.02.26 19:26:56 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012.02.26 19:24:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1000UA.job [2012.02.26 19:23:40 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.02.26 19:23:40 | 000,003,952 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.02.26 19:23:38 | 000,000,000 | -HS- | M] () -- C:\Windows\System32\dds_log_trash.cmd [2012.02.26 19:23:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.02.26 19:23:32 | 2146,885,632 | -HS- | M] () -- C:\hiberfil.sys [2012.02.26 19:20:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1002UA.job [2012.02.26 19:20:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1002Core.job [2012.02.26 18:53:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1001UA.job [2012.02.26 18:12:25 | 000,001,822 | ---- | M] () -- C:\Users\Daxter\Desktop\JDownloader.lnk [2012.02.26 17:36:47 | 000,001,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.02.26 17:33:39 | 000,000,852 | ---- | M] () -- C:\Users\Daxter\Desktop\FinalTorrent.lnk [2012.02.26 17:33:17 | 000,001,746 | ---- | M] () -- C:\Users\Daxter\Desktop\Facebook Photo Drag-n-Drop.lnk [2012.02.26 17:27:43 | 000,000,877 | ---- | M] () -- C:\Users\Daxter\Desktop\FileHunter.lnk [2012.02.26 17:20:27 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C3791559-946F-4296-A08B-1F2EFA1FF33A}.job [2012.02.26 16:47:52 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1000Core.job [2012.02.25 16:54:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1001Core.job [2012.02.25 15:45:01 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.02.25 15:27:57 | 000,000,438 | ---- | M] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job [2012.02.24 20:00:47 | 000,003,487 | ---- | M] () -- C:\user.js [2012.02.24 19:50:12 | 000,001,053 | ---- | M] () -- C:\Users\Daxter\Desktop\VLC.lnk [2012.02.23 19:30:24 | 000,000,680 | RHS- | M] () -- C:\Users\Daxter\ntuser.pol [2012.02.23 17:18:10 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.02.23 17:18:10 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.02.23 17:18:10 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.02.23 17:18:10 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.02.23 16:30:57 | 000,000,680 | ---- | M] () -- C:\Users\Daxter\AppData\Local\d3d9caps.dat [2012.02.23 16:07:01 | 000,000,216 | ---- | M] () -- C:\Users\Daxter\Desktop\The Darkness II Demo.url [2012.02.22 16:28:44 | 000,000,804 | ---- | M] () -- C:\Users\Daxter\Desktop\Steam.lnk [2012.02.22 16:26:53 | 000,254,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.02.22 16:01:40 | 000,001,451 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2012.02.22 15:36:34 | 027,947,802 | ---- | M] () -- C:\Users\Daxter\Desktop\gmod_9_0_4.exe [2012.02.22 15:26:51 | 000,000,648 | ---- | M] () -- C:\Users\Public\Desktop\Starsiege TRIBES.lnk [2012.02.22 15:26:29 | 000,000,280 | ---- | M] () -- C:\Windows\Sierra.ini [2012.02.22 15:00:29 | 000,001,028 | ---- | M] () -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012.02.22 14:29:25 | 000,000,989 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2012.02.22 10:45:18 | 000,015,360 | ---- | M] () -- C:\Users\Daxter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.21 16:01:05 | 000,001,028 | ---- | M] () -- C:\Users\Daxter\Desktop\SimCity 3000.lnk [2012.02.21 16:00:00 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2012.02.21 16:00:00 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2012.02.21 14:42:04 | 000,000,840 | ---- | M] () -- C:\Users\Daxter\Desktop\HyperCam 3.lnk [2012.02.21 14:07:07 | 000,001,032 | ---- | M] () -- C:\Users\Daxter\Desktop\DVDVideoSoft Free Studio.lnk [2012.02.21 09:26:52 | 000,002,047 | ---- | M] () -- C:\Users\Daxter\Desktop\Google Chrome.lnk [2012.02.18 11:48:59 | 000,000,887 | ---- | M] () -- C:\Users\Public\Desktop\TRAOD.lnk [2012.02.14 19:25:29 | 000,001,820 | ---- | M] () -- C:\Windows\System32\rasctrnm.h [2012.02.14 19:16:37 | 001,657,350 | ---- | M] () -- C:\Windows\System32\wlan.tmf [2012.02.14 17:40:51 | 026,935,296 | ---- | M] () -- C:\Windows\ocsetup_install_NetFx3.etl [2012.02.14 17:40:51 | 000,196,608 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2012.02.14 17:40:51 | 000,065,536 | ---- | M] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2012.02.13 17:37:59 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\Free Hide IP.lnk [2012.02.13 17:33:52 | 164,522,904 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.02.12 13:23:34 | 000,000,809 | ---- | M] () -- C:\Users\Public\Desktop\Dark Crusade.lnk [2012.02.12 13:07:16 | 000,054,990 | ---- | M] () -- C:\Windows\System32\license.rtf [2012.02.12 13:02:32 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2012.02.09 11:59:10 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.02.09 11:59:08 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll ========== Files Created - No Company Name ========== [2012.02.26 19:15:09 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1002UA.job [2012.02.26 19:15:08 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1002Core.job [2012.02.26 18:12:25 | 000,001,822 | ---- | C] () -- C:\Users\Daxter\Desktop\JDownloader.lnk [2012.02.26 17:33:45 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\FinalTorrent Update Checker.job [2012.02.26 17:33:39 | 000,000,852 | ---- | C] () -- C:\Users\Daxter\Desktop\FinalTorrent.lnk [2012.02.26 17:33:17 | 000,001,746 | ---- | C] () -- C:\Users\Daxter\Desktop\Facebook Photo Drag-n-Drop.lnk [2012.02.26 17:27:43 | 000,000,877 | ---- | C] () -- C:\Users\Daxter\Desktop\FileHunter.lnk [2012.02.25 20:06:14 | 000,000,000 | -HS- | C] () -- C:\Windows\System32\dds_log_trash.cmd [2012.02.25 15:45:01 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.02.25 15:20:43 | 000,000,438 | ---- | C] () -- C:\Windows\tasks\DriverNavigator Scheduled Scan.job [2012.02.25 15:02:51 | 000,270,142 | ---- | C] () -- C:\Users\Daxter\Desktop\Minecraft.exe [2012.02.24 19:50:12 | 000,001,053 | ---- | C] () -- C:\Users\Daxter\Desktop\VLC.lnk [2012.02.24 19:42:03 | 000,001,786 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk [2012.02.24 19:42:03 | 000,001,730 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk [2012.02.24 19:42:03 | 000,001,709 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk [2012.02.23 16:52:14 | 000,005,876 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin [2012.02.23 16:36:38 | 2146,885,632 | -HS- | C] () -- C:\hiberfil.sys [2012.02.23 16:29:54 | 000,000,680 | ---- | C] () -- C:\Users\Daxter\AppData\Local\d3d9caps.dat [2012.02.23 16:07:01 | 000,000,216 | ---- | C] () -- C:\Users\Daxter\Desktop\The Darkness II Demo.url [2012.02.22 16:47:37 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1001UA.job [2012.02.22 16:47:36 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1001Core.job [2012.02.22 16:01:40 | 000,001,451 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk [2012.02.22 15:35:20 | 027,947,802 | ---- | C] () -- C:\Users\Daxter\Desktop\gmod_9_0_4.exe [2012.02.22 15:27:54 | 000,270,848 | ---- | C] () -- C:\Windows\unwise.exe [2012.02.22 15:26:51 | 000,000,648 | ---- | C] () -- C:\Users\Public\Desktop\Starsiege TRIBES.lnk [2012.02.22 15:18:34 | 000,000,280 | ---- | C] () -- C:\Windows\Sierra.ini [2012.02.22 15:00:29 | 000,001,028 | ---- | C] () -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012.02.22 14:29:25 | 000,000,989 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2012.02.22 13:59:47 | 000,000,804 | ---- | C] () -- C:\Users\Daxter\Desktop\Steam.lnk [2012.02.22 13:35:32 | 000,000,680 | RHS- | C] () -- C:\Users\Daxter\ntuser.pol [2012.02.21 16:08:23 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ealtest.exe [2012.02.21 16:01:05 | 000,001,028 | ---- | C] () -- C:\Users\Daxter\Desktop\SimCity 3000.lnk [2012.02.21 16:00:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2012.02.21 16:00:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2012.02.21 14:42:04 | 000,000,840 | ---- | C] () -- C:\Users\Daxter\Desktop\HyperCam 3.lnk [2012.02.21 09:30:32 | 000,015,360 | ---- | C] () -- C:\Users\Daxter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.02.21 09:26:02 | 000,001,032 | ---- | C] () -- C:\Users\Daxter\Desktop\DVDVideoSoft Free Studio.lnk [2012.02.18 11:48:59 | 000,000,887 | ---- | C] () -- C:\Users\Public\Desktop\TRAOD.lnk [2012.02.14 19:25:29 | 000,001,820 | ---- | C] () -- C:\Windows\System32\rasctrnm.h [2012.02.14 19:16:37 | 001,657,350 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2012.02.14 17:35:01 | 026,935,296 | ---- | C] () -- C:\Windows\ocsetup_install_NetFx3.etl [2012.02.14 17:35:01 | 000,196,608 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.perf [2012.02.14 17:35:01 | 000,065,536 | ---- | C] () -- C:\Windows\ocsetup_cbs_install_NetFx3.dpx [2012.02.13 17:37:59 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\Free Hide IP.lnk [2012.02.13 17:33:26 | 164,522,904 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.02.13 17:26:19 | 000,001,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012.02.13 17:25:19 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.02.13 15:36:28 | 000,003,487 | ---- | C] () -- C:\user.js [2012.02.13 15:19:58 | 000,002,047 | ---- | C] () -- C:\Users\Daxter\Desktop\Google Chrome.lnk [2012.02.13 15:19:07 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1000UA.job [2012.02.13 15:19:06 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2465795501-2197299715-2873368001-1000Core.job [2012.02.12 13:23:34 | 000,000,809 | ---- | C] () -- C:\Users\Public\Desktop\Dark Crusade.lnk [2012.02.12 13:18:15 | 000,000,420 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{C3791559-946F-4296-A08B-1F2EFA1FF33A}.job [2012.02.12 13:14:12 | 000,000,949 | ---- | C] () -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.02.12 13:14:11 | 000,000,944 | ---- | C] () -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.02.12 13:14:01 | 000,000,915 | ---- | C] () -- C:\Users\Daxter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk ========== LOP Check ========== [2012.02.26 16:15:06 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\.minecraft [2012.02.13 15:36:19 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\Babylon [2012.02.24 19:17:13 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\DarknessII [2012.02.25 15:30:00 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\DarknessIIDemo [2012.02.25 17:37:25 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\Device Doctor [2012.02.23 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\DVDVideoSoft [2012.02.21 09:26:29 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\DVDVideoSoftIEHelpers [2012.02.25 15:20:41 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\Easeware [2012.02.26 19:26:55 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\FinalTorrent [2012.02.13 16:42:34 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\FreeHideIP [2012.02.22 15:00:11 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\OpenOffice.org [2012.02.25 17:45:34 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\PC Speed Maximizer [2012.02.25 17:45:34 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\RegistryKeys [2012.02.21 14:43:44 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\Solveig Multimedia [2012.02.26 17:27:43 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\SuperPump [2012.02.26 17:27:43 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\SystemUpdaterApp [2012.02.13 17:03:39 | 000,000,000 | ---D | M] -- C:\Users\Daxter\AppData\Roaming\TuneUp Software [2012.02.25 15:27:57 | 000,000,438 | ---- | M] () -- C:\Windows\Tasks\DriverNavigator Scheduled Scan.job [2012.02.26 19:26:56 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\FinalTorrent Update Checker.job [2012.02.26 19:22:32 | 000,023,950 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.02.26 17:20:27 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{C3791559-946F-4296-A08B-1F2EFA1FF33A}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.02.24 15:38:45 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2004.03.31 14:57:14 | 000,000,000 | ---D | M] -- C:\ARENA [2012.02.25 15:39:32 | 000,000,000 | ---D | M] -- C:\ATI [2012.02.12 13:02:31 | 000,000,000 | -HSD | M] -- C:\Boot [2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.02.12 13:10:33 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.02.22 15:26:07 | 000,000,000 | ---D | M] -- C:\Dynamix [2012.02.23 16:49:59 | 000,000,000 | ---D | M] -- C:\NVIDIA [2012.02.26 19:12:36 | 000,000,000 | R--D | M] -- C:\Program Files [2012.02.26 17:33:28 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.02.12 13:10:33 | 000,000,000 | -HSD | M] -- C:\Programme [2012.02.26 19:41:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.02.26 19:27:43 | 000,000,000 | R--D | M] -- C:\Users [2012.02.25 20:05:53 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < MD5 for: AGP440.SYS > [2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys [2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys < MD5 for: ATAPI.SYS > [2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys [2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys [2012.02.14 18:38:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys [2012.02.14 18:38:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys [2012.02.14 18:38:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys [2012.02.14 18:38:51 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys < MD5 for: CNGAUDIT.DLL > [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll [2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll < MD5 for: EXPLORER.EXE > [2012.02.14 18:37:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe [2012.02.14 18:37:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe [2012.02.14 18:37:04 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe [2012.02.14 18:37:04 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe [2012.02.14 19:18:50 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe [2012.02.14 19:18:50 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe [2012.02.14 18:37:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe [2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe [2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe < MD5 for: IASTORV.SYS > [2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys [2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys < MD5 for: NETLOGON.DLL > [2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll [2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll [2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll < MD5 for: NVSTOR.SYS > [2007.01.05 21:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\drivers\nvstor.sys [2007.01.05 21:59:42 | 000,035,920 | ---- | M] (NVIDIA Corporation) MD5=4A5FCAB82D9BF6AF8A023A66802FE9E9 -- C:\Windows\System32\DriverStore\FileRepository\nvstor.inf_f48b8337\nvstor.sys [2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys [2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys < MD5 for: NVSTOR32.SYS > [2009.08.04 17:44:14 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=269DE658DEAF032564E8B6430B5BD170 -- C:\NVIDIA\nForceDriver\MCP\15.51\English\IDE\WinVista\sataraid\nvstor32.sys [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\NVIDIA\nForceDriver\MCP\15.51\English\IDE\WinVista\sata_ide\nvstor32.sys [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\drivers\nvstor32.sys [2009.08.04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) MD5=3FF57A9A657C9690ECBC8B1E3B6E3979 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_dcdb2e54\nvstor32.sys [2007.08.09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Users\Daxter\AppData\Local\Temp\CDM\{EFA28042-6636-4192-A197-E75BBBEA90E0}\nvstor32.sys < MD5 for: SCECLI.DLL > [2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll [2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll [2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll < MD5 for: USER32.DLL > [2012.02.14 17:13:47 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll [2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll [2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll [2012.02.14 17:13:47 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll [2012.02.14 17:13:47 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll < MD5 for: USERINIT.EXE > [2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe [2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe [2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe < MD5 for: WINLOGON.EXE > [2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe [2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe [2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe < MD5 for: WS2IFSL.SYS > [2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys [2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys [2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV [2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV [2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV [2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV [2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV < %systemroot%\system32\*.dll /lockedfiles > [2010.02.11 06:32:36 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll < %USERPROFILE%\*.* > [2012.02.26 19:49:39 | 001,572,864 | -HS- | M] () -- C:\Users\Daxter\NTUSER.DAT [2012.02.26 19:49:39 | 000,262,144 | -H-- | M] () -- C:\Users\Daxter\ntuser.dat.LOG1 [2012.02.12 13:13:55 | 000,000,000 | -H-- | M] () -- C:\Users\Daxter\ntuser.dat.LOG2 [2012.02.12 14:55:45 | 000,065,536 | -HS- | M] () -- C:\Users\Daxter\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf [2012.02.12 14:55:45 | 000,524,288 | -HS- | M] () -- C:\Users\Daxter\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms [2012.02.12 14:55:45 | 000,524,288 | -HS- | M] () -- C:\Users\Daxter\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms [2012.02.12 13:13:55 | 000,000,020 | -HS- | M] () -- C:\Users\Daxter\ntuser.ini [2012.02.23 19:30:24 | 000,000,680 | RHS- | M] () -- C:\Users\Daxter\ntuser.pol < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 ========== Hard Links - Junction Points - Mount Points - Symbolic Links ========== [C:\Windows\$NtUninstallKB21928$] -> Error: Cannot create file handle -> Unknown point type < End of report > Geändert von daxter123 (27.02.2012 um 18:34 Uhr) |
|
27.02.2012, 18:30
| #7 |
| /// Malware-holic | abnow entfernen 1. warum hat dieser pc noch nie updates gesehen? 2. otl.txt fehlt
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2012, 18:38
| #8 |
| | abnow entfernen ok habs verbesert jetzt is der zweite text OTL-Txt und ich wiess nich warum ich keine apdates hab |
|
27.02.2012, 18:46
| #9 |
| /// Malware-holic | abnow entfernen also, das system hat noch nie updates gesehen, wie gesagt, ist mit nem relativ gefährlichem rootkit infiziert, deswegen würde ich sagen, einmal komplett neu aufsetzen und vernünftig absichern, du bekommst für alles hilfen. der zeitaufwand hier wäre aber relativ hoch, und das das system danach sauber ist, kann auch niemand garantieren. 1. Datenrettung:
4. alle Passwörter ändern! 5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen. 6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2012, 18:55
| #10 |
| | abnow entfernen ich wiess nicht wie man formatirt aber ich habe noch alle cd vom betribssystem coputer ist selbst gebaut |
|
27.02.2012, 18:57
| #11 |
| | abnow entfernen also spiele und so extern speichern un dan windos neu drauf oder |
|
27.02.2012, 18:58
| #12 |
| /// Malware-holic | abnow entfernen wenn du alle cds hast, dann bekommen wir das schon gemeinsam hin, keine angst. sichere deine daten zuerst mal. dann sag mir mal was für cds du zu dem gerät bekommen hast. nein, spiele nicht, bilder, dokumente, musik etc. instalationen von spielen musst du dann später neu machen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2012, 19:01
| #13 |
| | abnow entfernen gibt ein kleines proplem hab kein externen speicher un würd sehr ungerne meine dokumente un so verlieren gibts nich auch ne andere lösung  updaten kan ich ja auch noch instalieren Bitte Geändert von daxter123 (27.02.2012 um 19:16 Uhr) |
|
27.02.2012, 19:15
| #14 |
| /// Malware-holic | abnow entfernen du sollst deine dokumente ja auch extern sichern. was ja sowieso nötig ist, was wäre denn zb bei festplatten schaden? dann währen sie auch weg. außerdem kann bei so ner reinigung immer was schief gehen, weswegen daten sichern sowieso angesagt ist. ne packung rolinge oder nen usb stick sind ja eig recht günstig zu haben, usb sticks rund 10-15 € und da hat man 10 gb speicher, das müsste für bilder, dokumente etc reichen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
27.02.2012, 19:20
| #15 |
| | abnow entfernen ok ich speicher die dan heut noch auf ne cd die hab ich mit müh und not noch gefunden kannst du morgen so um 15:00 wieder kommen ich muss jetzt off |
|
| Themen zu abnow entfernen |
| abnow, compu, computer, computern, entferne, entfernen, google, helft, umgeleitet, virus |
Linear-Darstellung
