| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hackhound.txt im Programme Ordner?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
09.11.2010, 22:51
| #1 |
| |  Hackhound.txt im Programme Ordner? Hallo zusammen, als ich mein mein PC durchgestöbert hab, hab ich was wichtiges endeckt. Eine .txt Datei Names hackhound.txt war in meinem Programme (x86) Ordner (Also der ganz normale System-Programm Ordner). Am anfang hab ich mir nichts dabei gedacht, doch als ich die Datei dann öffnete, kam meine MSN Addy und Passwort zum vorschein. Ist das bedrohlich? Keylogger oder so? Bitte um schnelle Hilfe. Mfg Canx66 Hier mein HijackThis Log file: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:55:45, on 09.11.2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Live\Companion\companionuser.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\HiJackThis\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8743 bytes Geändert von Canx66 (09.11.2010 um 22:57 Uhr) |
|
10.11.2010, 11:34
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Hackhound.txt im Programme Ordner? Hallo und
__________________ Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Danach OTL: Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ |
|
10.11.2010, 20:27
| #3 |
| | Hackhound.txt im Programme Ordner? Erstmal Danke für deine Hilfe.
__________________Malwarebytes Logfile (vor dem entfernen der infizierten Dateien):Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 5089 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10.11.2010 20:17:19 mbam-log-2010-11-10 (20-17-19).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 289050 Laufzeit: 32 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 5 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: D:\Downloads\Spiele\MoH\loader.dll (Riskware.Tool.CK) -> No action taken. D:\SAMED\PROGRAMME\Adobe Photoshop CS4\Adobe.Photoshop.CS4.Extended.German-AoN\Crack\keygen.exe (Hacktool.Keygen) -> No action taken. D:\SAMED\PROGRAMME\SONY VEGAS 9.0\Sony.Products.Multikeygen.v1.5.Keygen.Only-DI\Keygen.exe (Trojan.Agent.CK) -> No action taken. D:\TAMER\SetupCasino_775d60_de.exe (Adware.Casino) -> No action taken. D:\TAMER\SetupCasino_c5df8d_de.exe (Adware.Casino) -> No action taken. < End of report > Malwarebytes Log File(nach dem Entfernen):Malwarebytes' Anti-Malware 1.46 Malwarebytes Datenbank Version: 5089 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 10.11.2010 20:17:35 mbam-log-2010-11-10 (20-17-35).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 289050 Laufzeit: 32 Minute(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 5 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: D:\Downloads\Spiele\MoH\loader.dll (Riskware.Tool.CK) -> Quarantined and deleted successfully. D:\SAMED\PROGRAMME\Adobe Photoshop CS4\Adobe.Photoshop.CS4.Extended.German-AoN\Crack\keygen.exe (Hacktool.Keygen) -> Quarantined and deleted successfully. D:\SAMED\PROGRAMME\SONY VEGAS 9.0\Sony.Products.Multikeygen.v1.5.Keygen.Only-DI\Keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. D:\TAMER\SetupCasino_775d60_de.exe (Adware.Casino) -> Quarantined and deleted successfully. D:\TAMER\SetupCasino_c5df8d_de.exe (Adware.Casino) -> Quarantined and deleted successfully. < End of report > OTL Logfile 1 (OTL.txt):OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.11.2010 20:20:25 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\SAMED\Desktop 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free 8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 244,04 Gb Total Space | 159,98 Gb Free Space | 65,55% Space Free | Partition Type: NTFS Drive D: | 687,37 Gb Total Space | 453,59 Gb Free Space | 65,99% Space Free | Partition Type: NTFS Computer Name: SAMED-PC | User Name: SAMED | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\SAMED\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Modules (SafeList) ========== MOD - C:\Users\SAMED\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (SNP325) USB PC Camera (SNPSTD325) -- C:\Windows\SysNative\drivers\snp325.sys (Sonix Co. Ltd.) DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 46 C6 DA 66 7C CB 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.11.07 02:39:49 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.07 02:39:48 | 000,000,000 | ---D | M] [2010.11.06 16:31:24 | 000,000,000 | ---D | M] -- C:\Users\SAMED\AppData\Roaming\mozilla\Extensions [2010.11.06 16:31:24 | 000,000,000 | ---D | M] -- C:\Users\SAMED\AppData\Roaming\mozilla\Firefox\Profiles\yvv9tf7l.default\extensions [2010.11.07 02:39:48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions [2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation) O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.10 19:50:04 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Desktop\call [2010.11.10 19:41:53 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\SAMED\Desktop\OTL.exe [2010.11.09 23:11:29 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Wheelman [2010.11.09 23:11:29 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\PC [2010.11.09 22:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJackThis [2010.11.09 22:25:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft Entertainment [2010.11.09 22:16:39 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Documents\NFS Undercover [2010.11.09 22:16:16 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\PunkBuster [2010.11.09 22:15:02 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Leadertech [2010.11.09 21:46:55 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Documents\NFS Most Wanted [2010.11.09 21:30:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA GAMES [2010.11.09 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\storage [2010.11.09 21:00:02 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Ubisoft [2010.11.09 21:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft [2010.11.09 20:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fraps [2010.11.09 20:13:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2010.11.09 14:20:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt [2010.11.08 18:53:33 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Desktop\VA-Until_One__Mixed_By_Swedish_House_Mafia-CD-2010-TGX [2010.11.08 17:44:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SFT-Loader [2010.11.07 15:49:27 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Desktop\client [2010.11.07 07:52:24 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Microsoft Games [2010.11.07 03:34:09 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\TechSmith [2010.11.07 03:34:05 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Documents\Camtasia Studio [2010.11.07 03:33:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime [2010.11.07 03:33:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TechSmith [2010.11.07 03:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2010.11.07 03:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared [2010.11.07 03:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith [2010.11.07 03:29:49 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Avira [2010.11.07 00:59:43 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\teamspeak2 [2010.11.07 00:59:40 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm [2010.11.07 00:59:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Teamspeak2_RC2 [2010.11.07 00:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0 [2010.11.07 00:05:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jowood [2010.11.06 19:25:11 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Opera [2010.11.06 19:25:11 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Opera [2010.11.06 19:24:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera [2010.11.06 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Mozilla [2010.11.06 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Mozilla [2010.11.06 16:31:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010.11.06 13:22:09 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Malwarebytes [2010.11.06 13:22:02 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.11.06 13:22:00 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.11.06 13:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.11.06 13:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.11.06 13:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.11.06 13:20:17 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.11.06 13:20:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.11.06 13:20:17 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.11.06 03:55:41 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Ahead [2010.11.06 03:54:26 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Ahead [2010.11.06 03:54:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead [2010.11.06 03:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2010.11.06 03:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2010.11.06 03:52:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Ahead [2010.11.06 01:18:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2010.11.06 00:52:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.11.06 00:52:07 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.11.06 00:51:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.11.06 00:51:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader [2010.11.05 05:05:46 | 001,942,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dfshim.dll [2010.11.05 05:05:46 | 001,130,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dfshim.dll [2010.11.05 05:05:46 | 000,320,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHost.exe [2010.11.05 05:05:46 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHost.exe [2010.11.05 05:05:46 | 000,109,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationHostProxy.dll [2010.11.05 05:05:46 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationHostProxy.dll [2010.11.05 05:05:46 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netfxperf.dll [2010.11.05 05:05:46 | 000,048,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netfxperf.dll [2010.11.05 05:05:26 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe [2010.11.05 03:07:15 | 001,736,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2010.11.05 03:07:13 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010.11.05 03:07:12 | 002,085,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll [2010.11.05 03:07:12 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.11.05 03:07:12 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.11.05 03:07:11 | 000,483,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\StructuredQuery.dll [2010.11.05 03:06:59 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2010.11.05 03:06:59 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2010.11.05 03:06:59 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2010.11.05 03:06:59 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll [2010.11.05 03:06:59 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax [2010.11.05 03:06:59 | 000,258,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2010.11.05 03:06:59 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax [2010.11.05 03:06:58 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2010.11.05 03:06:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2010.11.05 03:06:55 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.11.05 03:06:55 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.11.05 03:06:54 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.11.05 03:06:53 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll [2010.11.05 03:06:52 | 000,861,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2010.11.05 03:06:52 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2010.11.05 03:06:52 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2010.11.05 03:06:52 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2010.11.05 03:06:52 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2010.11.05 03:06:52 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2010.11.05 03:06:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2010.11.05 03:06:51 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.11.05 03:06:51 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.11.05 03:06:40 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.11.05 03:06:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010.11.05 03:06:29 | 001,024,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll [2010.11.05 03:06:29 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll [2010.11.05 03:06:18 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2010.11.05 03:06:18 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2010.11.05 03:06:18 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2010.11.05 03:06:15 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2010.11.05 03:06:07 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll [2010.11.05 03:06:07 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll [2010.11.05 03:06:06 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.11.05 03:06:06 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.11.05 03:06:06 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.11.05 03:06:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.11.05 03:06:02 | 000,702,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2010.11.05 03:06:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll [2010.11.05 03:06:01 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2010.11.05 03:06:01 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2010.11.05 03:06:01 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.11.05 03:06:01 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.11.05 03:06:01 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.11.05 03:06:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.11.05 03:06:01 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2010.11.05 03:06:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2010.11.05 03:06:01 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2010.11.05 03:06:01 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2010.11.05 03:06:01 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.11.05 03:06:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.11.05 03:05:59 | 014,627,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll [2010.11.05 03:05:58 | 011,406,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll [2010.11.05 03:05:57 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL [2010.11.05 03:05:57 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL [2010.11.05 03:05:56 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll [2010.11.05 02:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2010.11.05 02:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2010.11.05 02:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2010.11.05 02:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework [2010.11.05 02:38:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2010.11.05 02:38:12 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2010.11.05 02:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services [2010.11.05 02:37:35 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Microsoft Help [2010.11.05 02:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2010.11.05 02:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2010.11.05 02:37:24 | 000,000,000 | RH-D | C] -- C:\MSOCache [2010.11.05 02:22:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.11.05 02:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2010.11.05 02:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010.11.05 02:21:26 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Adobe [2010.11.05 01:37:23 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\bizarre creations [2010.11.05 01:34:14 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.11.05 01:34:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.11.05 01:34:14 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2010.11.05 01:34:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.11.05 01:34:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2010.11.05 01:34:14 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.11.05 01:34:14 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2010.11.05 01:34:14 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.11.05 01:34:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.11.05 01:34:14 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.11.05 01:34:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.11.05 01:34:13 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2010.11.05 01:34:13 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2010.11.05 01:34:12 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2010.11.05 01:34:12 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2010.11.05 01:34:12 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2010.11.05 01:34:12 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2010.11.05 01:34:12 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2010.11.05 01:34:12 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2010.11.05 01:34:11 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.11.05 01:34:11 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.11.05 01:34:10 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.11.05 01:34:10 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.11.05 01:34:10 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.11.05 01:34:10 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.11.05 01:34:10 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.11.05 01:34:10 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.11.05 01:34:10 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.11.05 01:34:09 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.11.05 01:34:09 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.11.05 01:34:09 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.11.05 01:34:09 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.11.05 01:34:09 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.11.05 01:34:09 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.11.05 01:34:08 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.11.05 01:34:08 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.11.05 01:34:08 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.11.05 01:34:08 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.11.05 01:34:08 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.11.05 01:34:08 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.11.05 01:34:08 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.11.05 01:34:08 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.11.05 01:34:07 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.11.05 01:34:07 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.11.05 01:34:07 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.11.05 01:34:07 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.11.05 01:34:07 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.11.05 01:34:07 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.11.05 01:34:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.11.05 01:34:07 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.11.05 01:34:07 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.11.05 01:34:07 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.11.05 01:34:07 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.11.05 01:34:07 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.11.05 01:34:06 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.11.05 01:34:06 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.11.05 01:34:06 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.11.05 01:34:06 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.11.05 01:34:06 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.11.05 01:34:06 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.11.05 01:34:06 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.11.05 01:34:06 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.11.05 01:34:06 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.11.05 01:34:06 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.11.05 01:34:05 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.11.05 01:34:05 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.11.05 01:34:05 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.11.05 01:34:05 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.11.05 01:34:05 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.11.05 01:34:05 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.11.05 01:34:05 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.11.05 01:34:05 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.11.05 01:34:05 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.11.05 01:34:05 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.11.05 01:34:04 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.11.05 01:34:04 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.11.05 01:34:04 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.11.05 01:34:04 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.11.05 01:34:04 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.11.05 01:34:04 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.11.05 01:34:04 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.11.05 01:34:04 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.11.05 01:34:03 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2010.11.05 01:34:03 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2010.11.05 01:34:03 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2010.11.05 01:34:03 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2010.11.05 01:34:03 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2010.11.05 01:34:03 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2010.11.05 01:34:03 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2010.11.05 01:34:03 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2010.11.05 01:34:02 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2010.11.05 01:34:02 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010.11.05 01:34:02 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010.11.05 01:34:02 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010.11.05 01:34:02 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2010.11.05 01:34:02 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2010.11.05 01:34:01 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010.11.05 01:34:01 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010.11.05 01:34:01 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2010.11.05 01:34:01 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010.11.05 01:34:01 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010.11.05 01:34:01 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010.11.05 01:34:01 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2010.11.05 01:34:01 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2010.11.05 01:34:01 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2010.11.05 01:34:01 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2010.11.05 01:34:00 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010.11.05 01:34:00 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010.11.05 01:34:00 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2010.11.05 01:34:00 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2010.11.05 01:34:00 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010.11.05 01:34:00 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010.11.05 01:33:59 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2010.11.05 01:33:59 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2010.11.05 01:33:59 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2010.11.05 01:33:59 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2010.11.05 01:33:59 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2010.11.05 01:33:59 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2010.11.05 01:33:59 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2010.11.05 01:33:59 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2010.11.05 01:33:57 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010.11.05 01:33:57 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010.11.05 01:29:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision [2010.11.05 01:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z [2010.11.04 23:57:57 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\amcap.exe [2010.11.04 23:57:56 | 010,733,184 | ---- | C] (Sonix Co. Ltd.) -- C:\Windows\SysNative\drivers\snp325.sys [2010.11.04 23:57:56 | 000,980,480 | ---- | C] ( ) -- C:\Windows\SysNative\vsnp325.dll [2010.11.04 23:57:56 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll [2010.11.04 23:57:56 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll [2010.11.04 23:57:56 | 000,018,944 | ---- | C] ( ) -- C:\Windows\SysNative\csnp325.dll [2010.11.04 23:57:55 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll [2010.11.04 23:57:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2010.11.04 23:57:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\snp325 [2010.11.04 23:57:40 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\InstallShield [2010.11.04 22:23:58 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Searches [2010.11.04 22:23:50 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Identities [2010.11.04 22:23:48 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Contacts [2010.11.04 22:23:47 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\VirtualStore [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Vorlagen [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\AppData\Local\Verlauf [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\AppData\Local\Temporary Internet Files [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Startmenü [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\SendTo [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Recent [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Netzwerkumgebung [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Lokale Einstellungen [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Documents\Eigene Videos [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Documents\Eigene Musik [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Documents\Eigene Bilder [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Druckumgebung [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Cookies [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\AppData\Local\Anwendungsdaten [2010.11.04 22:23:35 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Anwendungsdaten [2010.11.04 22:23:34 | 000,000,000 | --SD | C] -- C:\Users\SAMED\AppData\Roaming\Microsoft [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Videos [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Saved Games [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Pictures [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Music [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Links [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Favorites [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Downloads [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Documents [2010.11.04 22:23:34 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Desktop [2010.11.04 22:23:34 | 000,000,000 | -HSD | C] -- C:\Users\SAMED\Eigene Dateien [2010.11.04 22:23:34 | 000,000,000 | -H-D | C] -- C:\Users\SAMED\AppData [2010.11.04 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Temp [2010.11.04 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Microsoft [2010.11.04 22:23:34 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Media Center Programs [2010.11.04 22:22:14 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2010.11.04 22:22:14 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010.11.04 22:22:14 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2010.11.04 22:22:14 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Programme [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2010.11.04 22:20:56 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.11.04 22:20:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.11.04 22:17:08 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010.11.04 22:17:02 | 000,000,000 | ---D | C] -- C:\Windows\CSC [2010.11.04 18:01:16 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Documents\KONAMI [2010.11.04 17:30:50 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010.11.04 17:30:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010.11.04 17:30:49 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010.11.04 17:30:49 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010.11.04 17:30:46 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010.11.04 17:30:46 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010.11.04 17:30:45 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010.11.04 17:30:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010.11.04 17:30:44 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010.11.04 17:30:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010.11.04 17:30:44 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010.11.04 17:30:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010.11.04 17:30:41 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010.11.04 17:30:41 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010.11.04 17:30:39 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010.11.04 17:30:39 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010.11.04 17:30:37 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010.11.04 17:30:37 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010.11.04 17:30:27 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010.11.04 17:30:27 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010.11.04 17:30:23 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010.11.04 17:30:23 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010.11.04 17:30:23 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010.11.04 17:30:23 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010.11.04 17:30:22 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010.11.04 17:30:22 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010.11.04 17:30:22 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010.11.04 17:30:22 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010.11.04 17:30:21 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010.11.04 17:30:21 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010.11.04 17:30:21 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010.11.04 17:30:21 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010.11.04 17:30:20 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010.11.04 17:30:20 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2010.11.04 17:30:19 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010.11.04 17:30:19 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010.11.04 17:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI [2010.11.04 17:29:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KONAMI [2010.11.04 17:00:43 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Macromedia [2010.11.04 17:00:42 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\Adobe [2010.11.04 17:00:35 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010.11.04 16:42:45 | 000,000,000 | R--D | C] -- C:\Users\SAMED\Desktop\APPZ [2010.11.04 16:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavalys [2010.11.04 15:56:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.11.04 15:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2010.11.04 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Documents\Meine empfangenen Dateien [2010.11.04 15:55:07 | 000,000,000 | ---D | C] -- C:\Users\SAMED\Tracing [2010.11.04 15:53:37 | 000,000,000 | ---D | C] -- C:\Windows\de [2010.11.04 15:52:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2010.11.04 15:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2010.11.04 15:51:10 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live [2010.11.04 15:51:02 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.11.04 15:49:15 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2010.11.04 15:49:15 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.11.04 15:49:14 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2010.11.04 15:49:14 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2010.11.04 15:49:01 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2010.11.04 15:49:01 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2010.11.04 15:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2010.11.04 15:48:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll [2010.11.04 15:48:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll [2010.11.04 15:48:17 | 003,860,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll [2010.11.04 15:48:17 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll [2010.11.04 15:47:49 | 001,888,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL [2010.11.04 15:47:49 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL [2010.11.04 15:47:49 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfreadwrite.dll [2010.11.04 15:47:49 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll [2010.11.04 15:47:49 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfreadwrite.dll [2010.11.04 15:47:48 | 004,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll [2010.11.04 15:47:48 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll [2010.11.04 15:46:52 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\Windows Live [2010.11.04 15:46:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2010.11.04 15:36:22 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2010.11.04 15:36:22 | 000,081,584 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2010.11.04 15:36:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.11.04 15:36:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2010.11.04 15:34:47 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\WinRAR [2010.11.04 15:34:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CPU-Z [2010.11.04 15:34:40 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR [2010.11.04 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Roaming\ATI [2010.11.04 15:31:12 | 000,000,000 | ---D | C] -- C:\Users\SAMED\AppData\Local\ATI [2010.11.04 15:31:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.11.04 15:29:48 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ATI Technologies [2010.11.04 15:29:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies [2010.11.04 15:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI [2010.11.04 15:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2010.11.04 15:29:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.11.04 15:29:11 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2010.11.04 15:29:10 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2010.11.04 15:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Core Temp ========== Files - Modified Within 30 Days ========== [2010.11.10 20:19:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.10 20:19:06 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys [2010.11.10 19:41:57 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\SAMED\Desktop\OTL.exe [2010.11.10 17:24:37 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.10 17:24:37 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.10 17:23:42 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.11.10 17:23:42 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2010.11.10 17:23:42 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.11.10 17:23:42 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2010.11.10 17:23:42 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.11.09 22:16:33 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.11.09 22:16:16 | 000,183,112 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.08 23:54:39 | 000,017,739 | ---- | M] () -- C:\Users\SAMED\Desktop\CD.nra [2010.11.07 03:35:53 | 000,004,608 | ---- | M] () -- C:\Users\SAMED\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.07 00:59:40 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm [2010.11.06 16:31:18 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat [2010.11.05 11:23:20 | 000,414,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.11.05 04:21:40 | 000,024,576 | ---- | M] () -- C:\Users\SAMED\Documents\Staatsanwaltschaft.doc [2010.11.05 04:21:07 | 000,015,659 | ---- | M] () -- C:\Users\SAMED\Documents\Staatsanwaltschaft.docx [2010.11.04 22:24:04 | 000,001,443 | ---- | M] () -- C:\Users\SAMED\Desktop\Internet Explorer.lnk [2010.11.04 22:19:01 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010.11.04 22:19:01 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2010.11.04 22:18:06 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010.11.04 22:17:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.11.04 18:03:25 | 000,000,626 | ---- | M] () -- C:\Users\SAMED\Desktop\TAMER.lnk [2010.11.04 18:02:48 | 000,000,626 | ---- | M] () -- C:\Users\SAMED\Desktop\SAMED.lnk [2010.11.04 18:02:46 | 000,000,626 | ---- | M] () -- C:\Users\SAMED\Desktop\DATEN.lnk [2010.11.04 15:54:47 | 000,001,633 | ---- | M] () -- C:\Users\SAMED\Desktop\Windows Live Messenger.lnk ========== Files Created - No Company Name ========== [2010.11.09 22:16:34 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.11.09 22:16:28 | 000,183,112 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.11.08 23:54:39 | 000,017,739 | ---- | C] () -- C:\Users\SAMED\Desktop\CD.nra [2010.11.07 03:35:52 | 000,004,608 | ---- | C] () -- C:\Users\SAMED\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.06 16:31:18 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2010.11.05 04:21:39 | 000,024,576 | ---- | C] () -- C:\Users\SAMED\Documents\Staatsanwaltschaft.doc [2010.11.05 04:21:07 | 000,015,659 | ---- | C] () -- C:\Users\SAMED\Documents\Staatsanwaltschaft.docx [2010.11.04 23:57:57 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2010.11.04 23:57:56 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe [2010.11.04 23:57:56 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2010.11.04 23:57:56 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2010.11.04 23:57:56 | 000,013,023 | ---- | C] () -- C:\Windows\snp325.src [2010.11.04 22:24:00 | 000,001,443 | ---- | C] () -- C:\Users\SAMED\Desktop\Internet Explorer.lnk [2010.11.04 22:18:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.11.04 22:17:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.11.04 22:16:41 | 3220,480,000 | -HS- | C] () -- C:\hiberfil.sys [2010.11.04 18:03:25 | 000,000,626 | ---- | C] () -- C:\Users\SAMED\Desktop\TAMER.lnk [2010.11.04 18:02:48 | 000,000,626 | ---- | C] () -- C:\Users\SAMED\Desktop\SAMED.lnk [2010.11.04 18:02:46 | 000,000,626 | ---- | C] () -- C:\Users\SAMED\Desktop\DATEN.lnk [2010.11.04 15:54:47 | 000,001,633 | ---- | C] () -- C:\Users\SAMED\Desktop\Windows Live Messenger.lnk [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report > OTL Log File 2(Extras.txt):OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 10.11.2010 20:20:25 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\SAMED\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 76,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 159,98 Gb Free Space | 65,55% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 453,59 Gb Free Space | 65,99% Space Free | Partition Type: NTFS
Computer Name: SAMED-PC | User Name: SAMED | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{34BD24DF-3B6F-8661-D4F0-0EBCACA2C834}" = ccc-utility64
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{8FCBB6DA-069C-8D08-DD99-F0881B9EECC3}" = AMD Drag and Drop Transcoding
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{CACBDC26-D504-49ED-3FEC-0CDDB3700240}" = ATI Catalyst Install Manager
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1148E85C-E1AF-48E0-A29C-68DACE07E054}" = Pro Evolution Soccer 2011
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1DE1B0F3-5897-4C66-BA18-F8A9E95FAE5C}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3604BFF4-6EC8-44D6-B147-92C2D642FEDE}" = Wheelman
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D481F91-44BA-F0FE-CD07-8B3429A2A821}" = Catalyst Control Center Graphics Previews Common
"{543A0462-62A8-59CA-8EA7-B2173DA96DAC}" = CCC Help English
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5809A31C-32FB-35CA-E1D2-0B898119E15F}" = Catalyst Control Center InstallProxy
"{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Activision(R)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6F868980-FF49-011B-2C95-409F199B9C19}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{87CC8013-56D1-43E1-A0A5-AD406B4EBA95}" = Opera 10.63
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{98EFD8F0-08DE-48DB-B922-A2EBAB711031}" = Nero 7 Premium
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E48FF52-082C-4CC2-BB67-6E10D09C0431}" = Windows Live UX Platform Language Pack
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DE042823-C359-4B87-B66B-308057E8B6AF}" = Camtasia Studio 7
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{EAEAAF8C-8E86-4CAC-AC08-1A33EDCA34AC}" = Prince of Persia The Forgotten Sands™
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"Fraps" = Fraps
"Full Version 1.5" = Full Version 1.5
"Full Version 1.5 DISC 2 " = Full Version 1.5 DISC 2
"Full Version 1.5 DISC 3 " = Full Version 1.5 DISC 3
"InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}" = Blur(TM)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"WinLiveSuite" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 04.11.2010 20:35:48 | Computer Name = SAMED-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 04.11.2010 20:35:48 | Computer Name = SAMED-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 04.11.2010 20:36:21 | Computer Name = SAMED-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 04.11.2010 21:38:54 | Computer Name = SAMED-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL".
Die
abhängige Assemblierung "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.08""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.11.2010 22:13:15 | Computer Name = SAMED-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.11.2010 19:11:08 | Computer Name = SAMED-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000130 ID des fehlerhaften Prozesses:
0xc40 Startzeit der fehlerhaften Anwendung: 0x01cb7e07e16dec7d Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Pfad des fehlerhaften
Moduls: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Berichtskennung: 22c6b084-e9fb-11df-8ae0-e0cb4e349545
Error - 06.11.2010 20:37:01 | Computer Name = SAMED-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00042cdb ID des fehlerhaften Prozesses:
0xc10 Startzeit der fehlerhaften Anwendung: 0x01cb7e094997cdf2 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Pfad des fehlerhaften
Moduls: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Berichtskennung: 222ea78c-ea07-11df-a4f7-e0cb4e349545
Error - 07.11.2010 10:44:03 | Computer Name = SAMED-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Name des fehlerhaften Moduls: Chaser.exe, Version: 1.0.0.1, Zeitstempel:
0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000bc2f5 ID des fehlerhaften Prozesses:
0x12c4 Startzeit der fehlerhaften Anwendung: 0x01cb7e83e2e4cc3e Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Pfad des fehlerhaften
Moduls: C:\Program Files (x86)\Jowood\Chaser\Chaser.exe Berichtskennung: 7693b7dc-ea7d-11df-ac22-e0cb4e349545
Error - 09.11.2010 16:22:30 | Computer Name = SAMED-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Prince of Persia.exe, Version: 1.0.0.0,
Zeitstempel: 0x4bef2f23 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00038c19 ID des fehlerhaften
Prozesses: 0xd00 Startzeit der fehlerhaften Anwendung: 0x01cb80495fcce7a4 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten
Sands\Prince of Persia.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
132d0b9c-ec3f-11df-bef4-e0cb4e349545
Error - 09.11.2010 16:28:06 | Computer Name = SAMED-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Prince of Persia.exe, Version: 1.0.0.0,
Zeitstempel: 0x4bef2f23 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16559,
Zeitstempel: 0x4ba9b29c Ausnahmecode: 0xc0000005 Fehleroffset: 0x00038c19 ID des fehlerhaften
Prozesses: 0xcec Startzeit der fehlerhaften Anwendung: 0x01cb804beabbd616 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Ubisoft\Prince of Persia The Forgotten
Sands\Prince of Persia.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung:
db5d8dc7-ec3f-11df-bef4-e0cb4e349545
[ System Events ]
Error - 08.11.2010 12:35:31 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 08.11.2010 12:35:32 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 08.11.2010 12:35:32 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 08.11.2010 12:35:33 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 10:49:30 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 10:49:31 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 10:49:31 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 10:49:32 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 10:49:32 | Computer Name = SAMED-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 09.11.2010 15:17:03 | Computer Name = SAMED-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Windows Update" wurde nicht richtig gestartet.
< End of report >
|
|
10.11.2010, 20:46
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hackhound.txt im Programme Ordner?Zitat:
 (und illegal  )Da braucht man sich auch nicht mehr über ausgespähte Logindaten wundern...  Die (Be)nutzung von Cracks, Serials und Keygens ist illegal, somit gibt es im Trojaner-Board keinen weiteren Support mehr. Für Dich geht es hier weiter => Neuaufsetzen des Systems Bitte auch alle Passwörter abändern (für E-Mail-Konten, StudiVZ, Ebay...einfach alles!) da nicht selten in dieser dubiosen Software auch Keylogger und Backdoorfunktionen stecken. Danach nie wieder sowas anrühren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Hackhound.txt im Programme Ordner? |
| anfang, datei, hallo zusammen, keylogger, msn, nichts, normale, ordner, passwort, plug-in, programme, schnelle, syswow64, wichtiges, zusammen |
Linear-Darstellung
