| |
| |||||||
Log-Analyse und Auswertung: Hat avira anti vir meinen virus entfernt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
18.11.2010, 18:50
| #1 |
 |  Hat avira anti vir meinen virus entfernt? Hallo, ich wollte mir vor kurzem einen eigenen proxyserver mit phpmyproxy erstellen , aber dann ,als ich mir das frei verfügbare php file zihen wollte, kam die melung, dass maleware gefunden wurde, natürlich hab ich sofort auf entfernen geklickt, danach einen kompletten suchlauf gemacht, aber er hat nichts gefunde, aber hab ich den virus wirklich los von meinem pc, oder ist er noch da, deswegen poste ich diese hjackthislog, angaben zum system cpu:amd phenom IIx61055t ram:4gbgskill eco 1600mhz cl7 bs:vista 32bit sp 2 hjackthis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:19:30, on 18.11.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\DAODx.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Metin2\metin2client.bin C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Users\XXX\Downloads\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\XXX\Downloads\manuelstester.com.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: XXX - C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O13 - Gopher Prefix: O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 3979 bytes hieraus sollte sich für euch profis wohl etwas offenbaren oder? mfg, Manuel |
|
18.11.2010, 22:39
| #2 |
| /// Helfer-Team  | Hat avira anti vir meinen virus entfernt? Hallo PCFREAK86,
__________________schauen wir erstmal genauer nach. Macht dein PC denn irgendwelche Probleme? Vorweg ein paar Hinweise (Bitte beachten!):
Ich geb mir Mühe, alles zu finden, was nicht auf dein System gehört, aber muss dich darauf hiweisen, dass Formatieren und Neuaufsetzen in den meisten Fällen die schnellste und sicherste Variante ist ein sauberes System zu bekommen. Wenn du trotzdem bereinigen möchtest, folgt hier die Anleitung: 1.) Avira Antivir - Was wurde gefunden? Damit wir uns die Funde deines Antivirenprogrammes mal genau ansehen können, gehe bitte wie folgt vor:
2.) Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop.
3.) Gmer - Rootkitscan Was sind Rootkits? Wichtig: Bei jedem Rootkit-Scans soll/en:
Lade Dir Gmer von dieser Seite herunter (auf den Button Download EXE drücken) und das Programm auf dem Desktop speichern.
Nun das Logfile in Code-Tags posten.
__________________ |
|
19.11.2010, 18:02
| #3 |
| | Hat avira anti vir meinen virus entfernt? Vielen Dank, für deine sehr ausführliche anleitung, erstmal zu problemen, eigentlich machte er keine, trotzdem wollte ich mal ein hjackthislog erstelln, aber dann kam das, was mich verunsichhert:
__________________Ich musste die hjackthis exe umbenennen, damit es funktionierte, also habe ich mich dazu entschieden das hjackthislog zu posten, jetzt zu den logfiles: Avira: Ereignisse Code:
ATTFilter Exportierte Ereignisse:
17.11.2010 16:17 [Scanner] Malware gefunden
Die Datei 'C:\Users\XXX\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Low\Content.IE5\1F6QJIDA\XvidSetup[1].exe'
enthielt einen Virus oder unerwünschtes Programm 'ADSPY/AdSpy.Gen2' [adware].
Durchgeführte Aktion(en):
Die Datei konnte nicht geöffnet werden!
Es wird versucht die Datei mit Hilfe des Snapshot Treibers zu durchsuchen.
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Die Datei existiert nicht!
17.11.2010 16:16 [Guard] Malware gefunden
In der Datei 'C:\Users\XXX\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Low\Content.IE5\1F6QJIDA\XvidSetup[1].exe'
wurde ein Virus oder unerwünschtes Programm 'ADSPY/AdSpy.Gen2' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.11.2010 17:40 [Guard] Malware gefunden
In der Datei 'C:\Users\XXX\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Low\Content.IE5\3IBX85QY\nobrain_dk[1].htm'
wurde ein Virus oder unerwünschtes Programm 'JOKE/Nobrain.4859' [joke] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Code:
ATTFilter OTL logfile created on: 19.11.2010 17:13:00 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Manuel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 174,34 Gb Free Space | 74,86% Space Free | Partition Type: NTFS Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.11.19 17:11:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Downloads\OTL.exe PRC - [2010.11.14 15:44:50 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe PRC - [2010.11.05 14:55:57 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.05 14:55:57 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.05 14:55:57 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.09.08 07:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2010.08.26 02:57:32 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010.03.15 03:21:18 | 001,780,224 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2010.01.22 11:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.04.10 22:28:16 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE PRC - [2009.04.10 22:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.30 07:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2010.11.19 17:11:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\XXX\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.11.05 14:55:57 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.05 14:55:57 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Manuel\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - [2010.11.05 14:55:57 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.05 14:55:57 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2010.08.26 02:20:36 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010.07.15 13:47:24 | 000,099,344 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010.03.02 12:27:28 | 001,127,936 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2010.02.09 04:53:32 | 000,244,256 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.01.22 11:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010.01.22 11:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2010.01.11 12:28:30 | 000,099,952 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID) DRV - [2009.10.19 13:45:54 | 000,031,288 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.05.05 02:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.10.18 06:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.25 17:02:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.15 17:12:30 | 000,000,000 | ---D | M] [2010.10.25 17:28:56 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\mozilla\Extensions [2010.11.05 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions [2010.10.30 11:44:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\XXX\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.10.31 13:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXX\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.10.25 18:29:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.10.25 17:07:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.25 18:29:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.14 22:32:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.14 22:32:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.14 22:32:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.14 22:32:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.14 22:32:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\XXX\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\XXX\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\.\Bin\ASSETUP.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.18 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\XXX\Desktop\EasyMetin2_de_1.0.6.1836 [2010.11.16 20:43:48 | 000,000,000 | ---D | C] -- C:\Programme\Metin2 [2010.11.15 18:44:08 | 000,000,000 | ---D | C] -- C:\Programme\Fraps [2010.11.12 23:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark [2010.11.12 22:50:53 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP [2010.11.12 22:50:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010.11.12 22:50:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010.11.12 22:50:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010.11.12 22:50:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010.11.12 22:50:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010.11.12 22:50:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010.11.12 22:50:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010.11.12 22:50:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010.11.12 22:50:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010.11.12 22:50:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010.11.12 22:50:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010.11.12 22:50:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010.11.12 22:50:43 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010.11.12 22:50:42 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010.11.12 22:50:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010.11.12 22:50:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010.11.12 22:50:41 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010.11.12 22:50:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010.11.12 22:50:40 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010.11.12 22:50:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010.11.12 22:50:40 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010.11.12 22:50:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010.11.12 22:50:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010.11.12 22:50:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010.11.12 22:50:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010.11.12 22:50:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010.11.12 22:50:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.11.12 22:50:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010.11.12 22:50:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010.11.12 22:50:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.11.12 22:50:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010.11.12 22:50:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010.11.12 22:50:36 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010.11.12 22:50:36 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010.11.12 22:50:36 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010.11.12 22:50:15 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010.11.12 22:50:14 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010.11.12 22:50:14 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010.11.12 22:50:13 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010.11.12 22:50:12 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010.11.12 22:50:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010.11.12 22:50:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010.11.12 22:50:07 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2010.11.12 22:50:04 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010.11.12 20:59:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.11.11 14:26:39 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\The Lord of the Rings Online [2010.11.11 14:26:39 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\The Lord of the Rings Online [2010.11.11 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Turbine [2010.11.11 11:59:10 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010.11.11 11:58:42 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ApplicationHistory [2010.11.11 11:56:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP [2010.11.11 11:28:12 | 000,000,000 | ---D | C] -- C:\Programme\Codemasters [2010.11.11 09:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink [2010.11.11 09:42:06 | 000,000,000 | ---D | C] -- C:\Programme\DVD Shrink [2010.11.10 22:02:35 | 000,000,000 | ---D | C] -- C:\Windows\temp [2010.11.10 12:42:27 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2010.11.10 12:42:27 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL [2010.11.10 12:42:26 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2010.11.10 12:41:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Futuremark [2010.11.10 12:41:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Futuremark Shared [2010.11.10 12:39:57 | 000,000,000 | ---D | C] -- C:\Programme\Futuremark [2010.11.10 11:53:48 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\PMB Files [2010.11.10 11:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010.11.10 11:53:34 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks [2010.11.06 21:01:01 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\website 2 [2010.11.06 18:45:28 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\css [2010.11.06 17:56:46 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\FileZilla [2010.11.06 17:56:43 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client [2010.11.06 17:00:40 | 000,000,000 | R--D | C] -- C:\Users\XXX\Documents\Website [2010.11.05 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Need for Speed World [2010.10.31 13:42:41 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers [2010.10.31 13:42:31 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\DVDVideoSoft [2010.10.31 13:42:24 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DVDVideoSoft [2010.10.31 13:42:23 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft [2010.10.31 13:00:06 | 000,000,000 | ---D | C] -- C:\Programme\BitTorrent [2010.10.31 12:59:08 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\BitTorrent [2010.10.29 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2010.10.28 15:13:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010.10.27 17:34:55 | 000,000,000 | ---D | C] -- C:\Programme\MSECache [2010.10.27 17:31:24 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\OpenOffice.org [2010.10.27 15:51:25 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices [2010.10.27 13:38:18 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2010.10.27 13:38:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2010.10.27 13:38:18 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2010.10.27 13:37:56 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.10.27 13:37:56 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.10.27 13:37:55 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.10.27 13:37:55 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.10.27 13:37:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.10.27 13:37:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.10.27 13:37:54 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.10.27 13:37:54 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.10.27 13:37:54 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.10.27 13:37:54 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.10.27 13:37:54 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.10.27 13:37:54 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.10.27 13:37:54 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.10.27 13:37:54 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.10.27 13:37:53 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.10.27 13:37:53 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.10.27 13:37:53 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.10.27 13:37:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.10.27 13:37:53 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.10.27 13:37:53 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.10.27 13:37:53 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.10.27 13:37:53 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.10.27 13:37:53 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.10.27 13:37:53 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.10.27 13:37:53 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.10.27 13:37:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2010.10.27 13:37:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2010.10.27 13:37:34 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2010.10.27 13:37:33 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2010.10.27 13:37:33 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2010.10.27 13:37:33 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.10.27 13:37:33 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2010.10.27 13:37:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.10.27 13:37:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.10.27 13:37:06 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2010.10.27 13:37:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2010.10.27 13:32:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.10.27 13:12:32 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.10.27 13:12:31 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.10.27 13:12:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.10.26 18:09:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2010.10.26 18:08:41 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.10.26 18:08:41 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.10.26 18:08:41 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.10.26 18:06:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2010.10.26 18:06:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2010.10.26 13:45:49 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.10.26 13:45:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard [2010.10.26 13:44:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.10.26 13:44:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.10.26 13:44:55 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.10.26 13:41:53 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.10.26 13:41:04 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.10.26 13:29:33 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD Entertainment AG [2010.10.26 13:26:14 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.10.26 13:26:14 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.10.26 13:26:00 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.26 13:25:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.10.26 13:24:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2010.10.26 13:24:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE [2010.10.26 13:24:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE [2010.10.26 13:24:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE [2010.10.26 13:24:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe [2010.10.26 13:24:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE [2010.10.26 13:24:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE [2010.10.26 13:22:58 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2010.10.26 13:22:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2010.10.26 13:22:58 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll [2010.10.26 13:22:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2010.10.26 13:22:45 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.10.26 13:22:33 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2010.10.26 13:22:33 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2010.10.26 13:22:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.10.26 13:21:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.26 13:21:14 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2010.10.26 13:21:07 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2010.10.26 13:21:00 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.10.26 13:21:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.10.26 13:21:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.10.26 13:21:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2010.10.26 13:20:51 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2010.10.26 13:20:47 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.26 13:20:47 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.26 13:20:44 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.10.26 13:20:36 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.10.26 13:20:25 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.10.26 13:20:20 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.10.26 13:20:13 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.26 13:20:11 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm [2010.10.26 13:20:11 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2010.10.26 13:19:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb [2010.10.26 13:19:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb [2010.10.26 13:19:42 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010.10.26 13:19:41 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010.10.26 13:19:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010.10.26 13:19:40 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010.10.26 13:19:40 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010.10.26 13:19:40 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010.10.26 13:19:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2010.10.26 13:19:40 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010.10.26 13:19:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010.10.26 13:19:01 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2010.10.26 13:18:58 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2010.10.26 13:17:36 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.10.26 13:17:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll [2010.10.26 13:17:35 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010.10.26 13:17:35 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010.10.26 13:17:32 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2010.10.26 13:08:51 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2010.10.26 13:08:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2010.10.26 13:08:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2010.10.26 13:08:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2010.10.26 13:08:11 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.10.26 12:56:48 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Avira [2010.10.25 20:45:10 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Electronic_Arts_Inc [2010.10.25 20:27:40 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.10.25 20:27:40 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.10.25 20:27:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.10.25 20:27:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.10.25 20:27:39 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.10.25 20:27:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.10.25 20:27:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.10.25 20:27:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.10.25 20:27:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.10.25 20:27:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.10.25 20:27:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.10.25 20:27:35 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.10.25 20:27:34 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010.10.25 20:27:34 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010.10.25 20:27:34 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.10.25 20:27:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.10.25 20:27:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.10.25 20:27:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010.10.25 20:27:34 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010.10.25 20:27:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010.10.25 20:27:33 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010.10.25 20:27:33 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010.10.25 20:27:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010.10.25 20:27:33 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.10.25 20:27:32 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010.10.25 20:27:32 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010.10.25 20:27:31 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010.10.25 20:27:31 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010.10.25 20:27:31 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010.10.25 20:27:31 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010.10.25 20:27:30 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010.10.25 20:27:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010.10.25 20:27:30 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010.10.25 20:27:29 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010.10.25 20:27:29 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010.10.25 20:27:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010.10.25 20:27:29 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010.10.25 20:27:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010.10.25 20:27:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010.10.25 20:27:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010.10.25 20:27:29 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010.10.25 20:27:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010.10.25 20:27:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010.10.25 20:22:17 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010.10.25 20:22:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010.10.25 20:22:05 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2010.10.25 20:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010.10.25 18:32:00 | 000,000,000 | ---D | C] -- C:\Programme\TmNationsForever [2010.10.25 18:29:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.10.25 18:29:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.25 18:29:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.25 18:29:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.10.25 18:03:17 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.25 18:03:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.10.25 18:03:16 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.25 18:03:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.25 18:03:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.25 18:03:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.25 18:03:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.25 18:03:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.25 18:03:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.10.25 18:03:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.10.25 18:03:14 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.25 18:03:14 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.25 18:03:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.10.25 18:03:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.10.25 18:03:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.10.25 18:03:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.25 18:03:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.10.25 18:00:11 | 000,000,000 | ---D | C] -- C:\Programme\LucasArts [2010.10.25 17:59:22 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.10.25 17:59:22 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.10.25 17:59:22 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.10.25 17:59:22 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.10.25 17:59:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.10.25 17:59:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.10.25 17:59:22 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.10.25 17:59:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2010.10.25 17:59:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.10.25 17:59:21 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2010.10.25 17:59:21 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.10.25 17:59:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.10.25 17:59:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.10.25 17:59:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.10.25 17:59:20 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.10.25 17:59:20 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.10.25 17:59:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.10.25 17:59:19 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010.10.25 17:59:19 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.10.25 17:59:18 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2010.10.25 17:59:18 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.10.25 17:59:18 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.10.25 17:59:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010.10.25 17:54:51 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\TrackMania [2010.10.25 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\XXX\Documents\ArcaniA - Gothic 4 [2010.10.25 17:47:07 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Downloader [2010.10.25 17:46:55 | 000,000,000 | ---D | C] -- C:\Programme\Downloader [2010.10.25 17:44:10 | 000,000,000 | -HSD | C] -- C:\Boot [2010.10.25 17:33:41 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Macromedia [2010.10.25 17:33:41 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Adobe [2010.10.25 17:33:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.10.25 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Skype [2010.10.25 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Mozilla [2010.10.25 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Mozilla [2010.10.25 17:21:16 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DifxApi.dll [2010.10.25 17:20:49 | 000,099,952 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\jraid.sys [2010.10.25 17:20:46 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool [2010.10.25 17:19:53 | 000,000,000 | ---D | C] -- C:\Programme\NEC Electronics [2010.10.25 17:19:31 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Downloaded Installations [2010.10.25 17:18:58 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2010.10.25 17:18:58 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2010.10.25 17:18:53 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2010.10.25 17:18:53 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2010.10.25 17:18:53 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2010.10.25 17:18:49 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2010.10.25 17:18:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2010.10.25 17:18:04 | 000,244,256 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys [2010.10.25 17:18:04 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2010.10.25 17:17:51 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.10.25 17:17:39 | 000,000,000 | ---D | C] -- C:\Programme\DIFX [2010.10.25 17:17:31 | 000,031,288 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2010.10.25 17:17:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010.10.25 17:17:30 | 000,000,000 | ---D | C] -- C:\Programme\AMD [2010.10.25 17:17:17 | 000,014,392 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\drivers\AtiPcie.sys [2010.10.25 17:15:47 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2010.10.25 17:14:39 | 000,881,664 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\VIAPropPageExt.dll [2010.10.25 17:14:39 | 000,181,248 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\ViaMicArrayAPO.dll [2010.10.25 17:14:39 | 000,076,288 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll [2010.10.25 17:14:39 | 000,075,776 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\Dts2PropPageExt.dll [2010.10.25 17:14:39 | 000,071,680 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll [2010.10.25 17:14:38 | 001,127,936 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viahduaa.sys [2010.10.25 17:14:38 | 000,504,320 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\VIASysFx.dll [2010.10.25 17:14:38 | 000,211,456 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll [2010.10.25 17:14:38 | 000,068,608 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll [2010.10.25 17:14:09 | 000,000,000 | ---D | C] -- C:\Programme\VIA [2010.10.25 17:13:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield [2010.10.25 17:11:04 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Google [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\ATI [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\ATI [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.10.25 17:09:05 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\FlashGet [2010.10.25 17:09:01 | 000,000,000 | R--D | C] -- C:\Users\XXX\Searches [2010.10.25 17:08:52 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Identities [2010.10.25 17:08:50 | 000,000,000 | R--D | C] -- C:\Users\XXX\Contacts [2010.10.25 17:08:49 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\VirtualStore [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\MXXX\Vorlagen [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Verlauf [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\XXX\AppData\Local\Temporary Internet Files [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Startmenü [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\SendTo [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Recent [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Netzwerkumgebung [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Lokale Einstellungen [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Videos [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Musik [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Eigene Dateien [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Bilder [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Druckumgebung [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Cookies [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\XXXl\AppData\Local\Anwendungsdaten [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\XXX\Anwendungsdaten [2010.10.25 17:08:45 | 000,000,000 | --SD | C] -- C:\Users\XXX\AppData\Roaming\Microsoft [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Videos [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Saved Games [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Pictures [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Music [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Links [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Favorites [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Downloads [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Documents [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\XXX\Desktop [2010.10.25 17:08:45 | 000,000,000 | -H-D | C] -- C:\Users\XXX\AppData [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Temp [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Microsoft [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Roaming\Media Center Programs [2010.10.25 17:08:36 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.10.25 17:07:56 | 000,000,000 | ---D | C] -- C:\Programme\JRE [2010.10.25 17:07:54 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3 [2010.10.25 17:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.10.25 17:07:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.10.25 17:07:27 | 000,000,000 | ---D | C] -- C:\Programme\Java [2010.10.25 17:04:45 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2010.10.25 17:04:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.10.25 17:04:34 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.10.25 17:04:34 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.10.25 17:04:34 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.10.25 17:04:34 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.10.25 17:04:34 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2010.10.25 17:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.10.25 17:04:03 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2010.10.25 17:03:46 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.10.25 17:03:38 | 000,000,000 | ---D | C] -- C:\ATI [2010.10.25 17:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.10.25 17:03:24 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.10.25 17:03:24 | 000,000,000 | ---D | C] -- C:\Programme\FlashGet [2010.10.25 17:03:20 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2010.10.25 17:03:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.10.25 17:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.10.25 17:02:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Programme [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.10.25 16:53:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.10.25 16:52:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.11.19 17:14:27 | 000,638,972 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.19 17:14:27 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.19 17:14:27 | 000,131,012 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.19 17:14:27 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.19 17:07:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 17:07:25 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.19 17:07:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.19 17:07:20 | 3353,534,464 | -HS- | M] () -- C:\hiberfil.sys [2010.11.18 15:24:40 | 006,285,042 | ---- | M] () -- C:\Users\XXX\Desktop\EasyMetin2_de_1.0.6.1836.exe [2010.11.16 15:49:18 | 000,013,004 | ---- | M] () -- C:\Users\XXX\Documents\index2.html [2010.11.16 15:42:14 | 000,000,563 | ---- | M] () -- C:\Users\XXX\Documents\index.html [2010.11.16 15:18:48 | 000,008,459 | ---- | M] () -- C:\Users\XXX\Documents\proxi.html [2010.11.11 11:58:43 | 000,000,094 | ---- | M] () -- C:\Users\XXX\AppData\Local\fusioncache.dat [2010.11.11 10:32:25 | 000,008,704 | ---- | M] () -- C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.10 12:52:43 | 000,027,497 | ---- | M] () -- C:\Users\XXX\Documents\hd5850 phenom ii x6 1055t.3dr [2010.11.10 12:42:27 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2010.11.10 12:42:26 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2010.11.05 14:55:57 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.11.05 14:55:57 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.10.27 15:53:43 | 000,252,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.10.27 15:50:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.10.25 17:44:11 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010.10.25 17:24:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010.10.25 17:20:28 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2010.10.25 17:15:18 | 000,000,680 | ---- | M] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat [2010.10.25 17:12:37 | 000,031,111 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2010.10.25 17:04:38 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.25 16:54:34 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.11.18 15:24:37 | 006,285,042 | ---- | C] () -- C:\Users\XXX\Desktop\EasyMetin2_de_1.0.6.1836.exe [2010.11.16 15:49:18 | 000,013,004 | ---- | C] () -- C:\Users\XXX\Documents\index2.html [2010.11.16 15:42:14 | 000,000,563 | ---- | C] () -- C:\Users\XXX\Documents\index.html [2010.11.16 15:18:48 | 000,008,459 | ---- | C] () -- C:\Users\XXX\Documents\proxi.html [2010.11.11 11:58:43 | 000,000,094 | ---- | C] () -- C:\Users\XXX\AppData\Local\fusioncache.dat [2010.11.10 12:52:43 | 000,027,497 | ---- | C] () -- C:\Users\XXX\Documents\hd5850 phenom ii x6 1055t.3dr [2010.10.27 15:50:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.10.26 13:22:58 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2010.10.25 18:01:02 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.10.25 17:44:11 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2010.10.25 17:44:10 | 000,333,257 | RHS- | C] () -- C:\bootmgr [2010.10.25 17:24:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.10.25 17:24:02 | 3353,534,464 | -HS- | C] () -- C:\hiberfil.sys [2010.10.25 17:18:04 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010.10.25 17:13:57 | 000,008,704 | ---- | C] () -- C:\Users\XXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.25 17:12:35 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2010.10.25 17:12:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.10.25 17:12:24 | 000,031,111 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010.10.25 17:08:48 | 000,000,680 | ---- | C] () -- C:\Users\XXX\AppData\Local\d3d9caps.dat [2010.10.25 17:04:38 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.25 16:51:23 | 000,252,448 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2010.09.25 10:37:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.08.26 02:19:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== LOP Check ========== [2010.10.31 13:20:58 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\BitTorrent [2010.10.31 13:42:41 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.17 16:49:51 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\FileZilla [2010.10.25 17:09:05 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\FlashGet [2010.11.05 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\Need for Speed World [2010.10.27 17:31:24 | 000,000,000 | ---D | M] -- C:\Users\XXX\AppData\Roaming\OpenOffice.org [2010.11.18 19:00:45 | 000,019,014 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 19.11.2010 17:13:00 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Manuel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 63,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 174,34 Gb Free Space | 74,86% Space Free | Partition Type: NTFS
Computer Name: XXX-PC | User Name: XXX| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1199145D-4C76-4807-896B-92B1FACBD446}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{3322025D-3C19-4A4B-AC5B-1F7CAEF1E4C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96D8A89C-4C9A-4F76-803A-AB27D3111D3C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{A8A30061-B06F-4A4C-83B5-6FE69DA416AC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C2ECF533-E4CF-4A3E-AC84-5337F74E4D45}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D4C6776F-D681-4485-8CED-107E888F9CE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D82366EE-F16F-4B77-8A63-6A847E751DDA}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DC2C4473-1A9A-4664-8554-FF0B79EF0479}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F6B9D18E-CF19-4F1D-9F87-B07FE50AA1FC}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{0630508F-8E2B-4467-90E7-1A6F47B8ED38}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{26BFE055-1EC7-4E3D-900F-8129F3D50DDE}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{45101EE2-94AF-469D-9D9C-0A7CCC84E1AD}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{552E53B4-9687-4C31-8A93-5FE8921B5BDD}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{A4F034A4-1945-4D10-8DA8-6148AECC3BA2}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{C26E5184-E347-4AB2-A8F1-D622EFEF41AD}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{E24B5BF4-B6E9-4946-9CED-F1686C00F17C}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{F80D2955-245D-45A2-B9EB-34096A422D35}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{173B10FF-C72E-4E7A-8C50-5C3F0498406E}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{22847651-C0B1-4FCB-9F48-F225F812887D}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{27C11514-8754-4392-B005-7FB52C4E0D0B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2AC9C44B-906B-4932-A5D3-DA98AA6079AD}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{9F5EB8E0-19A4-4643-8A72-5A0DF43CE605}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{A1632BD8-320E-42E5-9647-172D41B6646F}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
"UDP Query User{A4DBE9E8-01EF-44D4-94DF-1C838A8CCDE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{DB55856D-FFA7-4081-9FCC-26E94F9C5FD4}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DC7E02-3EEE-D01E-60D1-103A0DA2C3BF}" = Catalyst Control Center Graphics Previews Common
"{56AAE9D5-3D96-8D1D-C4C4-0290B21CE901}" = ccc-core-static
"{59ADFE8C-AD8C-2B04-6940-2D417FBAD111}" = CCC Help English
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AF2E5BA0-759C-926D-6C3F-11A3751C286E}" = Catalyst Control Center Graphics Previews Vista
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C969744F-EB74-5868-719E-D4B1F3D0792F}" = ccc-utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE03D1DC-FD8D-2F5C-5FAD-02570BA0383B}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{F34D6DAE-7777-5C40-E143-8A0D6A048F75}" = ATI Catalyst Install Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Downloader" = Downloader
"DVD Shrink_is1" = DVD Shrink 3.2
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"HijackThis" = HijackThis 2.0.2
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OpenAL" = OpenAL
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 13.11.2010 16:04:32 | Computer Name = XXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.11.2010 10:35:18 | Computer Name = XXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 15.11.2010 12:13:52 | Computer Name = XXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.11.2010 09:43:48 | Computer Name = XXX-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.11.2010 11:08:47 | Computer Name = Manuel-PC | Source = Application Hang | ID = 1002
Description = Programm BattlefrontII.exe, Version 0.0.0.0 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 11f0 Anfangszeit: 01cb859e5aeff527 Zeitpunkt
der Beendigung: 6448
Error - 16.11.2010 12:58:17 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2010 12:58:17 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2010 12:58:17 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2010 12:58:17 | Computer Name = XXX-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 16.11.2010 12:58:33 | Computer Name = XXX-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = XXX-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 05.11.2010 13:31:48 | Computer Name = XXX-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Code:
ATTFilter GMER 1.0.15.15530 - hxxp://www.gmer.net
Rootkit scan 2010-11-19 17:34:16
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-6 ExcelStor_Technology_J9250S rev.GM2OA52A
Running: g85g8kbx.exe; Driver: C:\Users\XXX\AppData\Local\Temp\uwryypog.sys
---- Kernel code sections - GMER 1.0.15 ----
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9000C000, 0x341E0C, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!CreateWindowExW 75761305 5 Bytes JMP 7073DB44 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!DialogBoxParamW 757810B0 5 Bytes JMP 706654F5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!DialogBoxIndirectParamW 75782EF5 5 Bytes JMP 70835027 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!DialogBoxParamA 75798152 5 Bytes JMP 70834FC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!DialogBoxIndirectParamA 7579847D 5 Bytes JMP 7083508A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!MessageBoxIndirectA 757AD4D9 5 Bytes JMP 70834F59 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!MessageBoxIndirectW 757AD5D3 5 Bytes JMP 70834EEE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!MessageBoxExA 757AD639 5 Bytes JMP 70834E8C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[1824] USER32.dll!MessageBoxExW 757AD65D 5 Bytes JMP 70834E2A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CreateDialogParamW 757572A2 5 Bytes JMP 7073DED0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!GetAsyncKeyState 7575863C 5 Bytes JMP 70658F0F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!SetWindowsHookExW 757587AD 5 Bytes JMP 70739AED C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CallNextHookEx 75758E3B 5 Bytes JMP 7072D14D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!UnhookWindowsHookEx 757598DB 5 Bytes JMP 706A4686 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!EnableWindow 7575CD8B 5 Bytes JMP 7073DD5D C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CreateWindowExW 75761305 5 Bytes JMP 7073DB44 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!GetKeyState 75768CB1 5 Bytes JMP 7073D30B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!IsDialogMessageW 75770745 5 Bytes JMP 70665A07 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CreateDialogParamA 757717AA 5 Bytes JMP 70835C93 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!IsDialogMessage 75771847 5 Bytes JMP 7083552F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CreateDialogIndirectParamA 757726F1 5 Bytes JMP 70835CCA C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!CreateDialogIndirectParamW 75779A62 5 Bytes JMP 70835D01 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!SetKeyboardState 75780987 5 Bytes JMP 7083589E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!DialogBoxParamW 757810B0 5 Bytes JMP 706654F5 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!DialogBoxIndirectParamW 75782EF5 5 Bytes JMP 70835027 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!SendInput 75782F75 5 Bytes JMP 7083645B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!EndDialog 7578326E 5 Bytes JMP 70667EAE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!SetCursorPos 75796FB2 5 Bytes JMP 708364AF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!DialogBoxParamA 75798152 5 Bytes JMP 70834FC4 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!DialogBoxIndirectParamA 7579847D 5 Bytes JMP 7083508A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!MessageBoxIndirectA 757AD4D9 5 Bytes JMP 70834F59 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!MessageBoxIndirectW 757AD5D3 5 Bytes JMP 70834EEE C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!MessageBoxExA 757AD639 5 Bytes JMP 70834E8C C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!MessageBoxExW 757AD65D 5 Bytes JMP 70834E2A C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] USER32.dll!keybd_event 757AD972 5 Bytes JMP 708367DF C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] SHELL32.dll!SHRestricted + D95 75D589A8 4 Bytes [4D, 30, 8E, 6B]
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] SHELL32.dll!SHRestricted + D9D 75D589B0 8 Bytes [57, 2F, 8E, 6B, 9C, 5B, 8D, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] ole32.dll!OleLoadFromStream 768E1E80 5 Bytes JMP 7083538F C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[2612] ole32.dll!CoCreateInstance 76919F3E 5 Bytes JMP 7073DBA0 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
hoffentlich lässt sich damit was anfangen mfg, Manuel |
|
21.11.2010, 16:54
| #4 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? Die Funde wurden in den temporären Internetdateien gemacht und haben sich nicht auf deinem Computer breitgemacht. Also erstmal halb so wild  Noch eine Frage, hast du diesen Benutzer angelegt? Code:
ATTFilter [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\XXX\AppData\Local\Microsoft
1.) Fixen mit OTL
2.) Hijackthis Du benutzt eine nicht aktuelle Version, die neueste ist HijackThis 2.0.4. Deinstalliere HijackThis und lade dir zb HIER die neueste Version 2.0.4. und installiere es. Schau mal, ob du das Programm dann ohne umbenennen benutzen kannst. Btw. Kleiner Hinweis, wenn du eine Dateierweiterung ala "EXE" umändern möchtest, musst du vorher die Dateierweiterungen sichtbar machen, sonst hast du eine doppelte Endung bei der aber nur die zweite gültig ist: C:\Users\XXX\Downloads\manuelstester.com.exe
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte!  |
|
21.11.2010, 18:31
| #5 |
| | Hat avira anti vir meinen virus entfernt? Hallo, das Problem mit dem Umbennennen hat sich erledigt, hier nun nochmal das otl logfile Code:
ATTFilter All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96d65bb3-e04f-11df-a27e-806e6f6e6963}\ not found.
File D:\.\Bin\ASSETUP.exe not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: XXX
->Temp folder emptied: 985689 bytes
->Temporary Internet Files folder emptied: 53277141 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 48459808 bytes
->Flash cache emptied: 2430 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 2132132 bytes
Total Files Cleaned = 100,00 mb
OTL by OldTimer - Version 3.2.17.3 log created on 11212010_180448
Files\Folders moved on Reboot...
Registry entries deleted on Reboot...
Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:24:56, on 21.11.2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18975) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\DAODx.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\XXX\Downloads\hijackthis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST') O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\XXX\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- End of file - 3828 bytes den hab ich nur editiert, wobei mein BEnutzer name eh keinen Nachnamen sondern nur meinen Vornamen enthält, mit dem ich eh immer grüße, finde ich es nicht notwendig, ist es ok, wenn ich, falls nochmal Logfiles erforderlichsind, nur die Links editiere? mfg, Manuel |
|
21.11.2010, 18:51
| #6 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? Ja, erstell bitte neue Logfiles mit OTL nach obiger Anleitung und lass die Benutzernamen dann stehen.
__________________ --> Hat avira anti vir meinen virus entfernt? |
|
21.11.2010, 19:45
| #7 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? Und mach das bitte auch noch: Start -> Ausführen -> compmgmt.msc reintippen oder hineinkopieren -> Unter "System" auf "Lokale Benutzer und Gruppen" -> Rechtsklick auf "Benutzer" und im Kontextmenü "Liste exportieren" wählen. Speichere diese Liste auf dem Desktop und poste mir den Inhalt, schreib dazu hinter jeden aufgelisteten Benutzer, ob du ihn angelegt hast, bzw. nutzt.
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
22.11.2010, 16:41
| #8 |
| | Hat avira anti vir meinen virus entfernt? So hier die neuen logfiles: otl.txt: CODE]OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.11.2010 16:32:24 - Run 2 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Manuel\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18975) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 232,88 Gb Total Space | 176,38 Gb Free Space | 75,74% Space Free | Partition Type: NTFS Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2010.11.19 17:11:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Downloads\OTL.exe PRC - [2010.11.14 15:44:50 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10l_ActiveX.exe PRC - [2010.11.05 14:55:57 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2010.11.05 14:55:57 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2010.11.05 14:55:57 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2010.09.08 07:02:42 | 000,638,232 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe PRC - [2010.08.26 02:57:32 | 000,380,928 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010.03.15 03:21:18 | 001,780,224 | R--- | M] (VIA) -- C:\Programme\VIA\VIAudioi\VDeck\VDeck.exe PRC - [2010.01.22 11:29:40 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Programme\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2009.04.10 22:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.10 22:27:46 | 001,792,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mmc.exe PRC - [2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.03.30 07:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe ========== Modules (SafeList) ========== MOD - [2010.11.19 17:11:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Manuel\Downloads\OTL.exe MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll ========== Win32 Services (SafeList) ========== SRV - [2010.11.05 14:55:57 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2010.11.05 14:55:57 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2010.08.26 02:57:04 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.03.18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache) SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Manuel\AppData\Local\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - [2010.11.05 14:55:57 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb) DRV - [2010.11.05 14:55:57 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2010.08.26 04:36:28 | 006,380,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2010.08.26 02:20:36 | 000,221,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2010.07.15 13:47:24 | 000,099,344 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService) DRV - [2010.03.02 12:27:28 | 001,127,936 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService) DRV - [2010.02.09 04:53:32 | 000,244,256 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2010.01.22 11:21:48 | 000,139,648 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc) DRV - [2010.01.22 11:21:46 | 000,059,904 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub) DRV - [2010.01.11 12:28:30 | 000,099,952 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\jraid.sys -- (JRAID) DRV - [2009.10.19 13:45:54 | 000,031,288 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2009.05.05 02:00:28 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR) DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320) DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas) DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m) DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4) DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs) DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci) DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS) DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300) DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R) DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas) DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV) DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid) DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI) DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC) DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc) DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor) DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx) DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid) DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor) DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci) DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide) DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide) DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide) DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx) DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata) DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960) DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp) DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx) DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid) DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi) DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx) DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3) DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x) DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi) DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM) DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer) DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp) DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo) DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm) DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm) DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi) DRV - [2006.10.18 06:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.25 17:02:12 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.15 17:12:30 | 000,000,000 | ---D | M] [2010.10.25 17:28:56 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\mozilla\Extensions [2010.11.05 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions [2010.10.30 11:44:36 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.10.31 13:42:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Manuel\AppData\Roaming\mozilla\Firefox\Profiles\kwoswfvh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.10.25 18:29:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.10.25 17:07:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.10.25 18:29:02 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010.09.15 03:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.09.14 22:32:39 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.09.14 22:32:39 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.09.14 22:32:39 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.09.14 22:32:39 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.09.14 22:32:39 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.11.21 18:04:48 | 000,000,000 | ---D | C] -- C:\_OTL [2010.11.20 15:58:30 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\gtk-2.0 [2010.11.20 15:58:30 | 000,000,000 | ---D | C] -- C:\Users\Manuel\.thumbnails [2010.11.20 15:31:53 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\gegl-0.0 [2010.11.20 15:31:53 | 000,000,000 | ---D | C] -- C:\Users\Manuel\.gimp-2.6 [2010.11.20 15:31:23 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0 [2010.11.18 15:32:33 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Desktop\EasyMetin2_de_1.0.6.1836 [2010.11.16 20:43:48 | 000,000,000 | ---D | C] -- C:\Programme\Metin2 [2010.11.15 18:44:08 | 000,000,000 | ---D | C] -- C:\Programme\Fraps [2010.11.12 23:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark [2010.11.12 22:50:47 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010.11.12 22:50:47 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010.11.12 22:50:47 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010.11.12 22:50:46 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010.11.12 22:50:46 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010.11.12 22:50:46 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010.11.12 22:50:45 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010.11.12 22:50:45 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010.11.12 22:50:45 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010.11.12 22:50:44 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010.11.12 22:50:43 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010.11.12 22:50:43 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010.11.12 22:50:43 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010.11.12 22:50:42 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010.11.12 22:50:42 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010.11.12 22:50:42 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010.11.12 22:50:41 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010.11.12 22:50:41 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010.11.12 22:50:40 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010.11.12 22:50:40 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010.11.12 22:50:40 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010.11.12 22:50:39 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010.11.12 22:50:39 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010.11.12 22:50:38 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010.11.12 22:50:38 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010.11.12 22:50:38 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010.11.12 22:50:37 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.11.12 22:50:37 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010.11.12 22:50:37 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010.11.12 22:50:36 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.11.12 22:50:36 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010.11.12 22:50:36 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010.11.12 22:50:36 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010.11.12 22:50:36 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010.11.12 22:50:36 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010.11.12 22:50:15 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010.11.12 22:50:14 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010.11.12 22:50:14 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010.11.12 22:50:13 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010.11.12 22:50:12 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010.11.12 22:50:10 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010.11.12 22:50:09 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010.11.12 22:50:07 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2010.11.12 22:50:04 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010.11.12 20:59:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.11.11 14:26:39 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\The Lord of the Rings Online [2010.11.11 14:26:39 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\The Lord of the Rings Online [2010.11.11 12:03:26 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Turbine [2010.11.11 11:59:10 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010.11.11 11:58:42 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\ApplicationHistory [2010.11.11 11:56:33 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP [2010.11.11 11:28:12 | 000,000,000 | ---D | C] -- C:\Programme\Codemasters [2010.11.11 09:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink [2010.11.11 09:42:06 | 000,000,000 | ---D | C] -- C:\Programme\DVD Shrink [2010.11.10 22:02:35 | 000,000,000 | ---D | C] -- C:\Windows\temp [2010.11.10 12:42:27 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2010.11.10 12:42:27 | 000,000,000 | ---D | C] -- C:\Programme\OpenAL [2010.11.10 12:42:26 | 000,110,592 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2010.11.10 12:41:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Futuremark [2010.11.10 12:41:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Futuremark Shared [2010.11.10 12:39:57 | 000,000,000 | ---D | C] -- C:\Programme\Futuremark [2010.11.10 11:53:48 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\PMB Files [2010.11.10 11:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2010.11.10 11:53:34 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks [2010.11.06 21:01:01 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\website 2 [2010.11.06 18:45:28 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\css [2010.11.06 17:56:46 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\FileZilla [2010.11.06 17:56:43 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client [2010.11.06 17:00:40 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Documents\Website [2010.11.05 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Need for Speed World [2010.10.31 13:42:41 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers [2010.10.31 13:42:31 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\DVDVideoSoft [2010.10.31 13:42:24 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DVDVideoSoft [2010.10.31 13:42:23 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft [2010.10.31 13:00:06 | 000,000,000 | ---D | C] -- C:\Programme\BitTorrent [2010.10.31 12:59:08 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\BitTorrent [2010.10.29 13:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania [2010.10.28 15:13:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netevent.dll [2010.10.27 17:34:55 | 000,000,000 | ---D | C] -- C:\Programme\MSECache [2010.10.27 17:31:24 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\OpenOffice.org [2010.10.27 15:51:25 | 000,000,000 | ---D | C] -- C:\Programme\Windows Portable Devices [2010.10.27 13:38:18 | 003,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll [2010.10.27 13:38:18 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll [2010.10.27 13:38:18 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2010.10.27 13:37:56 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2010.10.27 13:37:56 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2010.10.27 13:37:55 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2010.10.27 13:37:55 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2010.10.27 13:37:55 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2010.10.27 13:37:55 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2010.10.27 13:37:54 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll [2010.10.27 13:37:54 | 000,828,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2010.10.27 13:37:54 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2010.10.27 13:37:54 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2010.10.27 13:37:54 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PhotoMetadataHandler.dll [2010.10.27 13:37:54 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiag.exe [2010.10.27 13:37:54 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxdiagn.dll [2010.10.27 13:37:54 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2010.10.27 13:37:53 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll [2010.10.27 13:37:53 | 001,064,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2010.10.27 13:37:53 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2010.10.27 13:37:53 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll [2010.10.27 13:37:53 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2010.10.27 13:37:53 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2010.10.27 13:37:53 | 000,486,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2010.10.27 13:37:53 | 000,481,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2010.10.27 13:37:53 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2010.10.27 13:37:53 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2010.10.27 13:37:53 | 000,161,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2010.10.27 13:37:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\BthMtpContextHandler.dll [2010.10.27 13:37:35 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDShextAutoplay.exe [2010.10.27 13:37:34 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceConnectApi.dll [2010.10.27 13:37:33 | 000,546,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wpd_ci.dll [2010.10.27 13:37:33 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WPDSp.dll [2010.10.27 13:37:33 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll [2010.10.27 13:37:33 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceWMDRM.dll [2010.10.27 13:37:33 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll [2010.10.27 13:37:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceClassExtension.dll [2010.10.27 13:37:06 | 000,555,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAutomationCore.dll [2010.10.27 13:37:06 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\oleaccrc.dll [2010.10.27 13:32:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.10.27 13:12:32 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2010.10.27 13:12:31 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll [2010.10.27 13:12:31 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll [2010.10.26 18:09:40 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2010.10.26 18:08:41 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.10.26 18:08:41 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.10.26 18:08:41 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.10.26 18:06:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\nshhttp.dll [2010.10.26 18:06:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\httpapi.dll [2010.10.26 13:45:49 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.10.26 13:45:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard [2010.10.26 13:44:56 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.10.26 13:44:56 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.10.26 13:44:55 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.10.26 13:41:53 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.10.26 13:41:04 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.10.26 13:29:33 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD Entertainment AG [2010.10.26 13:26:14 | 003,600,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.10.26 13:26:14 | 003,548,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.10.26 13:26:00 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.26 13:25:03 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.10.26 13:24:08 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netiohlp.dll [2010.10.26 13:24:07 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\NETSTAT.EXE [2010.10.26 13:24:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ARP.EXE [2010.10.26 13:24:07 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MRINFO.EXE [2010.10.26 13:24:07 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\finger.exe [2010.10.26 13:24:07 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\HOSTNAME.EXE [2010.10.26 13:24:06 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ROUTE.EXE [2010.10.26 13:22:58 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlansec.dll [2010.10.26 13:22:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanmsm.dll [2010.10.26 13:22:58 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\L2SecHC.dll [2010.10.26 13:22:58 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll [2010.10.26 13:22:45 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.10.26 13:22:33 | 002,868,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2010.10.26 13:22:33 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVCORE.DLL [2010.10.26 13:22:29 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.10.26 13:21:26 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.26 13:21:14 | 000,714,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl [2010.10.26 13:21:07 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL [2010.10.26 13:21:00 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.10.26 13:21:00 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.10.26 13:21:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.10.26 13:21:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2010.10.26 13:20:51 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll [2010.10.26 13:20:47 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.26 13:20:47 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.26 13:20:44 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.10.26 13:20:36 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.10.26 13:20:25 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll [2010.10.26 13:20:20 | 001,259,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.10.26 13:20:13 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.26 13:20:11 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codecp.acm [2010.10.26 13:20:11 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\l3codeca.acm [2010.10.26 13:19:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.tlb [2010.10.26 13:19:48 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amcompat.tlb [2010.10.26 13:19:42 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010.10.26 13:19:41 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010.10.26 13:19:40 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010.10.26 13:19:40 | 000,518,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010.10.26 13:19:40 | 000,347,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010.10.26 13:19:40 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010.10.26 13:19:40 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdrm.dll [2010.10.26 13:19:40 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010.10.26 13:19:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010.10.26 13:19:01 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rastls.dll [2010.10.26 13:18:58 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WSDApi.dll [2010.10.26 13:17:36 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.10.26 13:17:35 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll [2010.10.26 13:17:35 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010.10.26 13:17:35 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010.10.26 13:17:32 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL [2010.10.26 13:08:51 | 000,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe [2010.10.26 13:08:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\spwmp.dll [2010.10.26 13:08:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdxm.ocx [2010.10.26 13:08:48 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxmasf.dll [2010.10.26 13:08:11 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.10.26 12:56:48 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Avira [2010.10.25 20:45:10 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Electronic_Arts_Inc [2010.10.25 20:27:40 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.10.25 20:27:40 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.10.25 20:27:40 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.10.25 20:27:39 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.10.25 20:27:39 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.10.25 20:27:39 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.10.25 20:27:39 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.10.25 20:27:39 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.10.25 20:27:39 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.10.25 20:27:39 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.10.25 20:27:35 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.10.25 20:27:35 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.10.25 20:27:34 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010.10.25 20:27:34 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010.10.25 20:27:34 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.10.25 20:27:34 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.10.25 20:27:34 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.10.25 20:27:34 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010.10.25 20:27:34 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010.10.25 20:27:33 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010.10.25 20:27:33 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010.10.25 20:27:33 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010.10.25 20:27:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010.10.25 20:27:33 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.10.25 20:27:32 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010.10.25 20:27:32 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010.10.25 20:27:31 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010.10.25 20:27:31 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010.10.25 20:27:31 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010.10.25 20:27:31 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010.10.25 20:27:30 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010.10.25 20:27:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010.10.25 20:27:30 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010.10.25 20:27:29 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010.10.25 20:27:29 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010.10.25 20:27:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010.10.25 20:27:29 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010.10.25 20:27:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010.10.25 20:27:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010.10.25 20:27:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010.10.25 20:27:29 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010.10.25 20:27:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010.10.25 20:27:28 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010.10.25 20:22:16 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010.10.25 20:22:05 | 000,000,000 | ---D | C] -- C:\Programme\Electronic Arts [2010.10.25 20:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010.10.25 18:32:00 | 000,000,000 | ---D | C] -- C:\Programme\TmNationsForever [2010.10.25 18:29:12 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.10.25 18:29:02 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.10.25 18:29:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.10.25 18:29:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.10.25 18:03:17 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.25 18:03:17 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.10.25 18:03:16 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.25 18:03:16 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.25 18:03:16 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.25 18:03:16 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.25 18:03:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.25 18:03:15 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.25 18:03:15 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2010.10.25 18:03:15 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2010.10.25 18:03:14 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.25 18:03:14 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.25 18:03:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2010.10.25 18:03:14 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2010.10.25 18:03:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2010.10.25 18:03:14 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.25 18:03:13 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2010.10.25 18:00:11 | 000,000,000 | ---D | C] -- C:\Programme\LucasArts [2010.10.25 17:59:22 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll [2010.10.25 17:59:22 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll [2010.10.25 17:59:22 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll [2010.10.25 17:59:22 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll [2010.10.25 17:59:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll [2010.10.25 17:59:22 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll [2010.10.25 17:59:22 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll [2010.10.25 17:59:22 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2010.10.25 17:59:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2010.10.25 17:59:21 | 000,208,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinFXDocObj.exe [2010.10.25 17:59:21 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll [2010.10.25 17:59:21 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll [2010.10.25 17:59:21 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll [2010.10.25 17:59:21 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe [2010.10.25 17:59:20 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2010.10.25 17:59:20 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2010.10.25 17:59:20 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll [2010.10.25 17:59:19 | 003,698,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2010.10.25 17:59:19 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe [2010.10.25 17:59:18 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PDMSetup.exe [2010.10.25 17:59:18 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2010.10.25 17:59:18 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe [2010.10.25 17:59:18 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetDepNx.exe [2010.10.25 17:54:51 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\TrackMania [2010.10.25 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Manuel\Documents\ArcaniA - Gothic 4 [2010.10.25 17:47:07 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Downloader [2010.10.25 17:46:55 | 000,000,000 | ---D | C] -- C:\Programme\Downloader [2010.10.25 17:44:10 | 000,000,000 | -HSD | C] -- C:\Boot [2010.10.25 17:33:41 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Macromedia [2010.10.25 17:33:41 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Adobe [2010.10.25 17:33:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.10.25 17:29:23 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Skype [2010.10.25 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Mozilla [2010.10.25 17:28:40 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Mozilla [2010.10.25 17:21:16 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DifxApi.dll [2010.10.25 17:20:49 | 000,099,952 | ---- | C] (JMicron Technology Corp.) -- C:\Windows\System32\drivers\jraid.sys [2010.10.25 17:20:46 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool [2010.10.25 17:19:53 | 000,000,000 | ---D | C] -- C:\Programme\NEC Electronics [2010.10.25 17:19:31 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Downloaded Installations [2010.10.25 17:18:58 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2010.10.25 17:18:58 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2010.10.25 17:18:53 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2010.10.25 17:18:53 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2010.10.25 17:18:53 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2010.10.25 17:18:49 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2010.10.25 17:18:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2010.10.25 17:18:04 | 000,244,256 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys [2010.10.25 17:18:04 | 000,094,208 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll [2010.10.25 17:17:51 | 000,000,000 | ---D | C] -- C:\Programme\Realtek [2010.10.25 17:17:39 | 000,000,000 | ---D | C] -- C:\Programme\DIFX [2010.10.25 17:17:31 | 000,031,288 | ---- | C] (Advanced Micro Devices) -- C:\Windows\System32\drivers\usbfilter.sys [2010.10.25 17:17:31 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE [2010.10.25 17:17:30 | 000,000,000 | ---D | C] -- C:\Programme\AMD [2010.10.25 17:17:17 | 000,014,392 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\System32\drivers\AtiPcie.sys [2010.10.25 17:15:47 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2010.10.25 17:14:39 | 000,881,664 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\VIAPropPageExt.dll [2010.10.25 17:14:39 | 000,181,248 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\ViaMicArrayAPO.dll [2010.10.25 17:14:39 | 000,076,288 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQPropPageExt.dll [2010.10.25 17:14:39 | 000,075,776 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\Dts2PropPageExt.dll [2010.10.25 17:14:39 | 000,071,680 | ---- | C] (QSound Labs, Inc.) -- C:\Windows\System32\nQAPO.dll [2010.10.25 17:14:38 | 001,127,936 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\viahduaa.sys [2010.10.25 17:14:38 | 000,504,320 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\VIASysFx.dll [2010.10.25 17:14:38 | 000,211,456 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\System32\Dts2APO.dll [2010.10.25 17:14:38 | 000,068,608 | ---- | C] (VIA Technologies,Inc.) -- C:\Windows\System32\ViaMicArrayPropPageExt.dll [2010.10.25 17:14:09 | 000,000,000 | ---D | C] -- C:\Programme\VIA [2010.10.25 17:13:53 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield [2010.10.25 17:11:04 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Google [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\ATI [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\ATI [2010.10.25 17:09:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2010.10.25 17:09:05 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\FlashGet [2010.10.25 17:09:01 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Searches [2010.10.25 17:08:52 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Identities [2010.10.25 17:08:50 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Contacts [2010.10.25 17:08:49 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\VirtualStore [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Vorlagen [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\AppData\Local\Verlauf [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\AppData\Local\Temporary Internet Files [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Startmenü [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\SendTo [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Recent [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Netzwerkumgebung [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Lokale Einstellungen [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Videos [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Musik [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Eigene Dateien [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Documents\Eigene Bilder [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Druckumgebung [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Cookies [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\AppData\Local\Anwendungsdaten [2010.10.25 17:08:46 | 000,000,000 | -HSD | C] -- C:\Users\Manuel\Anwendungsdaten [2010.10.25 17:08:45 | 000,000,000 | --SD | C] -- C:\Users\Manuel\AppData\Roaming\Microsoft [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Videos [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Saved Games [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Pictures [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Music [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Links [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Favorites [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Downloads [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Documents [2010.10.25 17:08:45 | 000,000,000 | R--D | C] -- C:\Users\Manuel\Desktop [2010.10.25 17:08:45 | 000,000,000 | -H-D | C] -- C:\Users\Manuel\AppData [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Temp [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Local\Microsoft [2010.10.25 17:08:45 | 000,000,000 | ---D | C] -- C:\Users\Manuel\AppData\Roaming\Media Center Programs [2010.10.25 17:08:36 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.10.25 17:07:56 | 000,000,000 | ---D | C] -- C:\Programme\JRE [2010.10.25 17:07:54 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3 [2010.10.25 17:07:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.10.25 17:07:34 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.10.25 17:07:27 | 000,000,000 | ---D | C] -- C:\Programme\Java [2010.10.25 17:04:45 | 000,000,000 | ---D | C] -- C:\Programme\ATI [2010.10.25 17:04:35 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.10.25 17:04:34 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.10.25 17:04:34 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.10.25 17:04:34 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.10.25 17:04:34 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.10.25 17:04:34 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2010.10.25 17:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.10.25 17:04:03 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies [2010.10.25 17:03:46 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner [2010.10.25 17:03:38 | 000,000,000 | ---D | C] -- C:\ATI [2010.10.25 17:03:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.10.25 17:03:24 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.10.25 17:03:24 | 000,000,000 | ---D | C] -- C:\Programme\FlashGet [2010.10.25 17:03:20 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2010.10.25 17:03:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.10.25 17:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.10.25 17:02:06 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Programme [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop [2010.10.25 16:56:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.10.25 16:53:45 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.10.25 16:52:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2010.11.22 16:24:32 | 000,638,972 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.22 16:24:32 | 000,604,566 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.22 16:24:32 | 000,131,012 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.22 16:24:32 | 000,107,898 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.22 16:18:26 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.22 16:18:26 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.22 16:18:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.22 16:18:21 | 3351,470,080 | -HS- | M] () -- C:\hiberfil.sys [2010.11.21 19:29:38 | 256,811,750 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.11.21 14:51:58 | 000,015,996 | ---- | M] () -- C:\Users\Manuel\.recently-used.xbel [2010.11.19 17:14:17 | 000,296,448 | ---- | M] () -- C:\Users\Manuel\Documents\g85g8kbx.exe [2010.11.18 15:24:40 | 006,285,042 | ---- | M] () -- C:\Users\Manuel\Desktop\EasyMetin2_de_1.0.6.1836.exe [2010.11.16 15:49:18 | 000,013,004 | ---- | M] () -- C:\Users\Manuel\Documents\index2.html [2010.11.16 15:42:14 | 000,000,563 | ---- | M] () -- C:\Users\Manuel\Documents\index.html [2010.11.16 15:18:48 | 000,008,459 | ---- | M] () -- C:\Users\Manuel\Documents\proxi.html [2010.11.11 11:58:43 | 000,000,094 | ---- | M] () -- C:\Users\Manuel\AppData\Local\fusioncache.dat [2010.11.11 10:32:25 | 000,008,704 | ---- | M] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.11.10 12:52:43 | 000,027,497 | ---- | M] () -- C:\Users\Manuel\Documents\hd5850 phenom ii x6 1055t.3dr [2010.11.10 12:42:27 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll [2010.11.10 12:42:26 | 000,110,592 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll [2010.11.05 14:55:57 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.11.05 14:55:57 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.10.27 15:53:43 | 000,252,448 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.10.27 15:50:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.10.25 17:44:11 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK [2010.10.25 17:24:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2010.10.25 17:20:28 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2010.10.25 17:15:18 | 000,000,680 | ---- | M] () -- C:\Users\Manuel\AppData\Local\d3d9caps.dat [2010.10.25 17:12:37 | 000,031,111 | ---- | M] () -- C:\Windows\Ascd_tmp.ini [2010.10.25 17:04:38 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.25 16:54:34 | 000,060,826 | ---- | M] () -- C:\Windows\System32\license.rtf ========== Files Created - No Company Name ========== [2010.11.21 19:29:38 | 256,811,750 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.11.21 14:51:58 | 000,015,996 | ---- | C] () -- C:\Users\Manuel\.recently-used.xbel [2010.11.19 17:14:16 | 000,296,448 | ---- | C] () -- C:\Users\Manuel\Documents\g85g8kbx.exe [2010.11.18 15:24:37 | 006,285,042 | ---- | C] () -- C:\Users\Manuel\Desktop\EasyMetin2_de_1.0.6.1836.exe [2010.11.16 15:49:18 | 000,013,004 | ---- | C] () -- C:\Users\Manuel\Documents\index2.html [2010.11.16 15:42:14 | 000,000,563 | ---- | C] () -- C:\Users\Manuel\Documents\index.html [2010.11.16 15:18:48 | 000,008,459 | ---- | C] () -- C:\Users\Manuel\Documents\proxi.html [2010.11.11 11:58:43 | 000,000,094 | ---- | C] () -- C:\Users\Manuel\AppData\Local\fusioncache.dat [2010.11.10 12:52:43 | 000,027,497 | ---- | C] () -- C:\Users\Manuel\Documents\hd5850 phenom ii x6 1055t.3dr [2010.10.27 15:50:58 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf [2010.10.26 13:22:58 | 002,501,921 | ---- | C] () -- C:\Windows\System32\wlan.tmf [2010.10.25 18:01:02 | 000,057,667 | ---- | C] () -- C:\Windows\System32\ieuinit.inf [2010.10.25 17:44:11 | 000,008,192 | R-S- | C] () -- C:\BOOTSECT.BAK [2010.10.25 17:44:10 | 000,333,257 | RHS- | C] () -- C:\bootmgr [2010.10.25 17:24:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.10.25 17:24:02 | 3351,470,080 | -HS- | C] () -- C:\hiberfil.sys [2010.10.25 17:18:04 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2010.10.25 17:13:57 | 000,008,704 | ---- | C] () -- C:\Users\Manuel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.25 17:12:35 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys [2010.10.25 17:12:26 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.10.25 17:12:24 | 000,031,111 | ---- | C] () -- C:\Windows\Ascd_tmp.ini [2010.10.25 17:08:48 | 000,000,680 | ---- | C] () -- C:\Users\Manuel\AppData\Local\d3d9caps.dat [2010.10.25 17:04:38 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.10.25 16:51:23 | 000,252,448 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2010.09.25 10:37:58 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2010.08.26 02:19:36 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll [2009.04.02 13:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS [2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini ========== LOP Check ========== [2010.11.21 18:48:02 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\BitTorrent [2010.10.31 13:42:41 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\DVDVideoSoftIEHelpers [2010.11.17 16:49:51 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FileZilla [2010.10.25 17:09:05 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\FlashGet [2010.11.21 14:49:05 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\gtk-2.0 [2010.11.05 19:39:25 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\Need for Speed World [2010.10.27 17:31:24 | 000,000,000 | ---D | M] -- C:\Users\Manuel\AppData\Roaming\OpenOffice.org [2010.11.21 20:22:22 | 000,021,164 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > extras.txt: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 22.11.2010 16:32:24 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Manuel\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 64,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 176,38 Gb Free Space | 75,74% Space Free | Partition Type: NTFS
Computer Name: MANUEL-PC | User Name: Manuel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1199145D-4C76-4807-896B-92B1FACBD446}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{3322025D-3C19-4A4B-AC5B-1F7CAEF1E4C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96D8A89C-4C9A-4F76-803A-AB27D3111D3C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{A8A30061-B06F-4A4C-83B5-6FE69DA416AC}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{C2ECF533-E4CF-4A3E-AC84-5337F74E4D45}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D4C6776F-D681-4485-8CED-107E888F9CE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D82366EE-F16F-4B77-8A63-6A847E751DDA}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DC2C4473-1A9A-4664-8554-FF0B79EF0479}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F6B9D18E-CF19-4F1D-9F87-B07FE50AA1FC}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"TCP Query User{0630508F-8E2B-4467-90E7-1A6F47B8ED38}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=6 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"TCP Query User{26BFE055-1EC7-4E3D-900F-8129F3D50DDE}C:\program files\metin2\metin2.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2.bin |
"TCP Query User{45101EE2-94AF-469D-9D9C-0A7CCC84E1AD}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=6 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
"TCP Query User{552E53B4-9687-4C31-8A93-5FE8921B5BDD}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{A4F034A4-1945-4D10-8DA8-6148AECC3BA2}C:\program files\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"TCP Query User{C26E5184-E347-4AB2-A8F1-D622EFEF41AD}C:\program files\metin2\metin2client.bin" = protocol=6 | dir=in | app=c:\program files\metin2\metin2client.bin |
"TCP Query User{E24B5BF4-B6E9-4946-9CED-F1686C00F17C}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=6 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"TCP Query User{F80D2955-245D-45A2-B9EB-34096A422D35}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{173B10FF-C72E-4E7A-8C50-5C3F0498406E}C:\program files\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\program files\tmnationsforever\tmforever.exe |
"UDP Query User{22847651-C0B1-4FCB-9F48-F225F812887D}C:\program files\metin2\metin2.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2.bin |
"UDP Query User{27C11514-8754-4392-B005-7FB52C4E0D0B}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2AC9C44B-906B-4932-A5D3-DA98AA6079AD}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{9F5EB8E0-19A4-4643-8A72-5A0DF43CE605}C:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe" = protocol=17 | dir=in | app=c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe |
"UDP Query User{A1632BD8-320E-42E5-9647-172D41B6646F}C:\program files\metin2\metin2client.bin" = protocol=17 | dir=in | app=c:\program files\metin2\metin2client.bin |
"UDP Query User{A4DBE9E8-01EF-44D4-94DF-1C838A8CCDE9}C:\programdata\electronic arts\need for speed world\data\nfsw.exe" = protocol=17 | dir=in | app=c:\programdata\electronic arts\need for speed world\data\nfsw.exe |
"UDP Query User{DB55856D-FFA7-4081-9FCC-26E94F9C5FD4}C:\program files\codemasters\der herr der ringe online\lotroclient.exe" = protocol=17 | dir=in | app=c:\program files\codemasters\der herr der ringe online\lotroclient.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 22
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DC7E02-3EEE-D01E-60D1-103A0DA2C3BF}" = Catalyst Control Center Graphics Previews Common
"{56AAE9D5-3D96-8D1D-C4C4-0290B21CE901}" = ccc-core-static
"{59ADFE8C-AD8C-2B04-6940-2D417FBAD111}" = CCC Help English
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AF2E5BA0-759C-926D-6C3F-11A3751C286E}" = Catalyst Control Center Graphics Previews Vista
"{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}" = NVIDIA PhysX
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C969744F-EB74-5868-719E-D4B1F3D0792F}" = ccc-utility
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE03D1DC-FD8D-2F5C-5FAD-02570BA0383B}" = Catalyst Control Center InstallProxy
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{F34D6DAE-7777-5C40-E143-8A0D6A048F75}" = ATI Catalyst Install Manager
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"4f6dcc3b-179d-4b1b-80f0-b6083a0b3ce6_is1" = Der Herr der Ringe Online v03.02.04.8010
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"CCleaner" = CCleaner
"Downloader" = Downloader
"DVD Shrink_is1" = DVD Shrink 3.2
"FileZilla Client" = FileZilla Client 3.3.4.1
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"Metin2_is1" = Metin2
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"OpenAL" = OpenAL
"TmNationsForever_is1" = TmNationsForever
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.11
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 16.11.2010 12:58:33 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2010 10:57:12 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.11.2010 11:17:13 | Computer Name = Manuel-PC | Source = VSS | ID = 12289
Description =
Error - 18.11.2010 09:38:28 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.11.2010 10:40:52 | Computer Name = Manuel-PC | Source = Application Hang | ID = 1002
Description = Programm metin2.bin, Version 0.0.0.0 arbeitet nicht mehr mit Windows
zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
zu suchen. Prozess-ID: 104c Anfangszeit: 01cb8729f7e2baaa Zeitpunkt der Beendigung:
0
Error - 18.11.2010 14:00:17 | Computer Name = Manuel-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung metin2client.bin, Version 0.0.0.0, Zeitstempel
0x4c909ae5, fehlerhaftes Modul General.dll, Version 1.0.0.1, Zeitstempel 0x4cc92e03,
Ausnahmecode 0xc0000005, Fehleroffset 0x0006cd26, Prozess-ID 0x131c, Anwendungsstartzeit
01cb8739c1f29fa0.
Error - 19.11.2010 12:09:02 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.11.2010 12:23:58 | Computer Name = Manuel-PC | Source = Perflib | ID = 1010
Description =
Error - 20.11.2010 10:17:46 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.11.2010 07:15:11 | Computer Name = Manuel-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 26.10.2010 13:12:26 | Computer Name = Manuel-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =
Error - 05.11.2010 13:31:48 | Computer Name = Manuel-PC | Source = DCOM | ID = 10016
Description =
Error - 11.11.2010 08:18:43 | Computer Name = Manuel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 11.11.2010 um 13:15:57 unerwartet heruntergefahren.
Error - 12.11.2010 15:59:21 | Computer Name = Manuel-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 12.11.2010 um 20:57:33 unerwartet heruntergefahren.
< End of report >
zu dem mit compmgmt.msc , dass hat nich tfunktioniert, weil ich lokale benutzer und gruppen nicht finde, kann es daran liegen, dass ich alleiniger benutzer und adminitrator zugleich bin? mfg, Manuel |
|
22.11.2010, 17:16
| #9 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? Sorry, die Einstellung gibts gar nicht in deiner Vistaversion... Aber hat sich eh erledigt, alles okay Hast du noch irgendwelche Probleme mit dem Rechner? Ansonsten, dein Mozilla Firefox ist nicht ganz aktuell. Firefox starten -> Hilfe -> Nach Updates suchen -> Anweisungen folgen.
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
22.11.2010, 18:16
| #10 |
| | Hat avira anti vir meinen virus entfernt? Oh danke für den Hinweis mit firefox, sonst hab ich keine Probleme mehr, aber doch eins war schon vorher da, immer wenn ich Trackmania NationsForever gestartet habe kam nach so 10 Minuten ein Piepser aus dem Pc, also der Beeper, aber nicht der, wenn ein Virus gefunden wird, sondern, so einer wie bei start, neuerding kommt stattdessen immer ein Bluescreen, aber nur bei Trackmania, am besten ich poste mal den Stop Fehler: Code:
ATTFilter STOP: 0x0000000A (0x00000000, 0x0000001B, 0x00000000; 0x81CF05B5)
Manuel |
|
22.11.2010, 20:51
| #11 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? Gabs noch mehr Angaben, zb IRQL_NOT_LESS_OR_EQUAL oder ein anderer Text in Großbuchstaben in dem Bluescreen? Wird irgendeine Datei erwähnt? Bluescreens können natürlich viele Ursachen haben. Veraltete oder beschädigte Treiber, nicht kompatible Hardware, Überhitzung. Wär natürlich gut, das alles mal zu prüfen. Und das Piepsen, war das mehrfach gepiepst, nur einmal, kurz, lang,... ? Was für ein BIOS hast du? Könnte eventuell helfen. Vielleicht aber auch mal den einfachen Weg versuchen und das Spiel mal ganz neu installieren? Ist deine Hardware auch ganz sicher an die Spielanforderungen zu Trackmania Nations Forever angepasst?
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
22.11.2010, 21:24
| #12 |
| | Hat avira anti vir meinen virus entfernt? Hm soweit ich weiß nicht wirklich, ich versuch jetzt schon seit ner halben stunde den bluescreen "heraufzubeschwören"  aber es klappt nicht, das piepsen ist kurz und einmal, aber es passiert nichts, also es läuft alles ganz normal, ich versuch das Spiel nochmal neu zu installieren, si hoch läuft es eigtnlich nicht, ich habe die nach einem benchmark des Spiels empfohlenen Einstellungen übernommen und selbst in online games ruckeln nur die andern fahrer, wenn überhaupt. mfg, Manuel |
|
22.11.2010, 21:30
| #13 |
| /// Helfer-Team | Hat avira anti vir meinen virus entfernt? *g* Tja, wenn man den BS mal braucht, dann kommt er nicht Dann berichte nochmal, wenn du was neues weißt.
__________________ mfg, rea *Auch du brauchst Hilfe bei einem Malwareproblem?* *TB-Spendenkonto* Hier könnte ein schlauer Spruch stehen. Naja .... könnte! |
|
22.11.2010, 21:44
| #14 |
| | Hat avira anti vir meinen virus entfernt? jo, morgen muss ich nich solange arbeiten, da kann ich dann etwas mehr zocken :freu |
|
26.11.2010, 21:01
| #15 |
| | Hat avira anti vir meinen virus entfernt? So jetzt hat er endlich mal wieder einen Bluescreen ausgeworfen, die nummer ist genau die gleiche, oben stand : IRQL_NOT_LESS_OR_EQUAL und dann nach etwas mehr text der stop fehler mfg, MAnuel |
|
| Themen zu Hat avira anti vir meinen virus entfernt? |
| antivir, antivir guard, avg, avira, bho, defender, desktop, entfernen, entfernt?, explorer, file, helper, hijack, hijackthis, ics, internet, internet explorer, maleware, maleware gefunden, metin2, micro, microsoft, plug-in, rundll, software, usb, usb 3.0, virus, vista, vista 32bit, windows |
Linear-Darstellung
