| |
| |||||||
Log-Analyse und Auswertung: TR/ATRAPS.Gen2 ; mediashifting.com; Win7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.01.2012, 17:03
| #1 |
| |  TR/ATRAPS.Gen2 ; mediashifting.com; Win7 Hallo zusammen, ich habe zwar schon andere Threads mit der gleichen Problembeschreibung gesehen, aber ich fänd's trotzdem super, wenn sich jemand meine Logs angucken könnte. Gestern hat AntiVir bei mir den oben genannten Trojaner entdeckt. Die Warnung kam ziemlich zeitgleich mit nem Flash Player Update. Das Adobe Update-Programm läuft bei mir immer im Hintergrund, weshalb es auch sauber gewesen sein könnte, aber vielleicht eben auch nicht. Seitdem wurde das Teil immer wieder gefunden, lässt sich aber wohl nicht löschen. Meine Windows-Firewall ist auch down und lässt sich nicht mehr aktivieren. Außerdem poppt beim surfen (Firefox) hin und wieder ein Tab auf, der mich zu mediashifting.com bringen will. Nun ist das interessante, dass ich das gleiche Problem vor nicht allzu langer Zeit schonmal hatte, hab da aber direkt den PC neu gemacht, weil's eh mal an der Zeit war. Jetzt würd ich das allerdings gern umgehen, aber mal sehen. Hab da auch, nachdem ich nach etwas Recherche viel Schlimmes gelesen hab, von nem anderen PC meine Passwörter geändert. Beim ersten mal hatte ich kein Adobe Update, es ist einfach n Tab aufgegangen. Nun würde mich vor allem auch interessieren, woher ich das hab. Beide male war ich beim ersten Auftauchen im Uni-WLAN. Noch ein Schmankerl: Habe vorhin meiner Mutter ne SMS geschrieben und sie hat direkt noch eine SMS aus Spanien (wo ich gerade bin) bekommen, in der sie benachrichtigt wurde, dass eine Rechnung über 263€ von ihrer/einer Citi-Bank Kreditkarte zu ihrer Bank gesendet wird. Bei Fragen sollte sie die Nummer anrufen, von der die Nachricht kam, hat sie nicht getan. Nun ist sie weder bei der Citi-Bank, noch hat sie je in Spanien Geld ausgegeben. Mein Handy war gestern an meinen PC angeschlossen... Ich benutze: Windows7 Pro 64 Firefox (surfe immer mit diesem WOT Plugin, bringt das was?) Avira AntiVir Threatfire Zum einen würd ich natürlich gern den Miste loswerden, andererseits interessiert es mich auch, woher ich sowas krieg. Die einzigen Seiten, die mir einfallen, wo es herkommen könnte, sind: 4chan streaming (watchseries.eu -> gorillavid, novamov, etc.) seiten mit pornographischen inhalten (bin da aber sehr vorsichtig, benutze eigentlich nur youporn) Hoffe, ich hab keine Infos vergessen. OTL Logs kommen, was soll ich noch laufen lassen? Danke schonmal! Geändert von shino (26.01.2012 um 17:09 Uhr) |
|
26.01.2012, 17:06
| #2 |
| | TR/ATRAPS.Gen2 ; mediashifting.com; Win7 OTL EXTRAS Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 26.01.2012 16:34:37 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jens\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,80 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 57,52% Memory free
7,60 Gb Paging File | 5,80 Gb Available in Paging File | 76,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 250,96 Gb Free Space | 84,22% Space Free | Partition Type: NTFS
Computer Name: SHINO | User Name: Jens | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.txt [@ = txtfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{25FBDA9A-E868-4B3B-B9FF-D923818511A1}" = Intel(R) PROSet/Wireless WiFi-Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"A-WIN-Extras 8.0.1 2063897_is1" = Mathematica Extras 8.0 (2063897)
"EPSON S22 Series" = Druckerdeinstallation für EPSON S22 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"M-WIN-L 8.0.1 2063990_is1" = Wolfram Mathematica 8 (M-WIN-L 8.0.1 2063990)
"Power Management Driver" = ThinkPad Power Management Driver
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX-Setup
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"ProInst" = Intel PROSet Wireless
"QuickGamma_is1" = QuickGamma 3.0.0.2
"SecureW2 Enterprise Client" = SecureW2 Enterprise Client 3.5.5
"VLC media player" = VLC media player 1.1.11
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2012 22:07:31 | Computer Name = SHINO | Source = WinMgmt | ID = 10
Description =
Error - 20.01.2012 11:50:02 | Computer Name = SHINO | Source = SecureW2 | ID = 2
Description =
Error - 21.01.2012 12:29:53 | Computer Name = SHINO | Source = WinMgmt | ID = 10
Description =
Error - 21.01.2012 12:58:15 | Computer Name = SHINO | Source = MsiInstaller | ID = 11722
Description =
Error - 21.01.2012 15:15:18 | Computer Name = SHINO | Source = MsiInstaller | ID = 11722
Description =
Error - 21.01.2012 18:23:50 | Computer Name = SHINO | Source = WinMgmt | ID = 10
Description =
Error - 23.01.2012 23:07:24 | Computer Name = SHINO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 12.1.0.0,
Zeitstempel: 0x4d90d339 Name des fehlerhaften Moduls: CoolType.dll, Version: 5.7.83.12130,
Zeitstempel: 0x4d077df9 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000143b52
ID
des fehlerhaften Prozesses: 0xf18 Startzeit der fehlerhaften Anwendung: 0x01ccda4449cf6563
Pfad
der fehlerhaften Anwendung: C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\Photoshop.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Adobe\Adobe Photoshop CS5.1 (64 Bit)\CoolType.dll
Berichtskennung:
899f56ba-4638-11e1-b26f-ccaf78f293a3
Error - 25.01.2012 18:59:49 | Computer Name = SHINO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FacebookVideoCalling.exe, Version:
1.1.0.13, Zeitstempel: 0x4ef26ee8 Name des fehlerhaften Moduls: kernel32.dll, Version:
6.1.7601.17651, Zeitstempel: 0x4e211318 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003d09c
ID
des fehlerhaften Prozesses: 0xbf4 Startzeit der fehlerhaften Anwendung: 0x01ccdbb508670a99
Pfad
der fehlerhaften Anwendung: C:\Users\Jens\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\kernel32.dll Berichtskennung: 47a87be0-47a8-11e1-b26f-ccaf78f293a3
Error - 25.01.2012 19:00:03 | Computer Name = SHINO | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FacebookVideoCalling.exe, Version:
1.1.0.13, Zeitstempel: 0x4ef26ee8 Name des fehlerhaften Moduls: kernel32.dll, Version:
6.1.7601.17651, Zeitstempel: 0x4e211318 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0003d09c
ID
des fehlerhaften Prozesses: 0x17c4 Startzeit der fehlerhaften Anwendung: 0x01ccdbb5110d10d4
Pfad
der fehlerhaften Anwendung: C:\Users\Jens\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
Pfad
des fehlerhaften Moduls: C:\Windows\syswow64\kernel32.dll Berichtskennung: 5014fab3-47a8-11e1-b26f-ccaf78f293a3
Error - 25.01.2012 19:08:41 | Computer Name = SHINO | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Die Anwendung oder der Dienst "Plugin Container for Firefox" konnte
nicht heruntergefahren werden.
[ System Events ]
Error - 19.01.2012 10:35:14 | Computer Name = SHINO | Source = NETwNs64 | ID = 5001
Description = Intel(R) Centrino(R) Wireless-N 1030 : Die Ressourcen konnten für
den notwendigen Vorgang nicht reserviert werden.
Error - 19.01.2012 10:35:14 | Computer Name = SHINO | Source = NETwNs64 | ID = 5006
Description = Intel(R) Centrino(R) Wireless-N 1030 : Die Versionsnummer dieses Treibers
ist falsch.
Error - 19.01.2012 10:35:46 | Computer Name = SHINO | Source = NETwNs64 | ID = 5001
Description = Intel(R) Centrino(R) Wireless-N 100 : Die Ressourcen konnten für den
notwendigen Vorgang nicht reserviert werden.
Error - 19.01.2012 10:35:46 | Computer Name = SHINO | Source = NETwNs64 | ID = 5006
Description = Intel(R) Centrino(R) Wireless-N 100 : Die Versionsnummer dieses Treibers
ist falsch.
Error - 19.01.2012 18:42:34 | Computer Name = SHINO | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070103 fehlgeschlagen: Realtek Semiconductor Corp. - Network - 1x1 11b/g/n
Wireless LAN PCI Express Half Mini Card Adapter
Error - 21.01.2012 12:26:00 | Computer Name = SHINO | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
Error - 22.01.2012 20:05:52 | Computer Name = SHINO | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus
lautet: 10.
Error - 24.01.2012 08:18:56 | Computer Name = SHINO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 24.01.2012 09:17:27 | Computer Name = SHINO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error - 24.01.2012 10:40:34 | Computer Name = SHINO | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
< End of report >
|
|
26.01.2012, 17:06
| #3 |
| | TR/ATRAPS.Gen2 ; mediashifting.com; Win7 OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 26.01.2012 16:34:37 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Jens\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,80 Gb Total Physical Memory | 2,19 Gb Available Physical Memory | 57,52% Memory free 7,60 Gb Paging File | 5,80 Gb Available in Paging File | 76,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,99 Gb Total Space | 250,96 Gb Free Space | 84,22% Space Free | Partition Type: NTFS Computer Name: SHINO | User Name: Jens | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jens\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools) PRC - C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll () MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () ========== Win32 Services (SafeList) ========== SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV:64bit: - (IBMPMSVC) -- C:\Windows\SysNative\ibmpmsvc.exe (Lenovo) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) Intel(R) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (ThreatFire) -- C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (NETwNs64) ___ Intel(R) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RTL8192Ce) -- C:\Windows\SysNative\drivers\rtl8192Ce.sys (Realtek Semiconductor Corporation ) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TfSysMon) -- C:\Windows\SysNative\drivers\TfSysMon.sys (PC Tools) DRV:64bit: - (TfNetMon) -- C:\Windows\SysNative\drivers\TfNetMon.sys (PC Tools) DRV:64bit: - (TfFsMon) -- C:\Windows\SysNative\drivers\TfFsMon.sys (PC Tools) DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation ) DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (IBMPMDRV) -- C:\Windows\SysNative\drivers\ibmpmdrv.sys (Lenovo.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Hotmail und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE 7E AB 7E 1A D7 CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig" FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jens\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.19 03:20:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.01.22 21:01:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.01.21 20:15:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.19 01:59:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.22 21:01:50 | 000,000,000 | ---D | M] [2012.01.19 01:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens\AppData\Roaming\mozilla\Extensions [2012.01.25 14:11:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jens\AppData\Roaming\mozilla\Firefox\Profiles\nb7obqrs.default\extensions [2012.01.19 02:04:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jens\AppData\Roaming\mozilla\Firefox\Profiles\nb7obqrs.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2012.01.22 13:16:07 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jens\AppData\Roaming\mozilla\Firefox\Profiles\nb7obqrs.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012.01.19 03:30:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.19 03:30:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012.01.19 03:20:11 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5 () (No name found) -- C:\USERS\JENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NB7OBQRS.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI () (No name found) -- C:\USERS\JENS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\NB7OBQRS.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.01.19 03:30:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.01.21 17:45:14 | 000,002,012 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com O1 - Hosts: 127.0.0.1 adobeereg.com O1 - Hosts: 127.0.0.1 activate.adobe.com O1 - Hosts: 127.0.0.1 practivate.adobe.com O1 - Hosts: 127.0.0.1 ereg.adobe.com O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com O1 - Hosts: 127.0.0.1 wip3.adobe.com O1 - Hosts: 127.0.0.1 activate-sea.adobe.com O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com O1 - Hosts: 127.0.0.1 3dns.adobe.com O1 - Hosts: 127.0.0.1 3dns-1.adobe.com O1 - Hosts: 127.0.0.1 3dns-2.adobe.com O1 - Hosts: 127.0.0.1 3dns-3.adobe.com O1 - Hosts: 127.0.0.1 3dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com O1 - Hosts: 127.0.0.1 adobe-dns-5.adobe.com O1 - Hosts: 127.0.0.1 activate.adobe.de O1 - Hosts: 14 more lines... O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.) O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.) O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe () O4 - HKLM..\Run: [SecureW2 Tray] C:\Program Files (x86)\SecureW2\sw2_tray.exe (SecureW2 B.V.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) O4 - HKCU..\Run: [EPSON S22 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGEE.EXE /FU "C:\Windows\TEMP\E_S4C48.tmp" /EF "HKCU" File not found O4 - HKCU..\Run: [Facebook Update] C:\Users\Jens\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKCU..\Run: [QuickGammaLoader] C:\Program Files (x86)\QuickGamma\QuickGammaLoader.exe (Eberhard Werle) O4 - HKCU..\Run: [QuickGammaResume] File not found O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 150.244.9.200 150.244.9.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7A662828-177D-4FEC-8494-27E3603E03B4}: DhcpNameServer = 150.244.9.200 150.244.9.100 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A4546C12-3020-4A7E-9E3B-5CB5A48ED4D6}: DhcpNameServer = 194.179.1.100 194.179.1.101 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (C:\Users\Jens\AppData\Local\9f5cccce\X) -C:\Users\Jens\AppData\Local\9f5cccce\X () O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1081aa57-4243-11e1-aa49-ccaf78f293a3}\Shell - "" = AutoRun O33 - MountPoints2\{1081aa57-4243-11e1-aa49-ccaf78f293a3}\Shell\AutoRun\command - "" = G:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012.01.26 00:08:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.01.25 23:59:18 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Facebook [2012.01.25 21:38:16 | 000,000,000 | -HSD | C] -- C:\Users\Jens\AppData\Local\9f5cccce [2012.01.24 15:20:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\ElevatedDiagnostics [2012.01.24 02:13:44 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\vlc [2012.01.23 01:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON [2012.01.23 01:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [2012.01.23 01:04:26 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL [2012.01.23 01:04:25 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMGEE.DLL [2012.01.23 01:04:25 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBGEE.DLL [2012.01.23 01:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON [2012.01.22 13:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2012.01.21 19:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickGamma [2012.01.21 19:28:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickGamma [2012.01.21 18:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012.01.21 18:05:38 | 000,000,000 | ---D | C] -- C:\Users\Jens\Adobe Flash Builder 4.5 [2012.01.21 18:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2 [2012.01.21 17:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2012.01.21 17:58:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story [2012.01.21 17:56:47 | 000,055,280 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\PxHlpa64.sys [2012.01.21 17:56:47 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdralw2k.sys [2012.01.21 17:56:47 | 000,010,224 | ---- | C] (Sonic Solutions) -- C:\Windows\SysNative\drivers\cdr4_xp.sys [2012.01.21 17:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared [2012.01.21 17:56:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name [2012.01.21 17:54:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012.01.21 17:53:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.01.21 17:53:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS5.5 [2012.01.21 01:11:53 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\DDMSettings [2012.01.20 16:52:20 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2 [2012.01.20 16:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SecureW2 [2012.01.20 03:05:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat [2012.01.20 03:05:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat [2012.01.20 03:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.01.19 23:48:13 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.01.19 23:48:13 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.01.19 23:48:13 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.19 23:48:13 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.01.19 23:48:13 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.01.19 23:48:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.01.19 23:48:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.01.19 23:48:13 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.01.19 23:48:13 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.01.19 23:48:13 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.01.19 23:48:13 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.01.19 23:48:13 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.01.19 23:48:13 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.01.19 23:48:13 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.01.19 23:48:13 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.01.19 23:48:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.01.19 23:48:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.01.19 23:48:13 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.01.19 23:48:13 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.01.19 23:48:13 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.01.19 23:48:13 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.01.19 23:48:13 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.01.19 23:48:13 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.01.19 23:48:13 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.01.19 23:48:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.01.19 23:48:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.01.19 23:48:13 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.01.19 23:48:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.01.19 23:48:12 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.01.19 23:48:12 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.01.19 23:48:12 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.19 23:48:12 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.01.19 23:48:12 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.01.19 23:48:12 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.01.19 23:48:12 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.01.19 23:48:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.01.19 23:48:12 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.01.19 23:48:12 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.01.19 23:48:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.01.19 23:48:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.01.19 23:48:12 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.01.19 23:48:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.01.19 23:48:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.01.19 23:48:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.01.19 23:48:12 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.01.19 23:48:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.01.19 23:48:12 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.01.19 23:48:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.01.19 23:48:12 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.01.19 23:48:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.01.19 23:48:12 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.01.19 23:48:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.01.19 23:48:12 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.01.19 23:48:12 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.01.19 23:48:12 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.01.19 23:48:12 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.01.19 23:48:12 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.01.19 23:48:12 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.01.19 23:48:12 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.01.19 23:48:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.01.19 23:48:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.01.19 23:48:12 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.01.19 23:48:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.01.19 23:48:12 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.01.19 23:48:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.01.19 23:48:12 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.01.19 23:48:12 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.01.19 23:48:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.01.19 23:48:12 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.01.19 23:48:12 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.01.19 23:48:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.01.19 23:48:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.01.19 23:41:42 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll [2012.01.19 23:41:42 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll [2012.01.19 23:41:42 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys [2012.01.19 23:41:42 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys [2012.01.19 23:41:42 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe [2012.01.19 23:41:42 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe [2012.01.19 23:41:42 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys [2012.01.19 23:41:38 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys [2012.01.19 23:41:38 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys [2012.01.19 16:12:20 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\MAXON [2012.01.19 16:01:58 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Mathematica [2012.01.19 16:01:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Mathematica [2012.01.19 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wolfram Research [2012.01.19 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wolfram Research [2012.01.19 16:01:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ResearchSoft [2012.01.19 16:01:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Mathematica [2012.01.19 16:01:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfram Mathematica [2012.01.19 15:56:04 | 000,465,936 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\mltcpip64.mlp [2012.01.19 15:56:04 | 000,436,240 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\ml64i3.dll [2012.01.19 15:56:04 | 000,369,680 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\ml32i3.dll [2012.01.19 15:56:04 | 000,335,888 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\mltcpip32.mlp [2012.01.19 15:56:04 | 000,302,608 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\ml64i2.dll [2012.01.19 15:56:04 | 000,260,112 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\ml32i2.dll [2012.01.19 15:56:04 | 000,253,968 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\ml32i1.dll [2012.01.19 15:56:04 | 000,203,792 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\mlmodule64.dll [2012.01.19 15:56:04 | 000,167,952 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\mlmodule32.dll [2012.01.19 15:56:04 | 000,103,440 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\mltcp64.mlp [2012.01.19 15:56:04 | 000,099,344 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysNative\mlshm64.mlp [2012.01.19 15:56:04 | 000,093,712 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\mltcp32.mlp [2012.01.19 15:56:04 | 000,088,080 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\mlshm32.mlp [2012.01.19 15:56:04 | 000,079,376 | ---- | C] (Wolfram Research, Inc.) -- C:\Windows\SysWow64\mlmap32.mlp [2012.01.19 15:54:14 | 000,000,000 | ---D | C] -- C:\Program Files\Wolfram Research [2012.01.19 15:45:10 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\InstallShield [2012.01.19 15:19:21 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Intel [2012.01.19 15:19:14 | 000,000,000 | ---D | C] -- C:\Users\Jens\Roaming [2012.01.19 15:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2012.01.19 15:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.01.19 15:18:24 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.01.19 15:18:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012.01.19 15:18:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012.01.19 15:16:43 | 000,000,000 | ---D | C] -- C:\DRIVERS [2012.01.19 14:37:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Diagnostics [2012.01.19 03:58:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.01.19 03:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.01.19 03:54:04 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.01.19 03:54:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant [2012.01.19 03:53:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2012.01.19 03:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2012.01.19 03:49:12 | 000,279,616 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.01.19 03:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2012.01.19 03:48:36 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\DAEMON Tools Lite [2012.01.19 03:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2012.01.19 03:39:26 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\OpenOffice.org [2012.01.19 03:31:36 | 000,000,000 | --SD | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.01.19 03:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.01.19 03:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.01.19 03:30:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.01.19 03:30:21 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.01.19 03:30:21 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.01.19 03:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.01.19 03:30:21 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.01.19 03:30:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.01.19 03:24:05 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Skype [2012.01.19 03:23:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.01.19 03:23:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.01.19 03:23:54 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012.01.19 03:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012.01.19 03:20:04 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\DivX [2012.01.19 03:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2012.01.19 03:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [2012.01.19 03:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2012.01.19 03:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2012.01.19 03:03:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2012.01.19 03:02:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012.01.19 03:00:33 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Macromedia [2012.01.19 02:59:31 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.01.19 02:59:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2012.01.19 02:59:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2012.01.19 02:58:30 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\TempDIR [2012.01.19 02:54:40 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Adobe [2012.01.19 02:54:40 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Adobe [2012.01.19 02:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.01.19 02:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.01.19 02:52:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.01.19 02:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.01.19 02:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.01.19 02:28:18 | 000,000,000 | R--D | C] -- C:\Users\Jens\Dropbox [2012.01.19 02:27:18 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2012.01.19 02:26:24 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Dropbox [2012.01.19 02:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire [2012.01.19 02:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThreatFire [2012.01.19 02:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2012.01.19 02:12:37 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Avira [2012.01.19 02:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.01.19 02:07:13 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.01.19 02:07:13 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.01.19 02:07:13 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.01.19 02:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.01.19 02:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.01.19 02:06:56 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll [2012.01.19 02:06:56 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll [2012.01.19 02:06:56 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll [2012.01.19 02:06:56 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll [2012.01.19 02:06:56 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax [2012.01.19 02:06:56 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax [2012.01.19 02:06:55 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2012.01.19 02:06:55 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2012.01.19 02:06:55 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2012.01.19 02:06:55 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2012.01.19 02:06:53 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2012.01.19 02:06:53 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2012.01.19 02:06:53 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2012.01.19 02:06:51 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2012.01.19 02:06:51 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2012.01.19 02:06:50 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll [2012.01.19 02:06:50 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe [2012.01.19 02:06:50 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe [2012.01.19 02:06:49 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2012.01.19 02:06:49 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2012.01.19 02:06:49 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2012.01.19 02:06:49 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2012.01.19 02:06:49 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2012.01.19 02:06:49 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2012.01.19 02:06:47 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2012.01.19 02:06:45 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2012.01.19 02:06:45 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2012.01.19 02:06:45 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2012.01.19 02:06:45 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2012.01.19 02:06:34 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.01.19 02:06:25 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.01.19 02:06:25 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.01.19 02:06:25 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.01.19 02:06:25 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.01.19 02:06:25 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.01.19 02:06:25 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.01.19 02:06:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.01.19 02:06:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.01.19 02:06:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.01.19 02:06:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.01.19 02:06:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.01.19 02:06:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.01.19 02:06:25 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.01.19 02:06:25 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.01.19 02:06:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.01.19 02:06:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.01.19 02:06:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.01.19 02:06:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.01.19 02:06:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.01.19 02:06:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.01.19 02:06:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.01.19 02:06:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.01.19 02:06:24 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.01.19 02:06:24 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.01.19 02:06:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.01.19 02:06:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.01.19 02:06:24 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.01.19 02:06:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.01.19 02:06:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.01.19 02:06:19 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2012.01.19 02:06:19 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2012.01.19 02:06:18 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll [2012.01.19 02:06:18 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll [2012.01.19 02:06:18 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll [2012.01.19 02:06:16 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll [2012.01.19 02:06:16 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll [2012.01.19 02:06:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll [2012.01.19 02:06:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll [2012.01.19 02:06:16 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll [2012.01.19 02:06:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll [2012.01.19 02:06:16 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll [2012.01.19 02:06:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll [2012.01.19 02:06:16 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll [2012.01.19 02:06:14 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012.01.19 02:06:14 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2012.01.19 02:06:14 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2012.01.19 02:06:13 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe [2012.01.19 02:06:13 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll [2012.01.19 02:06:13 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll [2012.01.19 02:06:13 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll [2012.01.19 02:06:13 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll [2012.01.19 02:06:13 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe [2012.01.19 02:06:12 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll [2012.01.19 02:06:12 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll [2012.01.19 02:06:12 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll [2012.01.19 02:06:12 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll [2012.01.19 02:06:12 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll [2012.01.19 02:06:12 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe [2012.01.19 02:06:12 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll [2012.01.19 02:06:12 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll [2012.01.19 02:06:08 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll [2012.01.19 02:06:08 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll [2012.01.19 02:06:08 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll [2012.01.19 02:06:08 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll [2012.01.19 02:06:02 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys [2012.01.19 02:05:45 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi [2012.01.19 02:05:45 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe [2012.01.19 02:05:45 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi [2012.01.19 02:05:45 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe [2012.01.19 02:05:45 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll [2012.01.19 02:05:45 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll [2012.01.19 02:05:45 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll [2012.01.19 02:05:44 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe [2012.01.19 02:05:44 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll [2012.01.19 02:05:43 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe [2012.01.19 02:05:42 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll [2012.01.19 02:05:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll [2012.01.19 02:05:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe [2012.01.19 02:05:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe [2012.01.19 02:03:46 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.01.19 02:03:46 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll [2012.01.19 02:03:45 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.01.19 02:03:45 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.01.19 01:59:31 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Mozilla [2012.01.19 01:59:31 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Mozilla [2012.01.19 01:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.01.19 01:54:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012.01.19 01:54:06 | 000,000,000 | ---D | C] -- C:\Intel [2012.01.19 01:52:00 | 000,000,000 | R--D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.01.19 01:52:00 | 000,000,000 | R--D | C] -- C:\Users\Jens\Searches [2012.01.19 01:52:00 | 000,000,000 | R--D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.01.19 01:51:51 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Identities [2012.01.19 01:51:48 | 000,000,000 | R--D | C] -- C:\Users\Jens\Contacts [2012.01.19 01:51:47 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\VirtualStore [2012.01.19 01:51:39 | 000,000,000 | --SD | C] -- C:\Users\Jens\AppData\Roaming\Microsoft [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Videos [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Saved Games [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Pictures [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Music [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Links [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Favorites [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Downloads [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Documents [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\Desktop [2012.01.19 01:51:39 | 000,000,000 | R--D | C] -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Vorlagen [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\AppData\Local\Verlauf [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\AppData\Local\Temporary Internet Files [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Startmenü [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\SendTo [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Recent [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Netzwerkumgebung [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Lokale Einstellungen [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Documents\Eigene Videos [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Documents\Eigene Musik [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Eigene Dateien [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Documents\Eigene Bilder [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Druckumgebung [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Cookies [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\AppData\Local\Anwendungsdaten [2012.01.19 01:51:39 | 000,000,000 | -HSD | C] -- C:\Users\Jens\Anwendungsdaten [2012.01.19 01:51:39 | 000,000,000 | -H-D | C] -- C:\Users\Jens\AppData [2012.01.19 01:51:39 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Temp [2012.01.19 01:51:39 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Microsoft [2012.01.19 01:51:39 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Media Center Programs [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Programme [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.01.19 01:51:28 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.01.19 01:51:23 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.01.19 01:43:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.01.19 01:43:13 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.01.19 01:42:36 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2012.01.04 01:48:42 | 000,354,176 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl [2012.01.03 14:10:52 | 000,053,656 | ---- | C] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll [2012.01.03 14:10:48 | 000,024,984 | ---- | C] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll ========== Files - Modified Within 30 Days ========== [2012.01.26 16:10:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.26 15:06:06 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001UA.job [2012.01.26 11:35:28 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.26 11:35:28 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.26 11:35:28 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.26 11:35:28 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.26 11:35:28 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.26 00:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001Core.job [2012.01.25 21:38:36 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.01.24 15:25:30 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.24 15:25:30 | 000,022,032 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.21 23:24:05 | 004,875,832 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.01.21 23:23:29 | 3061,223,424 | -HS- | M] () -- C:\hiberfil.sys [2012.01.21 17:45:14 | 000,002,012 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012.01.19 23:48:13 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2012.01.19 23:48:13 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.01.19 23:48:13 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.01.19 23:48:13 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2012.01.19 23:48:13 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2012.01.19 23:48:13 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.01.19 23:48:13 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.01.19 23:48:13 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2012.01.19 23:48:13 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2012.01.19 23:48:13 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2012.01.19 23:48:13 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll [2012.01.19 23:48:13 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2012.01.19 23:48:13 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2012.01.19 23:48:13 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2012.01.19 23:48:13 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2012.01.19 23:48:13 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2012.01.19 23:48:13 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2012.01.19 23:48:13 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2012.01.19 23:48:13 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe [2012.01.19 23:48:13 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.01.19 23:48:13 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.01.19 23:48:13 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2012.01.19 23:48:13 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2012.01.19 23:48:13 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2012.01.19 23:48:13 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2012.01.19 23:48:13 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2012.01.19 23:48:13 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2012.01.19 23:48:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2012.01.19 23:48:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2012.01.19 23:48:12 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.01.19 23:48:12 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.01.19 23:48:12 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.01.19 23:48:12 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.01.19 23:48:12 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.01.19 23:48:12 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2012.01.19 23:48:12 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2012.01.19 23:48:12 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2012.01.19 23:48:12 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2012.01.19 23:48:12 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll [2012.01.19 23:48:12 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.01.19 23:48:12 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.01.19 23:48:12 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll [2012.01.19 23:48:12 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2012.01.19 23:48:12 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2012.01.19 23:48:12 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.01.19 23:48:12 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2012.01.19 23:48:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll [2012.01.19 23:48:12 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll [2012.01.19 23:48:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2012.01.19 23:48:12 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll [2012.01.19 23:48:12 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2012.01.19 23:48:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2012.01.19 23:48:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.01.19 23:48:12 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2012.01.19 23:48:12 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2012.01.19 23:48:12 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll [2012.01.19 23:48:12 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2012.01.19 23:48:12 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2012.01.19 23:48:12 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll [2012.01.19 23:48:12 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.01.19 23:48:12 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2012.01.19 23:48:12 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2012.01.19 23:48:12 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2012.01.19 23:48:12 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2012.01.19 23:48:12 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2012.01.19 23:48:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2012.01.19 23:48:12 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.01.19 23:48:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2012.01.19 23:48:12 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2012.01.19 23:48:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2012.01.19 23:48:12 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2012.01.19 23:48:12 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2012.01.19 23:48:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2012.01.19 23:48:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2012.01.19 03:49:12 | 000,279,616 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2012.01.19 03:30:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2012.01.19 03:30:08 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2012.01.19 03:30:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2012.01.19 03:30:08 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2012.01.19 02:28:18 | 000,001,035 | ---- | M] () -- C:\Users\Jens\Desktop\Dropbox.lnk [2012.01.19 02:27:26 | 000,001,015 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.01.19 01:46:58 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.01.19 01:46:58 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.01.19 01:45:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.01.04 01:48:42 | 000,354,176 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl [2012.01.03 14:10:52 | 000,053,656 | ---- | M] (Adobe Systems Inc) -- C:\Windows\SysNative\AdobePDF.dll [2012.01.03 14:10:48 | 000,024,984 | ---- | M] (Adobe Systems Inc.) -- C:\Windows\SysNative\AdobePDFUI.dll ========== Files Created - No Company Name ========== [2012.01.25 23:59:23 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001UA.job [2012.01.25 23:59:22 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001Core.job [2012.01.21 18:01:51 | 000,002,465 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk [2012.01.21 18:01:51 | 000,002,453 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk [2012.01.21 17:59:44 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk [2012.01.21 17:59:35 | 000,001,097 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk [2012.01.21 17:52:57 | 000,000,997 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012.01.19 23:48:13 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.01.19 23:48:12 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.01.19 03:54:01 | 000,001,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012.01.19 02:54:00 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.01.19 02:28:18 | 000,001,035 | ---- | C] () -- C:\Users\Jens\Desktop\Dropbox.lnk [2012.01.19 02:27:26 | 000,001,015 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.01.19 01:59:24 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.01.19 01:53:01 | 000,001,409 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.01.19 01:52:57 | 000,001,443 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.01.19 01:46:52 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.01.19 01:46:42 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.01.19 01:45:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.01.19 01:43:13 | 3061,223,424 | -HS- | C] () -- C:\hiberfil.sys [2010.11.29 05:21:32 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.11.29 05:21:30 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.11.29 05:21:30 | 000,105,408 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2012.01.19 03:54:04 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.01.19 15:49:02 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\DAEMON Tools Lite [2012.01.25 15:31:57 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox [2012.01.19 16:14:39 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\MAXON [2012.01.19 03:39:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\OpenOffice.org [2012.01.26 00:05:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001Core.job [2012.01.26 15:06:06 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1553675760-1624475637-3804232982-1001UA.job [2009.07.14 06:08:49 | 000,004,410 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > |
|
| Themen zu TR/ATRAPS.Gen2 ; mediashifting.com; Win7 |
| adobe, antivir, down, firefox, flash player, frage, geld, gesendet, handy, hintergrund, karte, keygen, kreditkarte, loswerden, neu, nicht mehr, rechnung, seite, seiten, sms, super, surfen, tab, tr/atraps.gen, trojaner, warnung, win7, windows-firewall |
Linear-Darstellung
