| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Virus Computer wurde gesperrtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.01.2013, 15:32
| #16 |
 |  GVU Virus Computer wurde gesperrtCode:
ATTFilter ========== OTL ==========
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Hotspot Shield Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=414&sr=0&q=" removed from keyword.URL
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\engine@conduit.com folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\software@loadtubes.com\chrome\skin folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\software@loadtubes.com\chrome\content folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\software@loadtubes.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\software@loadtubes.com folder moved successfully.
C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\conduit.xml moved successfully.
C:\Programme\Mozilla Firefox\plugins\npmieze.dll moved successfully.
File C:\Programme\Mozilla Firefox\plugins\npmieze.dll not found.
C:\WINDOWS\System32\runctf.lnk moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\5675151.pad moved successfully.
C:\Dokumente und Einstellungen\Lutz\Startmenü\Programme\Autostart\runctf.lnk moved successfully.
File C:\Dokumente und Einstellungen\Lutz\4386187.dll not found.
========== FILES ==========
< regsvr32 wmisvc.dll /c >
C:\Dokumente und Einstellungen\Lutz\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Lutz\Desktop\cmd.txt deleted successfully.
< dir /a/s/b "C:\e092f77f73bfc68cff" /c >
C:\e092f77f73bfc68cff\amd64
C:\e092f77f73bfc68cff\i386
C:\e092f77f73bfc68cff\amd64\filterpipelineprintproc.dll
C:\e092f77f73bfc68cff\amd64\msxpsdrv.cat
C:\e092f77f73bfc68cff\amd64\msxpsdrv.inf
C:\e092f77f73bfc68cff\amd64\msxpsinc.gpd
C:\e092f77f73bfc68cff\amd64\msxpsinc.ppd
C:\e092f77f73bfc68cff\amd64\mxdwdrv.dll
C:\e092f77f73bfc68cff\amd64\xpssvcs.dll
C:\e092f77f73bfc68cff\i386\filterpipelineprintproc.dll
C:\e092f77f73bfc68cff\i386\msxpsdrv.cat
C:\e092f77f73bfc68cff\i386\msxpsdrv.inf
C:\e092f77f73bfc68cff\i386\msxpsinc.gpd
C:\e092f77f73bfc68cff\i386\msxpsinc.ppd
C:\e092f77f73bfc68cff\i386\mxdwdrv.dll
C:\e092f77f73bfc68cff\i386\xpssvcs.dll
C:\Dokumente und Einstellungen\Lutz\Desktop\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Lutz\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
OTL by OldTimer - Version 3.2.69.0 log created on 01262013_113138
Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.26.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Lutz :: ZOCKER [Administrator] 26.01.2013 11:42:29 mbam-log-2013-01-26 (11-42-29).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 373925 Laufzeit: 7 Minute(n), 10 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Dokumente und Einstellungen\Administrator.ZOCKER.000\Startmenü\Programme\Autostart\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Administrator.ZOCKER.001\Startmenü\Programme\Autostart\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Administrator.ZOCKER.002\Startmenü\Programme\Autostart\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Administrator.ZOCKER\Startmenü\Programme\Autostart\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Dokumente und Einstellungen\Administrator\Startmenü\Programme\Autostart\runctf.lnk (Trojan.Ransom.SUGen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\40\3a0943a8-39921ff2 Java/Exploit.CVE-2012-1723.AD trojan
C:\_OTL\MovedFiles\01262013_113138\C_Dokumente und Einstellungen\Lutz\Startmenü\Programme\Autostart\runctf.lnk Win32/Reveton.M trojan
C:\_OTL\MovedFiles\01262013_113138\C_WINDOWS\System32\runctf.lnk Win32/Reveton.M trojan
Code:
ATTFilter OTL logfile created on: 26.01.2013 15:23:06 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Lutz\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 79,01% Memory free 5,09 Gb Paging File | 4,56 Gb Available in Paging File | 89,70% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 361,33 Gb Total Space | 111,61 Gb Free Space | 30,89% Space Free | Partition Type: NTFS Drive D: | 104,06 Gb Total Space | 32,97 Gb Free Space | 31,68% Space Free | Partition Type: NTFS Drive F: | 680,90 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 3,73 Gb Total Space | 3,55 Gb Free Space | 95,21% Space Free | Partition Type: FAT32 Computer Name: ZOCKER | User Name: Lutz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.24 16:21:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe PRC - [2013.01.11 23:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- C:\AeriaGames\TribesAscendDE\HiPatchService.exe PRC - [2012.12.10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2012.12.03 08:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe PRC - [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2012.09.24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2012.07.03 08:04:58 | 000,507,312 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe PRC - [2012.07.03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe PRC - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe PRC - [2010.08.03 09:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe PRC - [2010.08.03 09:03:46 | 003,649,096 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe PRC - [2010.08.03 08:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NlsSrv32.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe PRC - [2005.12.09 15:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (No Company Name) ========== MOD - [2013.01.26 09:50:01 | 002,048,512 | ---- | M] () -- C:\Programme\Alwil Software\Avast5\defs\13012600\algo.dll MOD - [2013.01.12 21:47:20 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll MOD - [2013.01.12 11:56:31 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll MOD - [2013.01.12 11:56:28 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll MOD - [2013.01.12 11:56:23 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll MOD - [2013.01.12 11:56:08 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll MOD - [2013.01.12 11:48:32 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013.01.12 11:48:26 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll MOD - [2013.01.12 11:48:12 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013.01.12 11:46:51 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013.01.12 11:46:41 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2012.07.27 21:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll MOD - [2011.09.24 14:10:30 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.09.24 14:10:29 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2011.09.24 14:10:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2011.09.24 14:10:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.09.15 22:19:29 | 000,245,760 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2862.19696__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.09.15 22:19:29 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2862.19748__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.09.15 22:19:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2862.19728__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.09.15 22:19:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2862.19715__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.09.15 22:19:28 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2862.19736__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010.09.15 22:19:26 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2862.19947__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.09.15 22:19:01 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2862.19954__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2862.19973__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2862.19897__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.09.15 22:19:01 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2862.19709__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2010.09.15 22:19:01 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2010.09.15 22:19:01 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2010.09.15 22:18:59 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2862.19716__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2010.09.15 22:18:59 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2862.19754__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.09.15 22:18:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.09.15 22:18:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.09.15 22:18:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.09.15 22:18:57 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.09.15 22:18:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.09.15 22:18:57 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2010.09.15 22:18:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.09.15 22:18:57 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.09.15 22:18:56 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.09.15 22:18:55 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll MOD - [2010.09.15 22:18:55 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2010.09.15 22:18:55 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.09.15 22:18:55 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.09.15 22:18:49 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2862.19931_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2010.09.15 22:18:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2862.19963__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.09.15 22:18:48 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2862.19974__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2010.09.15 22:18:48 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2862.19688__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.09.15 22:18:47 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2862.19723__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.09.15 22:18:47 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2862.19931__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.09.15 22:18:47 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2862.19938__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.09.15 22:18:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2862.19937__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.09.15 22:18:47 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.09.15 22:18:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.09.15 22:18:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.09.15 22:18:47 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.09.15 22:18:47 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2010.09.15 22:18:46 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2862.19688__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.09.15 22:18:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.09.15 22:18:45 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2862.19704__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.09.15 22:18:45 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2862.19689__90ba9c70f846762e\ATIDEMOS.dll MOD - [2010.09.15 22:18:45 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2862.19687__90ba9c70f846762e\APM.Server.dll MOD - [2010.09.15 22:18:45 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.09.15 22:18:45 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2862.19938__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010.09.15 22:18:45 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.09.15 22:18:45 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.09.15 22:18:44 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2862.19688__90ba9c70f846762e\AEM.Server.dll MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll ========== Services (SafeList) ========== SRV - [2013.01.25 20:22:22 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.01.11 23:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\AeriaGames\TribesAscendDE\HiPatchService.exe -- (HiPatchService) SRV - [2013.01.09 19:41:02 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.16 18:37:24 | 005,124,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2012.12.10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.11.12 19:50:16 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\programme\gemeinsame dateien\akamai/netsession_win_ce5ba24.dll -- (Akamai) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.09.24 22:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.10.24 21:32:00 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device) SRV - [2011.02.02 11:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) SRV - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NlsSrv32.exe -- (nlsX86cc) SRV - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2005.04.03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva399.sys -- (XDva399) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva396.sys -- (XDva396) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva392.sys -- (XDva392) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva389.sys -- (XDva389) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva387.sys -- (XDva387) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva385.sys -- (XDva385) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva380.sys -- (XDva380) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.12.27 19:29:52 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011.12.08 05:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2011.12.08 05:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2011.10.24 17:39:54 | 000,042,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2011.07.26 18:49:12 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2011.03.18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2010.11.01 05:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Programme\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - [2010.03.18 10:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010.03.18 10:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010.03.18 10:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009.11.23 16:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2009.11.23 16:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2007.11.14 16:14:02 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007.09.19 14:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007.01.12 11:16:32 | 000,113,152 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86) DRV - [2006.12.28 05:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006.07.01 22:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005.12.09 15:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv) DRV - [2005.12.09 15:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon) DRV - [2005.12.09 15:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap) DRV - [2005.12.06 04:28:38 | 000,014,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2005.12.06 04:28:33 | 001,103,488 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2005.12.06 04:26:54 | 002,010,240 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2005.12.06 04:26:16 | 000,039,424 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2005.05.17 13:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005.05.16 14:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher@ea.com:5.0.127.0 FF - prefs.js..extensions.enabledAddons: DeviceDetection@logitech.com:1.23.0.5 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=414&sr=0&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Sony Online Entertainment\npsoe.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\Alwil Software\Avast5\WebRep\FF [2012.11.09 18:13:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2012.12.18 18:40:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.01.25 20:22:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.01.26 11:31:41 | 000,000,000 | ---D | M] [2011.12.14 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Extensions [2013.01.26 11:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions [2011.04.07 18:30:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.13 19:55:52 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\battlefieldheroespatcher@ea.com [2011.08.09 14:35:50 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\DeviceDetection@logitech.com [2011.05.06 21:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\nostmp [2013.01.20 17:05:08 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\icqplugin-1.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\icqplugin.xml [2011.07.23 13:09:22 | 000,002,497 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\SearchResults.xml [2011.12.14 22:36:19 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\Search_Results.xml [2013.01.25 20:22:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.11.04 10:07:36 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.01.25 20:22:23 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2012.07.18 23:18:05 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.25 20:22:20 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2012.07.18 23:18:05 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2012.07.18 23:18:05 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.18 23:18:05 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.18 23:18:05 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Aeria Ignite] C:\Programme\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LCore] C:\Programme\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Programme\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80861876-3763-4C22-AB33-E7CBFC79E0C6}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Eigene Bilder\skrillex_hd_wallpaper_by_deathbatacclaim-d4yazyr.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Eigene Bilder\skrillex_hd_wallpaper_by_deathbatacclaim-d4yazyr.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.15 21:18:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004.08.16 21:25:01 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell\AutoRun\command - "" = F:\LaunchRC.exe -- [2004.12.10 22:37:26 | 000,593,920 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.26 14:22:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Sun [2013.01.26 11:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2013.01.26 11:55:03 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Lutz\Desktop\esetsmartinstaller_enu.exe [2013.01.26 11:41:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Malwarebytes [2013.01.26 11:40:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.01.26 11:40:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.01.26 11:40:32 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.01.26 11:40:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.01.26 11:39:37 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Lutz\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.26 11:37:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Nächste antwort [2013.01.26 11:31:38 | 000,000,000 | ---D | C] -- C:\_OTL [2013.01.26 11:31:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Alte Dateien [2013.01.25 20:42:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Neuer Ordner [2013.01.25 20:10:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe [2013.01.19 14:18:34 | 000,000,000 | ---D | C] -- C:\Dump [2013.01.14 19:43:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AeriaGames [2013.01.14 19:43:27 | 000,000,000 | ---D | C] -- C:\Programme\Aeria Games [2013.01.13 20:55:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Dragonica [2013.01.13 15:38:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TERA [2013.01.13 15:38:33 | 000,000,000 | ---D | C] -- C:\Programme\TERA [2013.01.11 21:54:41 | 000,000,000 | ---D | C] -- C:\e092f77f73bfc68cff [2013.01.10 23:36:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Gameforge Live [2013.01.05 05:33:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Raiderz [2013.01.05 04:54:13 | 000,000,000 | ---D | C] -- C:\Nexon [2013.01.02 18:04:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SEVENCORE [2013.01.02 17:46:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Lutz\Recent [2013.01.02 13:42:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mail.Ru Games GmbH [2013.01.01 20:57:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Gameforge Live [2013.01.01 20:57:05 | 000,000,000 | ---D | C] -- C:\Programme\GameforgeLive [2012.12.30 19:27:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\gPotato.eu [2010.06.02 05:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll ========== Files - Modified Within 30 Days ========== [2013.01.26 15:06:02 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-436374069-725345543-1003UA.job [2013.01.26 15:00:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.01.26 14:36:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.01.26 13:47:10 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2013.01.26 11:55:04 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Lutz\Desktop\esetsmartinstaller_enu.exe [2013.01.26 11:40:35 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.26 11:39:38 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Lutz\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.26 11:37:44 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013.01.26 11:37:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.01.26 11:36:40 | 000,000,242 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2013.01.26 11:36:34 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job [2013.01.26 11:36:32 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.01.26 11:36:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.01.26 11:36:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2013.01.26 11:32:13 | 001,912,710 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-448539723-436374069-725345543-1003-0.dat [2013.01.26 11:32:12 | 000,326,318 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2013.01.25 20:04:33 | 000,578,255 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\adwcleaner.exe [2013.01.25 18:06:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-436374069-725345543-1003Core.job [2013.01.25 14:17:53 | 000,365,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\5hc46l84.exe [2013.01.24 16:21:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe [2013.01.23 15:27:14 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013.01.22 21:03:33 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2013.01.14 22:42:51 | 000,012,087 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Unbenannt 1.odt [2013.01.14 19:45:14 | 000,001,649 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\GrandFantasia-DE.lnk [2013.01.14 19:43:27 | 000,001,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk [2013.01.13 22:13:13 | 000,191,687 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\ModLoader-1.4.7.zip [2013.01.13 22:12:58 | 000,096,469 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TooManyItems-1.4.7.zip [2013.01.13 20:55:21 | 000,000,647 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Dragonica.lnk [2013.01.13 15:38:37 | 000,001,485 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TERA.lnk [2013.01.12 13:47:22 | 000,155,810 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\IMAG0742.jpg [2013.01.12 11:42:10 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.01.12 04:57:44 | 000,517,548 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.01.12 04:57:44 | 000,494,148 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.01.12 04:57:44 | 000,101,446 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.01.12 04:57:44 | 000,084,692 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.01.11 21:13:04 | 000,000,211 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Global Agenda.url [2013.01.10 23:37:28 | 000,001,609 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-to-Play.lnk [2013.01.10 23:35:53 | 000,000,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gameforge Live.lnk [2013.01.05 04:54:13 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2013.01.05 04:54:12 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2013.01.03 13:34:55 | 000,000,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Filme.lnk [2013.01.03 04:47:03 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.01.03 02:26:04 | 000,000,847 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\.recently-used.xbel [2013.01.02 18:04:45 | 000,001,339 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SEVENCORE.lnk [2012.12.30 19:27:19 | 000,001,628 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Allods Online.lnk ========== Files Created - No Company Name ========== [2013.01.26 11:40:35 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.25 20:04:33 | 000,578,255 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\adwcleaner.exe [2013.01.25 14:17:53 | 000,365,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\5hc46l84.exe [2013.01.14 22:42:51 | 000,012,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Unbenannt 1.odt [2013.01.14 19:45:14 | 000,001,649 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\GrandFantasia-DE.lnk [2013.01.14 19:43:27 | 000,001,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk [2013.01.13 22:13:13 | 000,191,687 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\ModLoader-1.4.7.zip [2013.01.13 22:12:58 | 000,096,469 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TooManyItems-1.4.7.zip [2013.01.13 20:55:21 | 000,000,647 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Dragonica.lnk [2013.01.13 15:38:37 | 000,001,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TERA.lnk [2013.01.12 13:47:20 | 000,155,810 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\IMAG0742.jpg [2013.01.11 21:13:04 | 000,000,211 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Global Agenda.url [2013.01.10 23:37:28 | 000,001,609 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AION Free-to-Play.lnk [2013.01.03 23:18:32 | 000,000,242 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2013.01.03 13:35:22 | 000,000,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Filme.lnk [2013.01.03 02:26:04 | 000,000,847 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\.recently-used.xbel [2013.01.03 01:21:45 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013.01.02 18:04:45 | 000,001,339 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SEVENCORE.lnk [2013.01.01 20:57:11 | 000,000,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gameforge Live.lnk [2012.12.30 19:27:18 | 000,001,628 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Allods Online.lnk [2012.08.22 15:15:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2012.08.08 19:30:08 | 000,282,296 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012.07.30 11:41:34 | 003,130,440 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_blr.exe [2012.01.25 20:04:10 | 001,912,710 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-448539723-436374069-725345543-1003-0.dat [2012.01.25 20:04:09 | 000,326,318 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.01.10 21:31:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011.12.28 14:03:25 | 000,126,453 | ---- | C] () -- C:\WINDOWS\System32\Snounin.exe [2011.12.26 11:42:34 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011.12.20 22:30:50 | 000,013,126 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011.12.20 22:25:08 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini [2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll [2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011.08.07 14:01:00 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat [2011.06.29 14:51:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2011.06.21 16:48:18 | 000,000,035 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2011.06.15 18:17:53 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011.06.08 12:34:15 | 000,000,182 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\server.properties [2011.06.03 00:05:11 | 000,057,624 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011.05.22 15:11:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011.05.22 15:06:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.05.02 13:27:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\AutoScreenRecorder.INI [2011.04.03 13:01:53 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini [2011.01.31 19:39:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011.01.06 19:35:20 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\PnkBstrK.sys [2010.06.02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab [2010.06.02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab [2010.06.02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x64.cab [2010.06.02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x86.cab [2010.06.02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab [2010.06.02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab [2010.06.02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab [2010.06.02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab [2010.06.02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x64.cab [2010.06.02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x86.cab [2010.06.02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x86.cab [2010.06.02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Programme\Nov2008_XACT_x64.cab [2010.06.02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Programme\Nov2008_XACT_x86.cab [2010.06.02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x64.cab [2010.06.02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x86.cab [2010.06.02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x64.cab [2010.06.02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Programme\NOV2007_XACT_x64.cab [2010.06.02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Programme\NOV2007_XACT_x86.cab [2010.06.02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x64.cab [2010.06.02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x86.cab [2010.06.02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x64.cab [2010.06.02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x86.cab [2010.06.02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x64.cab [2010.06.02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x86.cab [2010.06.02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x86.cab [2010.06.02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x64.cab [2010.06.02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Programme\Mar2009_XACT_x64.cab [2010.06.02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Programme\Mar2009_XACT_x86.cab [2010.06.02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x64.cab [2010.06.02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x86.cab [2010.06.02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x64.cab [2010.06.02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x86.cab [2010.06.02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x64.cab [2010.06.02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x86.cab [2010.06.02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x64.cab [2010.06.02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x86.cab [2010.06.02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Programme\Mar2008_XACT_x64.cab [2010.06.02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Programme\Mar2008_XACT_x86.cab [2010.06.02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x64.cab [2010.06.02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x86.cab [2010.06.02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x86.cab [2010.06.02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x64.cab [2010.06.02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x86.cab [2010.06.02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x64.cab [2010.06.02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x64.cab [2010.06.02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x86.cab [2010.06.02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x86.cab [2010.06.02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x64.cab [2010.06.02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Programme\Jun2010_XACT_x64.cab [2010.06.02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Programme\Jun2010_XACT_x86.cab [2010.06.02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x86.cab [2010.06.02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x64.cab [2010.06.02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x86.cab [2010.06.02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x64.cab [2010.06.02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x86.cab [2010.06.02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x64.cab [2010.06.02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x86.cab [2010.06.02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x64.cab [2010.06.02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x86.cab [2010.06.02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x64.cab [2010.06.02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x86.cab [2010.06.02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x64.cab [2010.06.02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab [2010.06.02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Programme\JUN2008_XACT_x64.cab [2010.06.02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Programme\JUN2008_XACT_x86.cab [2010.06.02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x64.cab [2010.06.02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x86.cab [2010.06.02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab [2010.06.02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab [2010.06.02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab [2010.06.02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab [2010.06.02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab [2010.06.02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab [2010.06.02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab [2010.06.02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab [2010.06.02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab [2010.06.02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x86.cab [2010.06.02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x64.cab [2010.06.02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Programme\Feb2010_XACT_x64.cab [2010.06.02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Programme\Feb2010_XACT_x86.cab [2010.06.02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab [2010.06.02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab [2010.06.02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x64.cab [2010.06.02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x86.cab [2010.06.02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab [2010.06.02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab [2010.06.02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab [2010.06.02 05:22:02 | 001,801,048 | ---- | C] () -- C:\Programme\dsetup32.dll [2010.06.02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab [2010.06.02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab [2010.06.02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab [2010.06.02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab [2010.06.02 05:22:02 | 000,537,432 | ---- | C] () -- C:\Programme\DXSETUP.exe [2010.06.02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab [2010.06.02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab [2010.06.02 05:22:02 | 000,094,011 | ---- | C] () -- C:\Programme\dxupdate.cab [2010.06.02 05:22:02 | 000,042,410 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab [2010.06.02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab [2010.06.02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab [2010.06.02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab [2010.06.02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x64.cab [2010.06.02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x86.cab [2010.06.02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab [2010.06.02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab [2010.06.02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Programme\Aug2009_XACT_x64.cab [2010.06.02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Programme\Aug2009_XACT_x86.cab [2010.06.02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x64.cab [2010.06.02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x86.cab [2010.06.02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x64.cab [2010.06.02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x86.cab [2010.06.02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x64.cab [2010.06.02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x86.cab [2010.06.02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x86.cab [2010.06.02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x64.cab [2010.06.02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x64.cab [2010.06.02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x86.cab [2010.06.02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x64.cab [2010.06.02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x86.cab [2010.06.02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x86.cab [2010.06.02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Programme\AUG2007_XACT_x64.cab [2010.06.02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Programme\AUG2007_XACT_x86.cab [2010.06.02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Programme\Aug2008_XACT_x64.cab [2010.06.02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Programme\Aug2008_XACT_x86.cab [2010.06.02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x64.cab [2010.06.02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x86.cab [2010.06.02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x64.cab [2010.06.02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x64.cab [2010.06.02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x86.cab [2010.06.02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab [2010.06.02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab [2010.06.02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab [2010.06.02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab [2010.06.02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab [2010.06.02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab [2010.06.02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab [2010.06.02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab [2010.06.02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab [2010.06.02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab [2010.06.02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab [2010.06.02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab [2010.06.02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab [2010.06.02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab [2010.06.02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab [2010.06.02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab [2010.06.02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab [2010.06.02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab [2010.06.02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab [2010.06.02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab [2010.06.02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab [2010.06.02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab [2010.06.02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab [2010.06.02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab ========== ZeroAccess Check ========== [2010.09.15 22:15:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.04.20 20:29:44 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2010.09.15 22:00:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software [2011.04.03 12:39:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Logs [2011.05.22 14:48:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easy Driver Pro [2011.06.28 18:29:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Easybits GO [2011.12.09 17:19:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios [2012.11.01 21:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios [2012.05.02 11:31:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HighAndes [2013.01.25 20:06:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2012.09.11 17:35:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IObit [2012.07.24 10:22:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nexon [2012.09.13 12:08:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle [2012.09.13 12:12:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle VideoSpin [2012.09.22 23:17:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2012.07.02 09:55:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PWD [2012.01.25 19:57:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung [2011.07.26 20:40:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony [2012.04.05 18:08:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TechSmith [2011.05.22 14:49:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UAB [2011.04.12 08:09:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2013.01.14 21:41:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\.minecraft [2012.06.02 16:08:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\.Nitrous [2012.07.20 19:44:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\.terasology [2012.07.04 20:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Aeria Games & Entertainment [2012.11.02 06:18:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Awesomium [2011.10.11 14:30:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Bioshock [2012.04.08 15:46:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Bioshock2 [2012.05.12 01:23:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Blockscape [2012.05.02 11:30:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Blue Cat Audio [2012.05.24 10:49:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Bump Technologies, Inc [2012.01.05 20:18:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\CD-LabelPrint [2011.06.07 14:44:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.05.07 10:38:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Command & Conquer 3 Kanes Rache [2011.06.19 12:52:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Command & Conquer 3 Tiberium Wars [2012.07.24 10:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DragonicaECB [2012.12.20 16:27:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoft [2012.12.18 18:40:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers [2012.07.05 22:05:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\FOG Downloader [2012.05.13 18:54:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\FreeVideoConverter [2011.06.28 18:29:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\go [2012.07.24 14:41:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\gtk-2.0 [2011.06.16 12:38:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Hi-Rez Studios [2012.05.02 11:31:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\HighAndes [2012.09.16 11:58:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\ICQ [2010.09.16 11:51:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Leadertech [2011.06.29 20:40:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\LolClient [2013.01.02 13:42:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mail.Ru Games GmbH [2011.05.02 13:39:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\ManyCam [2012.04.25 23:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\MotioninJoy [2012.07.01 14:30:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Need for Speed World [2012.12.01 16:33:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Notepad++ [2011.04.18 19:37:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\OpenOffice.org [2012.08.01 13:22:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Opera [2012.07.25 12:25:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Oracle [2012.04.05 18:59:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\RIFT [2012.01.25 20:00:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Samsung [2011.11.17 12:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Sony [2012.07.26 16:20:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Sony Online Entertainment [2013.01.02 22:23:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\TS3Client [2012.08.05 21:19:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Unity ========== Purity Check ========== < End of report > |
|
26.01.2013, 16:44
| #17 |
| /// TB-Ausbilder   | GVU Virus Computer wurde gesperrt Hallo,
__________________das sieht wieder besser aus. Du solltest jetzt unbedingt noch die relevante Software updaten, damit du dich nicht wieder infizierst.  Hinweis: Registry CleanerIch sehe, dass du sogenannte Registry Cleaner installiert hast. In deinem Fall CCleaner. Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler. Zerstörst du die Registry, zerstörst du Windows. Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich. Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über Start --> Systemsteuerung --> Software (bei Windows XP)zu deinstallieren. Schritt 1 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 11.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Schritt 2 Dein Browser Mozilla Firefox liegt nicht in der aktuellsten Version vor. Starte deinen Firefox als Administrator, klicke Hilfe --> Über Firefox und führe das angebotene Update durch. Wiederhole diesen Schritt, bis Firefox als aktuell angezeigt wird. Schritt 3 Die Version deines Adobe PDF Readers ist veraltet, wir müssen ihn updaten:
Schritt 4 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ |
|
26.01.2013, 17:41
| #18 |
| | GVU Virus Computer wurde gesperrt OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 26.01.2013 17:32:00 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Lutz\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,25 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 79,03% Memory free 5,09 Gb Paging File | 4,60 Gb Available in Paging File | 90,31% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 361,33 Gb Total Space | 124,89 Gb Free Space | 34,56% Space Free | Partition Type: NTFS Drive D: | 104,06 Gb Total Space | 32,97 Gb Free Space | 31,68% Space Free | Partition Type: NTFS Drive F: | 680,90 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive G: | 3,73 Gb Total Space | 3,55 Gb Free Space | 95,21% Space Free | Partition Type: FAT32 Computer Name: ZOCKER | User Name: Lutz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.26 17:04:41 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe PRC - [2013.01.24 16:21:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe PRC - [2013.01.11 23:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) -- C:\AeriaGames\TribesAscendDE\HiPatchService.exe PRC - [2012.12.18 20:08:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe PRC - [2012.12.10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe PRC - [2012.10.09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe PRC - [2010.08.03 09:05:54 | 000,358,472 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LGDevAgt.exe PRC - [2010.08.03 09:03:46 | 003,649,096 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe PRC - [2010.08.03 08:43:18 | 001,809,992 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe PRC - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE PRC - [2009.08.18 10:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE PRC - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NlsSrv32.exe PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) -- c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe PRC - [2005.12.09 15:32:18 | 000,225,280 | ---- | M] (Logitech Inc.) -- C:\WINDOWS\system32\LVCOMSX.EXE PRC - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE ========== Modules (No Company Name) ========== MOD - [2013.01.26 09:50:01 | 002,048,512 | ---- | M] () -- C:\Programme\Alwil Software\Avast5\defs\13012600\algo.dll MOD - [2013.01.12 21:47:20 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\1a6f9e23985e3159e6dd9827fd81c2fd\System.Management.ni.dll MOD - [2013.01.12 11:56:31 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll MOD - [2013.01.12 11:56:28 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll MOD - [2013.01.12 11:56:23 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\33ff7d73f01be8329a95c6e03f1dd555\System.Web.ni.dll MOD - [2013.01.12 11:56:08 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll MOD - [2013.01.12 11:48:32 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll MOD - [2013.01.12 11:48:26 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\4c91371e83d124ecb39664613e7e0417\System.Windows.Forms.ni.dll MOD - [2013.01.12 11:48:12 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll MOD - [2013.01.12 11:46:51 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll MOD - [2013.01.12 11:46:41 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll MOD - [2012.09.23 20:43:44 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU MOD - [2011.09.24 14:10:30 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2011.09.24 14:10:29 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2011.09.24 14:10:28 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2011.09.24 14:10:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll MOD - [2011.05.28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2010.09.15 22:19:29 | 000,245,760 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2862.19696__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2010.09.15 22:19:29 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2862.19748__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2010.09.15 22:19:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2862.19728__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2010.09.15 22:19:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2862.19715__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2010.09.15 22:19:28 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2862.19736__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2010.09.15 22:19:26 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2862.19947__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2010.09.15 22:19:01 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2862.19954__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2862.19973__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2862.19897__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2010.09.15 22:19:01 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2862.19709__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2010.09.15 22:19:01 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll MOD - [2010.09.15 22:19:01 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll MOD - [2010.09.15 22:19:01 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2862.19972__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll MOD - [2010.09.15 22:18:59 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2862.19716__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2010.09.15 22:18:59 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2862.19754__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2010.09.15 22:18:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2010.09.15 22:18:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2010.09.15 22:18:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2010.09.15 22:18:57 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2010.09.15 22:18:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2010.09.15 22:18:57 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2010.09.15 22:18:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2010.09.15 22:18:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2010.09.15 22:18:57 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2010.09.15 22:18:56 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2010.09.15 22:18:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2010.09.15 22:18:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2010.09.15 22:18:55 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll MOD - [2010.09.15 22:18:55 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2010.09.15 22:18:55 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll MOD - [2010.09.15 22:18:55 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2010.09.15 22:18:49 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2862.19931_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2010.09.15 22:18:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2862.19963__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2010.09.15 22:18:48 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2862.19974__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2010.09.15 22:18:48 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2862.19688__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2010.09.15 22:18:47 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2862.19723__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2010.09.15 22:18:47 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2862.19931__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2010.09.15 22:18:47 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2862.19938__90ba9c70f846762e\MOM.Implementation.dll MOD - [2010.09.15 22:18:47 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2862.19937__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2010.09.15 22:18:47 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2010.09.15 22:18:47 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2010.09.15 22:18:47 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2010.09.15 22:18:47 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2010.09.15 22:18:47 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2010.09.15 22:18:46 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2862.19688__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2010.09.15 22:18:46 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2010.09.15 22:18:45 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2862.19704__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2010.09.15 22:18:45 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2862.19689__90ba9c70f846762e\ATIDEMOS.dll MOD - [2010.09.15 22:18:45 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2862.19687__90ba9c70f846762e\APM.Server.dll MOD - [2010.09.15 22:18:45 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2010.09.15 22:18:45 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2862.19938__90ba9c70f846762e\CCC.Implementation.dll MOD - [2010.09.15 22:18:45 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2010.09.15 22:18:45 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2010.09.15 22:18:44 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2862.19688__90ba9c70f846762e\AEM.Server.dll MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll ========== Services (SafeList) ========== SRV - [2013.01.26 17:04:41 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2013.01.26 16:55:59 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.01.11 23:35:46 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\AeriaGames\TribesAscendDE\HiPatchService.exe -- (HiPatchService) SRV - [2013.01.09 19:41:02 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.16 18:37:24 | 005,124,464 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\system32\GameMon.des -- (npggsvc) SRV - [2012.12.10 17:29:44 | 001,435,568 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Programme\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc) SRV - [2012.11.12 19:50:16 | 004,539,712 | ---- | M] () [Auto | Running] -- c:\programme\gemeinsame dateien\akamai/netsession_win_ce5ba24.dll -- (Akamai) SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service) SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2011.02.02 11:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) SRV - [2009.08.18 10:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2009.06.07 12:20:20 | 000,061,440 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NlsSrv32.exe -- (nlsX86cc) SRV - [2005.12.09 15:37:42 | 000,081,920 | ---- | M] (Logitech Inc.) [Auto | Running] -- c:\Programme\Gemeinsame Dateien\Logitech\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2005.04.03 23:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) SRV - [2003.07.28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) SRV - [2003.06.19 22:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva401.sys -- (XDva401) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva399.sys -- (XDva399) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva397.sys -- (XDva397) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva396.sys -- (XDva396) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva392.sys -- (XDva392) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva391.sys -- (XDva391) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva389.sys -- (XDva389) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva387.sys -- (XDva387) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva385.sys -- (XDva385) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\XDva380.sys -- (XDva380) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleXNt.sys -- (EagleXNt) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EagleNT.sys -- (EagleNT) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2011.12.27 19:29:52 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011.12.08 05:22:38 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) DRV - [2011.12.08 05:22:38 | 000,080,184 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) DRV - [2011.10.24 17:39:54 | 000,042,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGSHidFilt.Sys -- (LGSHidFilt) DRV - [2011.07.26 18:49:12 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss) DRV - [2011.03.18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan) DRV - [2010.11.01 05:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Programme\IObit\Game Booster 3\Driver\WinRing0.sys -- (WinRing0_1_2_0) DRV - [2010.03.18 10:02:08 | 000,037,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt) DRV - [2010.03.18 10:01:52 | 000,038,864 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt) DRV - [2010.03.18 10:01:12 | 000,010,448 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE) DRV - [2009.11.23 16:37:18 | 000,014,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGVirHid.sys -- (LGVirHid) DRV - [2009.11.23 16:37:08 | 000,019,720 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LGBusEnum.sys -- (LGBusEnum) DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2007.11.14 16:14:02 | 004,625,408 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) DRV - [2007.09.19 14:44:46 | 000,101,504 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp) DRV - [2007.01.12 11:16:32 | 000,113,152 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ahcix86.sys -- (ahcix86) DRV - [2006.12.28 05:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService) DRV - [2006.07.01 22:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2005.12.09 15:37:42 | 002,400,256 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (lvmvdrv) DRV - [2005.12.09 15:37:42 | 000,016,768 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPrcMon.sys -- (LVPrcMon) DRV - [2005.12.09 15:35:54 | 002,174,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (Lvckap) DRV - [2005.12.06 04:28:38 | 000,014,080 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2005.12.06 04:28:33 | 001,103,488 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) DRV - [2005.12.06 04:26:54 | 002,010,240 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt) DRV - [2005.12.06 04:26:16 | 000,039,424 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2005.05.17 13:48:21 | 000,050,176 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) DRV - [2005.05.16 14:23:38 | 000,019,968 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) DRV - [2005.05.16 14:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-448539723-436374069-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1561552&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.127.0 FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.23.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=414&sr=0&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Sony Online Entertainment\npsoe.dll () FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\Alwil Software\Avast5\WebRep\FF [2012.11.09 18:13:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Programme\Gemeinsame Dateien\DVDVideoSoft\plugins\ff\ [2012.12.18 18:40:45 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.01.26 16:56:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.01.26 17:19:14 | 000,000,000 | ---D | M] [2011.12.14 22:36:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Extensions [2013.01.26 11:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions [2011.04.07 18:30:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.11.13 19:55:52 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\battlefieldheroespatcher@ea.com [2011.08.09 14:35:50 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\DeviceDetection@logitech.com [2011.05.06 21:28:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\extensions\nostmp [2013.01.20 17:05:08 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\icqplugin-1.xml [2011.03.30 14:14:34 | 000,001,042 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\icqplugin.xml [2011.07.23 13:09:22 | 000,002,497 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\SearchResults.xml [2011.12.14 22:36:19 | 000,002,515 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mozilla\Firefox\Profiles\df7dea73.default\searchplugins\Search_Results.xml [2013.01.26 16:55:37 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.01.26 16:55:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.01.26 16:56:01 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll [2013.01.26 16:55:54 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.26 16:55:54 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml [2013.01.26 16:55:54 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml [2013.01.26 16:55:54 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.26 16:55:54 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.26 16:55:54 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.de/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.de/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\23.0.1271.97\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: LoadTubes Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\npmieze.dll CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Programme\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Programme\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: avast! WebRep = C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\ CHR - Extension: DVDVideoSoft Browser Extension = C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software) O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found. O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Aeria Ignite] C:\Programme\Aeria Games\Ignite\aeriaignite.exe (Aeria Games & Entertainment) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avast] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Launch LCDMon] C:\Programme\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LCore] C:\Programme\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LGDCore] C:\Programme\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.) O4 - HKLM..\Run: [Launch LgDeviceAgent] C:\Programme\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.) O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe () O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-448539723-436374069-725345543-1003..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-448539723-436374069-725345543-1003..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-448539723-436374069-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to iPhone Converter - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetoiphoneconverter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-448539723-436374069-725345543-1003\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-448539723-436374069-725345543-1003\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-448539723-436374069-725345543-1003\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKU\S-1-5-21-448539723-436374069-725345543-1003\..Trusted Domains: sony.com ([]* in Trusted sites) O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab (DLM Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80861876-3763-4C22-AB33-E7CBFC79E0C6}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Eigene Bilder\skrillex_hd_wallpaper_by_deathbatacclaim-d4yazyr.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Eigene Bilder\skrillex_hd_wallpaper_by_deathbatacclaim-d4yazyr.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.15 21:18:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2004.08.16 21:25:01 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{0739fe51-5de5-11e0-9108-806d6172696f}\Shell\AutoRun\command - "" = F:\LaunchRC.exe -- [2004.12.10 22:37:26 | 000,593,920 | R--- | M] () O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.26 17:05:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java [2013.01.26 17:04:59 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.01.26 17:04:59 | 000,143,872 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.01.26 17:04:53 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.26 17:04:53 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.01.26 17:04:52 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.26 17:03:23 | 031,473,568 | ---- | C] (Oracle Corporation) -- C:\Dokumente und Einstellungen\Lutz\Desktop\jre-7u11-windows-i586.exe [2013.01.26 16:55:33 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2013.01.26 14:22:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Sun [2013.01.26 11:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ESET [2013.01.26 11:55:03 | 002,322,184 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Lutz\Desktop\esetsmartinstaller_enu.exe [2013.01.26 11:41:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Malwarebytes [2013.01.26 11:40:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2013.01.26 11:40:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2013.01.26 11:40:32 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2013.01.26 11:40:32 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2013.01.26 11:39:37 | 010,156,344 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Lutz\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.26 11:37:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Nächste antwort [2013.01.26 11:31:38 | 000,000,000 | ---D | C] -- C:\_OTL [2013.01.26 11:31:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Alte Dateien [2013.01.25 20:42:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Desktop\Neuer Ordner [2013.01.25 20:10:42 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe [2013.01.19 14:18:34 | 000,000,000 | ---D | C] -- C:\Dump [2013.01.14 19:43:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AeriaGames [2013.01.14 19:43:27 | 000,000,000 | ---D | C] -- C:\Programme\Aeria Games [2013.01.13 20:55:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Dragonica [2013.01.13 15:38:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TERA [2013.01.13 15:38:33 | 000,000,000 | ---D | C] -- C:\Programme\TERA [2013.01.11 21:54:41 | 000,000,000 | ---D | C] -- C:\e092f77f73bfc68cff [2013.01.10 23:36:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Gameforge Live [2013.01.05 05:33:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Raiderz [2013.01.05 04:54:13 | 000,000,000 | ---D | C] -- C:\Nexon [2013.01.02 19:16:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\CrashRpt [2013.01.02 18:04:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SEVENCORE [2013.01.02 17:46:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Lutz\Recent [2013.01.02 13:42:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\Mail.Ru Games GmbH [2013.01.01 20:57:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Gameforge4d [2013.01.01 20:57:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Gameforge Live [2013.01.01 20:57:05 | 000,000,000 | ---D | C] -- C:\Programme\GameforgeLive [2010.06.02 05:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll ========== Files - Modified Within 30 Days ========== [2013.01.26 17:36:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.01.26 17:19:14 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.01.26 17:04:43 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.01.26 17:04:40 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe [2013.01.26 17:04:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.26 17:04:40 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.26 17:04:40 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl [2013.01.26 17:04:39 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll [2013.01.26 17:04:39 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll [2013.01.26 17:03:32 | 031,473,568 | ---- | M] (Oracle Corporation) -- C:\Dokumente und Einstellungen\Lutz\Desktop\jre-7u11-windows-i586.exe [2013.01.26 17:00:01 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.01.26 15:06:02 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-436374069-725345543-1003UA.job [2013.01.26 11:55:04 | 002,322,184 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Lutz\Desktop\esetsmartinstaller_enu.exe [2013.01.26 11:40:35 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.26 11:39:38 | 010,156,344 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Lutz\Desktop\mbam-setup-1.70.0.1100.exe [2013.01.26 11:37:44 | 000,000,358 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job [2013.01.26 11:37:39 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2013.01.26 11:36:40 | 000,000,242 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2013.01.26 11:36:34 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job [2013.01.26 11:36:32 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.01.26 11:36:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.01.26 11:36:22 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs [2013.01.25 20:04:33 | 000,578,255 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\adwcleaner.exe [2013.01.25 18:06:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-448539723-436374069-725345543-1003Core.job [2013.01.25 14:17:53 | 000,365,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\5hc46l84.exe [2013.01.24 16:21:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Lutz\Desktop\OTL.exe [2013.01.23 15:27:14 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2013.01.22 21:03:33 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2013.01.14 22:42:51 | 000,012,087 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Unbenannt 1.odt [2013.01.14 19:45:14 | 000,001,649 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\GrandFantasia-DE.lnk [2013.01.14 19:43:27 | 000,001,725 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk [2013.01.13 22:13:13 | 000,191,687 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\ModLoader-1.4.7.zip [2013.01.13 22:12:58 | 000,096,469 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TooManyItems-1.4.7.zip [2013.01.13 20:55:21 | 000,000,647 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Dragonica.lnk [2013.01.13 15:38:37 | 000,001,485 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TERA.lnk [2013.01.12 13:47:22 | 000,155,810 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\IMAG0742.jpg [2013.01.12 11:42:10 | 000,307,600 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.01.12 04:57:44 | 000,517,548 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2013.01.12 04:57:44 | 000,494,148 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2013.01.12 04:57:44 | 000,101,446 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2013.01.12 04:57:44 | 000,084,692 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2013.01.11 21:13:04 | 000,000,211 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Global Agenda.url [2013.01.10 23:35:53 | 000,000,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gameforge Live.lnk [2013.01.09 19:40:58 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe [2013.01.09 19:40:58 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl [2013.01.05 04:54:13 | 000,000,235 | ---- | M] () -- C:\WINDOWS\System32\nxEuUninstall.bat [2013.01.05 04:54:12 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\WINDOWS\NEXON_EU_DownloaderUpdater.exe [2013.01.05 01:08:32 | 000,192,000 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.01.03 13:34:55 | 000,000,350 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Filme.lnk [2013.01.03 04:47:03 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2013.01.03 02:26:04 | 000,000,847 | ---- | M] () -- C:\Dokumente und Einstellungen\Lutz\.recently-used.xbel [2013.01.02 18:04:45 | 000,001,339 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SEVENCORE.lnk ========== Files Created - No Company Name ========== [2013.01.26 17:19:14 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk [2013.01.26 17:19:14 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk [2013.01.26 11:40:35 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.25 20:04:33 | 000,578,255 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\adwcleaner.exe [2013.01.25 14:17:53 | 000,365,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\5hc46l84.exe [2013.01.14 22:42:51 | 000,012,087 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Unbenannt 1.odt [2013.01.14 19:45:14 | 000,001,649 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\GrandFantasia-DE.lnk [2013.01.14 19:43:27 | 000,001,725 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Aeria Ignite.lnk [2013.01.13 22:13:13 | 000,191,687 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\ModLoader-1.4.7.zip [2013.01.13 22:12:58 | 000,096,469 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TooManyItems-1.4.7.zip [2013.01.13 20:55:21 | 000,000,647 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Dragonica.lnk [2013.01.13 15:38:37 | 000,001,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\TERA.lnk [2013.01.12 13:47:20 | 000,155,810 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\IMAG0742.jpg [2013.01.11 21:13:04 | 000,000,211 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Global Agenda.url [2013.01.03 23:18:32 | 000,000,242 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job [2013.01.03 13:35:22 | 000,000,350 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Desktop\Filme.lnk [2013.01.03 02:26:04 | 000,000,847 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\.recently-used.xbel [2013.01.03 01:21:45 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2013.01.02 18:04:45 | 000,001,339 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SEVENCORE.lnk [2013.01.01 20:57:11 | 000,000,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Gameforge Live.lnk [2012.08.22 15:15:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2012.08.08 19:30:08 | 000,282,296 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe [2012.07.30 11:41:34 | 003,130,440 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_blr.exe [2012.01.25 20:04:10 | 001,912,710 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-448539723-436374069-725345543-1003-0.dat [2012.01.25 20:04:09 | 000,326,318 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat [2012.01.10 21:31:56 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat [2011.12.28 14:03:25 | 000,126,453 | ---- | C] () -- C:\WINDOWS\System32\Snounin.exe [2011.12.26 11:42:34 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe [2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe [2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll [2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll [2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll [2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll [2011.12.20 22:30:50 | 000,013,126 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini [2011.12.20 22:25:08 | 000,000,719 | R--- | C] () -- C:\WINDOWS\System32\InstExec.ini [2011.11.09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll [2011.11.09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll [2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2011.08.07 14:01:00 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat [2011.06.29 14:51:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2011.06.21 16:48:18 | 000,000,035 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2011.06.15 18:17:53 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2011.06.13 20:08:43 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2011.06.08 12:34:15 | 000,000,182 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\server.properties [2011.06.03 00:05:11 | 000,057,624 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2011.05.22 15:11:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2011.05.22 15:06:45 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2011.05.02 13:27:37 | 000,000,151 | ---- | C] () -- C:\WINDOWS\AutoScreenRecorder.INI [2011.04.03 13:01:53 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini [2011.01.31 19:39:30 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2011.01.06 19:35:20 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Anwendungsdaten\PnkBstrK.sys [2010.09.16 16:19:20 | 000,192,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x64.cab [2010.06.02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Programme\OCT2006_d3dx9_31_x86.cab [2010.06.02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x64.cab [2010.06.02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Programme\Nov2008_XAudio_x86.cab [2010.06.02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Programme\OCT2006_XACT_x64.cab [2010.06.02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Programme\OCT2006_XACT_x86.cab [2010.06.02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab [2010.06.02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab [2010.06.02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x64.cab [2010.06.02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Programme\Nov2008_d3dx9_40_x86.cab [2010.06.02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x86.cab [2010.06.02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Programme\Nov2008_XACT_x64.cab [2010.06.02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Programme\Nov2008_XACT_x86.cab [2010.06.02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x64.cab [2010.06.02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Programme\Nov2008_X3DAudio_x86.cab [2010.06.02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Programme\Nov2008_d3dx10_40_x64.cab [2010.06.02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Programme\NOV2007_XACT_x64.cab [2010.06.02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Programme\NOV2007_XACT_x86.cab [2010.06.02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x64.cab [2010.06.02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Programme\NOV2007_X3DAudio_x86.cab [2010.06.02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x64.cab [2010.06.02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Programme\Nov2007_d3dx9_36_x86.cab [2010.06.02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x64.cab [2010.06.02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Programme\Nov2007_d3dx10_36_x86.cab [2010.06.02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x86.cab [2010.06.02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Programme\Mar2009_XAudio_x64.cab [2010.06.02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Programme\Mar2009_XACT_x64.cab [2010.06.02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Programme\Mar2009_XACT_x86.cab [2010.06.02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x64.cab [2010.06.02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Programme\Mar2009_X3DAudio_x86.cab [2010.06.02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x64.cab [2010.06.02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Programme\Mar2009_d3dx9_41_x86.cab [2010.06.02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x64.cab [2010.06.02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Programme\Mar2009_d3dx10_41_x86.cab [2010.06.02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x64.cab [2010.06.02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Programme\Mar2008_XAudio_x86.cab [2010.06.02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Programme\Mar2008_XACT_x64.cab [2010.06.02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Programme\Mar2008_XACT_x86.cab [2010.06.02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x64.cab [2010.06.02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Programme\Mar2008_d3dx9_37_x86.cab [2010.06.02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x86.cab [2010.06.02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x64.cab [2010.06.02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Programme\Mar2008_X3DAudio_x86.cab [2010.06.02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x64.cab [2010.06.02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Programme\Mar2008_d3dx10_37_x64.cab [2010.06.02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Programme\Jun2010_d3dx9_43_x86.cab [2010.06.02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x86.cab [2010.06.02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Programme\Jun2010_XAudio_x64.cab [2010.06.02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Programme\Jun2010_XACT_x64.cab [2010.06.02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Programme\Jun2010_XACT_x86.cab [2010.06.02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x86.cab [2010.06.02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x64.cab [2010.06.02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Programme\Jun2010_d3dx10_43_x86.cab [2010.06.02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x64.cab [2010.06.02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Programme\Jun2010_d3dx11_43_x86.cab [2010.06.02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Programme\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Programme\Jun2010_d3dcsx_43_x64.cab [2010.06.02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x86.cab [2010.06.02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x64.cab [2010.06.02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Programme\JUN2008_d3dx9_38_x86.cab [2010.06.02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x64.cab [2010.06.02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Programme\JUN2008_d3dx10_38_x86.cab [2010.06.02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Programme\JUN2008_XAudio_x64.cab [2010.06.02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Programme\JUN2007_XACT_x86.cab [2010.06.02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Programme\JUN2008_XACT_x64.cab [2010.06.02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Programme\JUN2008_XACT_x86.cab [2010.06.02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x64.cab [2010.06.02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Programme\JUN2008_X3DAudio_x86.cab [2010.06.02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x64.cab [2010.06.02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Programme\JUN2007_d3dx9_34_x86.cab [2010.06.02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab [2010.06.02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x64.cab [2010.06.02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Programme\JUN2007_d3dx10_34_x86.cab [2010.06.02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Programme\JUN2007_XACT_x64.cab [2010.06.02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Programme\JUN2006_XACT_x64.cab [2010.06.02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Programme\JUN2006_XACT_x86.cab [2010.06.02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab [2010.06.02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x86.cab [2010.06.02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Programme\Feb2010_XAudio_x64.cab [2010.06.02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Programme\Feb2010_XACT_x64.cab [2010.06.02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Programme\Feb2010_XACT_x86.cab [2010.06.02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Programme\FEB2007_XACT_x64.cab [2010.06.02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Programme\FEB2007_XACT_x86.cab [2010.06.02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x64.cab [2010.06.02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Programme\Feb2010_X3DAudio_x86.cab [2010.06.02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Programme\Feb2006_XACT_x64.cab [2010.06.02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Programme\Feb2006_XACT_x86.cab [2010.06.02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x86.cab [2010.06.02 05:22:02 | 001,801,048 | ---- | C] () -- C:\Programme\dsetup32.dll [2010.06.02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x86.cab [2010.06.02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Programme\Feb2006_d3dx9_29_x64.cab [2010.06.02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab [2010.06.02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab [2010.06.02 05:22:02 | 000,537,432 | ---- | C] () -- C:\Programme\DXSETUP.exe [2010.06.02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Programme\DEC2006_XACT_x64.cab [2010.06.02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Programme\DEC2006_XACT_x86.cab [2010.06.02 05:22:02 | 000,094,011 | ---- | C] () -- C:\Programme\dxupdate.cab [2010.06.02 05:22:02 | 000,042,410 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab [2010.06.02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Programme\DEC2006_d3dx9_32_x64.cab [2010.06.02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab [2010.06.02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab [2010.06.02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x64.cab [2010.06.02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Programme\Aug2009_XAudio_x86.cab [2010.06.02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x64.cab [2010.06.02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Programme\DEC2006_d3dx10_00_x86.cab [2010.06.02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Programme\Aug2009_XACT_x64.cab [2010.06.02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Programme\Aug2009_XACT_x86.cab [2010.06.02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x64.cab [2010.06.02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Programme\Aug2009_d3dx9_42_x86.cab [2010.06.02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x64.cab [2010.06.02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Programme\Aug2009_d3dx10_42_x86.cab [2010.06.02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x64.cab [2010.06.02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Programme\Aug2009_d3dx11_42_x86.cab [2010.06.02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x86.cab [2010.06.02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Programme\Aug2009_d3dcsx_42_x64.cab [2010.06.02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Programme\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x64.cab [2010.06.02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Programme\Aug2008_XAudio_x86.cab [2010.06.02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x64.cab [2010.06.02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Programme\Aug2008_d3dx9_39_x86.cab [2010.06.02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x86.cab [2010.06.02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Programme\AUG2007_XACT_x64.cab [2010.06.02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Programme\AUG2007_XACT_x86.cab [2010.06.02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Programme\Aug2008_XACT_x64.cab [2010.06.02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Programme\Aug2008_XACT_x86.cab [2010.06.02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x64.cab [2010.06.02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Programme\AUG2007_d3dx9_35_x86.cab [2010.06.02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Programme\Aug2008_d3dx10_39_x64.cab [2010.06.02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x64.cab [2010.06.02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Programme\AUG2007_d3dx10_35_x86.cab [2010.06.02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab [2010.06.02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab [2010.06.02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Programme\AUG2006_XACT_x64.cab [2010.06.02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Programme\AUG2006_XACT_x86.cab [2010.06.02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Programme\AUG2006_xinput_x64.cab [2010.06.02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Programme\APR2007_xinput_x86.cab [2010.06.02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Programme\AUG2006_xinput_x86.cab [2010.06.02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x86.cab [2010.06.02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Programme\APR2007_XACT_x64.cab [2010.06.02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Programme\APR2007_XACT_x86.cab [2010.06.02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Programme\APR2007_xinput_x64.cab [2010.06.02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Programme\APR2007_d3dx9_33_x64.cab [2010.06.02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x64.cab [2010.06.02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Programme\APR2007_d3dx10_33_x86.cab [2010.06.02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Programme\Apr2006_xinput_x86.cab [2010.06.02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Programme\Apr2006_xinput_x64.cab [2010.06.02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86_Archive.cab [2010.06.02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Programme\Apr2006_MDX1_x86.cab [2010.06.02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Programme\Apr2006_XACT_x64.cab [2010.06.02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Programme\Apr2006_XACT_x86.cab [2010.06.02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x64.cab [2010.06.02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x64.cab [2010.06.02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Programme\Apr2006_d3dx9_30_x86.cab [2010.06.02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Programme\Apr2005_d3dx9_25_x86.cab ========== ZeroAccess Check ========== [2010.09.15 22:15:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2012.04.20 20:29:44 | 001,510,400 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > |
|
26.01.2013, 17:43
| #19 |
| | GVU Virus Computer wurde gesperrt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 26.01.2013 17:32:00 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Lutz\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,57 Gb Available Physical Memory | 79,03% Memory free
5,09 Gb Paging File | 4,60 Gb Available in Paging File | 90,31% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 361,33 Gb Total Space | 124,89 Gb Free Space | 34,56% Space Free | Partition Type: NTFS
Drive D: | 104,06 Gb Total Space | 32,97 Gb Free Space | 31,68% Space Free | Partition Type: NTFS
Drive F: | 680,90 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive G: | 3,73 Gb Total Space | 3,55 Gb Free Space | 95,21% Space Free | Partition Type: FAT32
Computer Name: ZOCKER | User Name: Lutz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Programme\Opera\Opera.exe (Opera Software)
[HKEY_USERS\S-1-5-21-448539723-436374069-725345543-1003\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
http [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Programme\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"57102:TCP" = 57102:TCP:*:Enabled:Pando Media Booster
"57102:UDP" = 57102:UDP:*:Enabled:Pando Media Booster
"56230:TCP" = 56230:TCP:*:Enabled:Pando Media Booster
"56230:UDP" = 56230:UDP:*:Enabled:Pando Media Booster
"56815:TCP" = 56815:TCP:*:Enabled:Pando Media Booster
"56815:UDP" = 56815:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"57102:TCP" = 57102:TCP:*:Enabled:Pando Media Booster
"57102:UDP" = 57102:UDP:*:Enabled:Pando Media Booster
"56230:TCP" = 56230:TCP:*:Enabled:Pando Media Booster
"56230:UDP" = 56230:UDP:*:Enabled:Pando Media Booster
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"56815:TCP" = 56815:TCP:*:Enabled:Pando Media Booster
"56815:UDP" = 56815:UDP:*:Enabled:Pando Media Booster
"1037:TCP" = 1037:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\ICQ7.7\ICQ.exe" = C:\Programme\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\PnkBstrA.exe" = C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA -- ()
"C:\WINDOWS\system32\PnkBstrB.exe" = C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB -- ()
"C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe" = C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Enabled:Eine DLL-Datei als Anwendung ausführen -- (Microsoft Corporation)
"C:\Programme\Skype\Plugin Manager\skypePM.exe" = C:\Programme\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Downloads\YuLeech-Runes_of_Magic_3_0_8_2349_slim_eu.exe" = C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Downloads\YuLeech-Runes_of_Magic_3_0_8_2349_slim_eu.exe:*:Enabled:YuLeech
"C:\Programme\Runes of Magic\Runes of Magic.exe" = C:\Programme\Runes of Magic\Runes of Magic.exe:*:Enabled:Runes of Magic
"C:\Programme\Runes of Magic\unins000.exe" = C:\Programme\Runes of Magic\unins000.exe:*:Enabled:Runes of Magic entfernen
"C:\Programme\Runes of Magic\Client.exe" = C:\Programme\Runes of Magic\Client.exe:*:Enabled:Runes of Magic
"C:\Programme\TmNationsForever\TmForever.exe" = C:\Programme\TmNationsForever\TmForever.exe:*:Enabled:TmForever
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Programme\Windows Live\Messenger\msnmsgr.exe" = C:\Programme\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Programme\Java\jre6\bin\javaw.exe" = C:\Programme\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary
"C:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" = C:\Programme\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe:*:Enabled:BattlefrontII
"C:\Programme\TrackMania United\TmUnited.exe" = C:\Programme\TrackMania United\TmUnited.exe:*:Enabled:TmUnited
"C:\Programme\TmUnitedForever\TmForever.exe" = C:\Programme\TmUnitedForever\TmForever.exe:*:Enabled:TmForever
"C:\Programme\Duty Calls\binaries\Win32\DutyCalls.exe" = C:\Programme\Duty Calls\binaries\Win32\DutyCalls.exe:*:Enabled:DutyCalls
"C:\Programme\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE" = C:\Programme\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem
"C:\AeriaGames\WolfTeam-DE\Wolfteam.bin" = C:\AeriaGames\WolfTeam-DE\Wolfteam.bin:*:Enabled:WolfTeam
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Team17 Software Ltd\Worms Forts Under Siege\WF.exe" = C:\Programme\Team17 Software Ltd\Worms Forts Under Siege\WF.exe:*:Enabled:WF
"C:\Programme\Turbine\The Lord of the Rings Online\lotroclient.exe" = C:\Programme\Turbine\The Lord of the Rings Online\lotroclient.exe:*:Enabled:lotroclient
"C:\Programme\Steam\SteamApps\common\global agenda live\Binaries\GlobalAgenda.exe" = C:\Programme\Steam\SteamApps\common\global agenda live\Binaries\GlobalAgenda.exe:*:Enabled:TgGame Client -- (HiRez Studios, Inc.)
"C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Temp\ElectronicArts_Patcher_000.exe" = C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Temp\ElectronicArts_Patcher_000.exe:*:Enabled:ElectronicArts_Patcher_000
"C:\Programme\Electronic Arts\Command & Conquer 3 Kanes Rache\RetailExe\1.2\cnc3ep1.dat" = C:\Programme\Electronic Arts\Command & Conquer 3 Kanes Rache\RetailExe\1.2\cnc3ep1.dat:*:Enabled:Command & Conquer(tm) 3: Kanes Rache -- (Electronic Arts Inc.)
"C:\Programme\Electronic Arts\Command & Conquer 3 Kanes Rache\CNC3EP1.exe" = C:\Programme\Electronic Arts\Command & Conquer 3 Kanes Rache\CNC3EP1.exe:*:Enabled:Command & Conquer™ 3 Kanes Rache spielen -- (Electronic Arts Inc.)
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.9\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine -- ()
"C:\Sierra\EE-ZDE\EE-AOC.exe" = C:\Sierra\EE-ZDE\EE-AOC.exe:*:Enabled:EE-AOC
"C:\Programme\Steam\SteamApps\plasmaboy300\team fortress 2\hl2.exe" = C:\Programme\Steam\SteamApps\plasmaboy300\team fortress 2\hl2.exe:*:Enabled:hl2
"C:\Programme\Third Wave Games\War World - Tactical Combat 1.09\War World.exe" = C:\Programme\Third Wave Games\War World - Tactical Combat 1.09\War World.exe:*:Enabled:War World
"C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat" = C:\Programme\Electronic Arts\Die Schlacht um Mittelerde II\game.dat:*:Enabled:Die Schlacht um Mittelerde™ II
"C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat" = C:\Programme\Electronic Arts\Aufstieg des Hexenkönigs\game.dat:*:Enabled:Der Herr der Ringe™, Aufstieg des Hexenkönigs™
"C:\Programme\Google\Google Earth\client\googleearth.exe" = C:\Programme\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Programme\Gameforge4D\AirRivals\Launcher.atm" = C:\Programme\Gameforge4D\AirRivals\Launcher.atm:Enabled:GameExe2
"C:\Programme\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe" = C:\Programme\Gameforge4D\AirRivals\Res-Voip\SCVoIP.exe:Enabled:GameVoIP
"C:\Programme\Hotspot Shield\bin\openvpntray.exe" = C:\Programme\Hotspot Shield\bin\openvpntray.exe:*:Enabled:Hotspot Shield Launch
"C:\Programme\Origin\Origin.exe" = C:\Programme\Origin\Origin.exe:*:Enabled:Origin
"C:\Programme\Movie Maker\moviemk.exe" = C:\Programme\Movie Maker\moviemk.exe:*:Enabled:@C:\Programme\Movie Maker\1031\wmm2res.dll,-61446 -- (Microsoft Corporation)
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- (Apple Inc.)
"C:\Programme\Electronic Arts\Dead Space\Dead Space.exe" = C:\Programme\Electronic Arts\Dead Space\Dead Space.exe:*:Enabled:Dead Space ™
"C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\Lutz\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc.)
"C:\Programme\ICQ7.7\ICQ.exe" = C:\Programme\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"C:\Programme\Steam\SteamApps\common\Mass Effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm" = C:\Programme\Steam\SteamApps\common\Mass Effect 2\docs\EA Help\Electronic_Arts_Technical_Support.htm:*:Enabled:Mass Effect 2
"C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe" = C:\Programme\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe:*:Enabled:DTX broker
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\Programme\Java\jre6\bin\java.exe" = C:\Programme\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Downloads\gunblade-dlm.exe" = C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\Downloads\gunblade-dlm.exe:*:Enabled:Gunblade Saga DLM
"C:\Programme\Steam\SteamApps\common\apb reloaded\Binaries\APB.exe" = C:\Programme\Steam\SteamApps\common\apb reloaded\Binaries\APB.exe:*:Enabled:APB: APB.exe
"C:\Programme\Steam\SteamApps\common\apb reloaded\Binaries\VivoxVoiceService.exe" = C:\Programme\Steam\SteamApps\common\apb reloaded\Binaries\VivoxVoiceService.exe:*:Enabled:APB: VivoxVoiceService.exe
"C:\Programme\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe" = C:\Programme\Steam\SteamApps\common\amd driver updater, xp, 32 bit\Setup.exe:*:Enabled:AMD Driver Updater, XP, 32 bit
"C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat" = C:\Programme\Electronic Arts\Command & Conquer 3\RetailExe\1.0\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars -- (Electronic Arts Inc.)
"C:\Programme\Games-Masters.com\CABAL Online (Europe)\cabal.exe" = C:\Programme\Games-Masters.com\CABAL Online (Europe)\cabal.exe:*:Enabled:CABAL Online (Europe) -- (ESTsoft)
"C:\gPotato.eu\Allods Online\bin\Launcher.exe" = C:\gPotato.eu\Allods Online\bin\Launcher.exe:*:Enabled:Allods Launcher
"C:\Programme\Sony Online Entertainment\Installed Games\DC Universe Online Live\UNREAL3\BINARIES\WIN32\DCGAME.EXE" = C:\Programme\Sony Online Entertainment\Installed Games\DC Universe Online Live\UNREAL3\BINARIES\WIN32\DCGAME.EXE:*:Enabled:DC Universe Online Windows Client -- (Sony Online Entertainment)
"C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts\Need For Speed World\Data\nfsw.exe" = C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts\Need For Speed World\Data\nfsw.exe:*:Enabled:Need for Speed World
"C:\AeriaGames\EdenEternal-DE\_Launcher.exe" = C:\AeriaGames\EdenEternal-DE\_Launcher.exe:*:Enabled:_Launcher.exe
"C:\Programme\Steam\Steam.exe" = C:\Programme\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe" = C:\Programme\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2
"C:\Programme\Steam\SteamApps\plasmaboy300\source sdk base 2007\hl2.exe" = C:\Programme\Steam\SteamApps\plasmaboy300\source sdk base 2007\hl2.exe:*:Enabled:Source SDK Base 2007
"C:\Programme\Steam\SteamApps\common\dungeons and dragons online\dndclient.exe" = C:\Programme\Steam\SteamApps\common\dungeons and dragons online\dndclient.exe:*:Enabled:dndclient
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe" = C:\Programme\Opera\pluginwrapper\opera_plugin_wrapper.exe:*:Enabled:Opera Internet Browser - Plugin wrapper
"C:\Programme\Opera\opera.exe" = C:\Programme\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Programme\Java\jre7\bin\javaw.exe" = C:\Programme\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\WINDOWS\system32\javaw.exe" = C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Oracle Corporation)
"C:\Programme\Steam\SteamApps\common\Crysis Wars\Bin32\Crysis.exe" = C:\Programme\Steam\SteamApps\common\Crysis Wars\Bin32\Crysis.exe:*:Enabled:Crysis Wars -- (Crytek GmbH)
"C:\Programme\Steam\SteamApps\common\Crysis Warhead\Bin32\Crysis.exe" = C:\Programme\Steam\SteamApps\common\Crysis Warhead\Bin32\Crysis.exe:*:Enabled:Crysis Warhead -- (Crytek GmbH)
"C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager -- (Pinnacle Systems)
"C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi -- (Pinnacle Systems)
"C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe" = C:\Programme\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin -- (Pinnacle Systems)
"C:\Programme\Alaplaya\LOCO\System\LOCO.exe" = C:\Programme\Alaplaya\LOCO\System\LOCO.exe:*:Enabled:LOCO
"C:\Programme\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe" = C:\Programme\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe:*:Enabled:Darksiders II -- ()
"C:\Programme\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DunDefGame.exe" = C:\Programme\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DunDefGame.exe:*:Disabled:DunDefGame -- (Trendy Entertainment LLC)
"C:\AeriaGames\TribesAscendDE\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe" = C:\AeriaGames\TribesAscendDE\HiRezGames\tribes\Binaries\Win32\TribesAscend.exe:*:Enabled:TribesAscend -- (Hirez Studios, Inc.)
"C:\Programme\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe" = C:\Programme\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe:*:Enabled:Call of Duty: Modern Warfare 3 - Multiplayer -- ()
"C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\gunblade-dlm.exe" = C:\Dokumente und Einstellungen\Lutz\Eigene Dateien\gunblade-dlm.exe:*:Enabled:Gunblade Saga DLM
"C:\Programme\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe" = C:\Programme\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe:*:Enabled:Dungeon Defenders -- (Trendy Entertainment LLC)
"C:\gPotato.eu\SEVENCORE\SEVENCORE.exe.exe" = C:\gPotato.eu\SEVENCORE\SEVENCORE.exe.exe:*:Enabled:SEVENCORE Launcher
"C:\Programme\Steam\SteamApps\common\Global Agenda Live\Binaries\LauncherBin\HiRezLauncherUI.exe" = C:\Programme\Steam\SteamApps\common\Global Agenda Live\Binaries\LauncherBin\HiRezLauncherUI.exe:*:Enabled:Global Agenda -- (Hi-Rez Studios Inc.)
"C:\Programme\TERA\TERA-Launcher.exe" = C:\Programme\TERA\TERA-Launcher.exe:*:Enabled:TERA -- (Solid State Networks)
"C:\gPotato.eu\SEVENCORE\Launcher.exe" = C:\gPotato.eu\SEVENCORE\Launcher.exe:*:Enabled:SEVENCORE Launcher -- (NORIA Co., Ltd.)
"C:\gPotato.eu\SEVENCORE\SEVENCORE.exe" = C:\gPotato.eu\SEVENCORE\SEVENCORE.exe:*:Enabled:SEVENCORE -- (NORIA Co., Ltd.)
"C:\Programme\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe" = C:\Programme\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe:*:Enabled:Left 4 Dead 2 -- ()
"c:\BrickForce\BfLauncher.exe" = c:\BrickForce\BfLauncher.exe:*:Enabled:BFLauncher -- ()
"c:\BrickForce\BrickForce.exe" = c:\BrickForce\BrickForce.exe:*:Enabled:BrickForce -- ()
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{020519DC-C377-87A4-4FFA-2C04CAB6F06A}" = CCC Help Turkish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04FC6E53-33A5-B457-8EBD-370884B81E83}" = Catalyst Control Center Localization Norwegian
"{05204005-CEF4-AED1-6D55-19999BDDF5D9}" = Catalyst Control Center Localization All
"{053BE69E-4EFE-3621-3613-30080CD26070}" = Catalyst Control Center Graphics Previews Common
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0BD8FCF6-9FA0-8CCA-7CC3-4A3A3663EF26}" = ccc-utility
"{0CB61B75-A2BF-42FB-1441-4E1E0E478FFF}" = CCC Help French
"{0D0913E6-8809-DC22-4771-6E4A0C69C1D9}" = Catalyst Control Center Localization French
"{0EACF2A3-B998-5B20-B9D1-E69385584142}" = CCC Help Hungarian
"{0FC28F52-5BE9-B6A6-0E47-040F04A9AE3F}" = CCC Help Danish
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{12270803-2287-60C7-F010-73A35969FA9D}" = ccc-utility
"{12453E04-9738-4D16-8408-D726532C2C69}" = ASUS VGA Driver
"{1402D7D3-548E-C8D9-1B56-94DF70CA52DB}" = CCC Help French
"{1545207E-C6F3-31D7-9918-BDBB65075FBF}" = Microsoft .NET Framework 3.5 Language Pack - deu
"{155BD1DE-E53B-1F1A-A6CC-08EF3A2684E9}" = CCC Help Chinese Standard
"{1592B9A6-E23D-4B57-9D3D-BB98F1EF55F6}" = SEVENCORE
"{1605416F-1546-EB43-4000-F64170D3DE25}" = Catalyst Control Center Graphics Full New
"{1705D880-A64E-96B8-1623-446CB4243BCC}" = CCC Help Portuguese
"{17B6DDE9-2E5F-1E6A-5376-EBEA92523C1F}" = CCC Help Chinese Traditional
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{190601AF-7BE4-046E-CEBF-14EE74434250}" = AMD Catalyst Install Manager
"{197B13CD-0597-C06D-9E06-3732E7A5459B}" = Catalyst Control Center Localization Spanish
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1D892DE7-FA53-6CCB-A755-FFC8CDD58CCB}" = CCC Help Czech
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{248C0F3C-D1E8-3169-6711-00F34C307F7A}" = CCC Help Swedish
"{24990A39-5F20-4FCA-BAFE-EEF1E4800709}" = Catalyst Control Center - Branding
"{25FB0FCE-0B93-976A-C0A5-3ADE26A5DC95}" = Catalyst Control Center Localization Greek
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{27AB4200-EAAF-CB24-D5B4-40B761E573D3}" = CCC Help Polish
"{2A2A9154-534C-8430-5C8C-F197D51E3647}" = CCC Help Polish
"{2B07D8A3-0BE7-B8BC-E295-040333F74CB4}" = Catalyst Control Center Localization Polish
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding
"{30C01299-554C-4B62-BD0F-849F43E01C91}_is1" = Pokemon World Online version 1.83
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy Gamepad tool 0.7.0000
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{346BA3F6-660A-81A1-D8FA-659465AF5F16}" = ccc-core-preinstall
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{357DD2C5-542F-BCD1-E74E-5993A233F3CA}" = CCC Help Dutch
"{39B8EE1D-82D5-4DF0-A619-2C84844254D1}_is1" = MCSkin3D version 1.4
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}" = Tribes Ascend
"{3DE8E48A-E70F-6E27-383D-4685A622A0DF}" = CCC Help Japanese
"{3E2D47BE-3896-CD6A-5333-634E8F4E1D09}" = CCC Help Chinese Traditional
"{3EDF7996-B5DD-7217-329E-E51EA50B8B08}" = Catalyst Control Center Localization Korean
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F533CDF-4EB7-942C-83C7-DA703DBF0D3A}" = Catalyst Control Center Graphics Light
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40CD278E-33C2-6916-EFA6-DCBF7709060A}" = CCC Help English
"{40F6E633-21A9-6997-CF86-B47ED7B246EF}" = CCC Help Italian
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1" = Dragonica Version TEST
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C8E654C-8B9C-1A3E-651D-214E9019A8C6}" = Catalyst Control Center Localization Portuguese
"{4FC31A14-3D58-4F8F-85DA-EB3EBC771252}" = Catalyst Control Center - Branding
"{51D29783-1876-9A77-3CE2-018F09FB8876}" = CCC Help Russian
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{52B76707-AD64-B360-F331-7D7716A2EF4E}" = CCC Help Spanish
"{53F042B0-48F9-D28E-41BA-8AEB7144A664}" = Catalyst Control Center Localization Japanese
"{5454085C-129F-416C-9C0B-8B1000048301}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000048302}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5454085C-129F-416C-9C0B-8B1000058302}" = BioShock 2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B9C7C4F-A1CB-11E0-9E40-0013D3D69929}" = Vegas Pro 10.0
"{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
"{5E541DAB-6F2C-62F1-3212-F421792E9409}" = CCC Help Korean
"{6141BE08-A14D-2E76-1C9B-C9B724E93F8F}" = CCC Help Czech
"{626D1263-11EB-8469-BDCD-F44464AFAB42}" = Catalyst Control Center Core Implementation
"{66A6BF87-5B94-4EA9-A8F8-C1DB619407D3}" = MySpeed Plug-In Beta v2.11
"{6A322AF6-94C0-C303-548F-EFBC0EE3FAC6}" = Catalyst Control Center Localization Dutch
"{6BF91072-94EE-9E98-3B0B-C1A77656CA88}" = CCC Help Swedish
"{70969B6E-F12C-A3C9-EBAC-BD9C0F3F6E44}" = CCC Help Korean
"{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71702641-2849-45A4-8E62-4B85974B24A0}_is1" = BumpTop
"{71CD0D37-EF43-438F-7AE6-D49DE09C7B55}" = Catalyst Control Center Localization Danish
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7353B605-741D-C35E-7334-468FE2A4E9CB}" = Skins
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79AA6806-69E1-7A15-9B8A-C3E36065B1FE}" = CCC Help Greek
"{7B0450BA-BD15-C54A-C9EA-3E4C68722101}" = CCC Help English
"{7BCCA0F5-4A74-2352-CFE6-04DABA6D5D28}" = Catalyst Control Center Graphics Full Existing
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{81A917A1-DBA3-3639-53DA-B6E833D41A57}" = ccc-utility
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87A0FED6-9A2A-3BDE-FBB9-B44DBB9EC9F1}" = Catalyst Control Center Localization Turkish
"{87A90A22-0F2C-EE18-9333-E8F6DC71256C}" = Skins
"{8921E7CF-F47B-781E-E7AA-653E2AB2FD5B}" = Catalyst Control Center Graphics Previews Common
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9309DD7E-EBFE-3C95-8B47-30D3A012F606}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - DEU
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98125266-1C84-5858-07AD-07983DFFAA60}" = Catalyst Control Center Localization Russian
"{9862B19F-4CAD-4EED-920F-2F378D84393F}" = ATI Parental Control & Encoder
"{98C2D59E-7B49-30F8-3A15-6A8428AFA3B9}" = Catalyst Control Center Localization Chinese Traditional
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1F24C5-03E3-4DAA-B935-E7C971003F0E}" = Aeria Ignite
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend"
"{9F011792-C1AD-6D49-7418-703D17F710CC}" = CCC Help Turkish
"{A0A087E5-149E-EC75-F45D-3A3C04344B4A}" = Catalyst Control Center Graphics Previews Common
"{A1071AEB-B0EF-3F5F-BC84-83A270EBE496}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - DEU
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2DB9340-8ECB-A16D-7AEC-8A0D72217A09}" = CCC Help German
"{A2F166A0-F031-4E27-A057-C69733219435}_is1" = RaiderZ
"{A2S166A0-F031-4E27-A057-C69733219434}_is1" = TERA
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A9106BA5-3F1E-3528-93A7-2761CA0BFAD8}" = ccc-utility
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB8CAAA2-39EC-A896-8388-21F7C92BF91D}" = CCC Help Finnish
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B193E6AB-0FEE-664B-7458-63575F668F56}" = CCC Help Danish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7CE4105-2F9F-1FC4-9D76-E26CEBF689B9}" = CCC Help Norwegian
"{B9A46A4E-374E-5329-B26C-24A745AA7762}" = Catalyst Control Center Localization Finnish
"{BAAB1EE0-3A14-4137-95D4-8ED2149804DC}" = Worms 3D Patch
"{BC2B6E0B-6932-FCFD-4DA2-2AB184B87320}" = CCC Help Italian
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C123A6B5-8243-75C7-5CAD-A7E06C051D38}" = CCC Help German
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C191BE7C-8542-4A61-973A-714EF76C5995}" = Logitech QuickCam-Software
"{C205EF8A-AC71-1A3C-DFCC-C2AC36D8A7B4}" = Catalyst Control Center Localization Swedish
"{C85C8CE6-CA92-7CDC-75C3-AA9C22E7FD75}" = ccc-utility
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{C9E45C84-9BFE-1121-00CD-9F0CC9B75BD3}" = CCC Help Thai
"{CAB81583-0310-43E1-8E33-0864985EDD67}" = trakAxPC
"{CABB5874-1452-637A-110B-883189586282}" = Catalyst Control Center Localization Hungarian
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CC67DD84-77C6-C9F8-FA03-953F1C1C92A9}" = Catalyst Control Center InstallProxy
"{CDD165A8-6D7F-3FE3-09BD-03052685294D}" = CCC Help Hungarian
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0A32C98-F715-6A4B-688D-275AA1393ED8}" = CCC Help Greek
"{D1A3418D-0275-1516-6622-AF377B272CA0}" = CCC Help Dutch
"{D1AD3651-EE2F-5221-D595-36A2ED3D5E75}" = Catalyst Control Center Localization Italian
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D380A631-0EFD-8325-D2DD-774A7ADDB628}" = ccc-core-static
"{D41DA7B0-DE4C-20A5-FC4C-F00327548F0D}" = CCC Help English
"{D5679765-FADA-54E8-774E-748294020B96}" = CCC Help Russian
"{D7739941-59D4-F971-A68B-0318CFBE02D6}" = ccc-utility
"{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}" = Canon PhotoRecord
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}" = Star Wars Republic Commando
"{E10761C7-F0F0-BC29-51E5-6F4886D5E72A}" = Catalyst Control Center Localization Chinese Standard
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E306DBFD-E7A1-F65F-D652-99FEDE639AF9}" = Catalyst Control Center Localization German
"{EE086612-CE52-3402-18D5-DDFEE2F87CE8}" = CCC Help Finnish
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0BC7117-A5C8-D34E-72DE-D17E2B7BA2E5}" = CCC Help Norwegian
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2320CBF-B5A5-78A9-1E8E-D48DAF1E022D}" = CCC Help Thai
"{F31A1CA0-6F8B-F897-C8CA-7C64616582A0}" = CCC Help Spanish
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F45B51DC-F6EA-0335-44B3-92395CEB782B}" = Catalyst Control Center Localization Thai
"{F5489F73-F631-6CEE-72ED-3B9E0C312F96}" = CCC Help Japanese
"{F55671E5-16AB-4A09-14C0-F53921535C25}" = Catalyst Control Center Localization Czech
"{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
"{F90D9C89-7918-7994-66CC-513C4A92D3A6}" = Catalyst Control Center Graphics Previews Common
"{FB7EBC2F-D27E-A906-28BF-58FE48F4F1D8}" = CCC Help Chinese Standard
"{FD27D456-ED8A-4027-A1E4-BBF95FAF4799}" = Easy Driver Pro
"{FE163F11-1919-4257-A280-FF5AF8DAEECB}" = ICQ Sparberater
"{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}" = Pinnacle VideoSpin
"{FEE777F9-EE4E-4504-8CCC-528270A4992A}" = CCC Help Portuguese
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Aeria Ignite" = Aeria Ignite
"Aeria Ignite 1.11.2111" = Aeria Ignite
"Akamai" = Akamai NetSession Interface
"Audacity_is1" = Audacity 1.2.6
"avast" = avast! Free Antivirus
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"BrickForce" = BrickForce 1.9.87
"Brutal Chess" = Brutal Chess
"CABAL Online (Europe)_is1" = CABAL Online Europe (Europe)
"CANONBJ_Deinstall_CNMCP64.DLL" = Canon PIXMA iP4000
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-PrintToolBox" = Canon Utilities Easy-PrintToolBox
"ESET Online Scanner" = ESET Online Scanner v3
"Fiesta Online DE" = Fiesta Online DE 1.04.053
"Fireworks Free Screensaver" = Fireworks Free Screensaver (remove only)
"FlashSaver_Feuerwerksbildschirmschoner(1)" = Feuerwerksbildschirmschoner(1)
"Fraps" = Fraps (remove only)
"Free Studio_is1" = Free Studio version 5.0.8
"Free Video Converter_is1" = Free Video Converter V 3.0
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.7.718
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to iPhone Converter_is1" = Free YouTube to iPhone Converter version 2.11.5.722
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.23.1123
"Game Booster_is1" = Game Booster 3
"Google Chrome" = Google Chrome
"GrandFantasia-DE" = GrandFantasia-DE
"HyperCam 2" = HyperCam 2
"ie8" = Windows Internet Explorer 8
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{5D7767FA-7FE8-4627-9F09-AEF7A25F1E07}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.1 Patch
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{E5141379-B2D9-4BBC-BB2A-5805541571DD}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
"InterActual Player" = InterActual Player
"loadtbs-2.1" = loadtbs-2.1
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"ManyCam" = ManyCam 2.6.43 (remove only)
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack - deu" = Microsoft .NET Framework 3.5 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Notepad++" = Notepad++
"NSchach3a_is1" = N Schach 3
"OpenAL" = OpenAL
"Opera 12.12.1707" = Opera 12.12
"PicPick" = PicPick
"Pivot 3.2 Beta Deutsch" = Pivot 3.2 Beta Deutsch
"PunkBusterSvc" = PunkBuster Services
"QcDrv" = Logitech® Camera-Treiber
"Real Desktop Professional_is1" = Real Desktop 1.68 Professional
"Scott's Wallpaper Switcher_is1" = Scott's Wallpaper Switcher v 1.7
"SilkroadR" = SilkroadR
"SMPlayer" = SMPlayer 0.8.0
"Snoqualmie" = Snoqualmie 1.0
"Steam App 17020" = Global Agenda
"Steam App 17330" = Crysis Warhead
"Steam App 17340" = Crysis Wars
"Steam App 218" = Source SDK Base 2007
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 50650" = Darksiders II
"Steam App 550" = Left 4 Dead 2
"Steam App 65800" = Dungeon Defenders
"T4EPlayer" = T4E Player
"T4EPlayer_Skins" = T4E Player Skins
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"Tribes Ascend DE" = Tribes Ascend DE
"Uninstall_is1" = Uninstall 1.0.0.1
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.1.4
"WarOfAngels" = War of Angels
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"Wisdom-soft Set up ASR 3.1 Free" = Wisdom-soft Set up ASR 3.1 Free
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xfire" = Xfire (remove only)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-448539723-436374069-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"FoxTab 3GP Converter" = FoxTab 3GP Converter
"Game Organizer" = EasyBits GO
"Kies Air Discovery Service" = Kies Air Discovery Service
"SOE-DC Universe Online Live" = DC Universe Online Live
"SOE-DC Universe Online Live PSG (2)" = DC Universe Online Live (2)
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.01.2013 09:41:56 | Computer Name = ZOCKER | Source = MsiInstaller | ID = 11609
Description =
Error - 23.01.2013 10:14:59 | Computer Name = ZOCKER | Source = Userenv | ID = 1090
Description = Der Sitzungsstatus des Richtlinienergebnissatzes konnte nicht protokolliert
werden. Ein Verbindungsversuch mit WMI ist fehlgeschlagen. Für diese Anwendung
der Richtlinie wird keine Richtlinienergebnissatz-Protokollierung durchgeführt.
Error - 24.01.2013 08:18:37 | Computer Name = ZOCKER | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 25.01.2013 09:22:17 | Computer Name = ZOCKER | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 25.01.2013 10:06:26 | Computer Name = ZOCKER | Source = Google Update | ID = 20
Description =
Error - 25.01.2013 13:06:26 | Computer Name = ZOCKER | Source = Google Update | ID = 20
Description =
Error - 25.01.2013 14:51:40 | Computer Name = ZOCKER | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 26.01.2013 06:21:37 | Computer Name = ZOCKER | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 26.01.2013 06:33:38 | Computer Name = ZOCKER | Source = PerfNet | ID = 2004
Description = Der Serverdienst konnte nicht geöffnet werden. Die Server-Leistungsinformationen
werden
nicht zurückgegeben. Der zurückgegebene Fehlercode befindet sich in DWORD 0.
Error - 26.01.2013 12:01:29 | Computer Name = ZOCKER | Source = JavaQuickStarterService | ID = 1
Description =
[ System Events ]
Error - 26.01.2013 06:22:48 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:22:48 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:22:48 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:23:11 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:24:14 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:24:14 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:24:14 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:24:14 | Computer Name = ZOCKER | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1058" aufgetreten, als der Dienst "winmgmt"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Error - 26.01.2013 06:34:14 | Computer Name = ZOCKER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
i8042prt
Error - 26.01.2013 06:37:25 | Computer Name = ZOCKER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
i8042prt
< End of report >
|
|
27.01.2013, 17:17
| #20 |
| /// TB-Ausbilder | GVU Virus Computer wurde gesperrt Hallo, well done. Jetzt ist alles wieder im grünen Bereich. Falls von deiner Seite keine Probleme mehr offen sind, dann müssen wir nur noch aufräumen: Schritt 1 Den ESET Online Scanner kannst du behalten, um ab und zu für eine Zweitmeinung dein System damit zu scannen. Falls du ESET aber deinstallieren möchtest, dann: Drücke bitte die  + R Taste, kopiere folgenden Text in das Ausführen FensterCode:
ATTFilter "%ProgramFiles%\Eset\Eset Online Scanner\OnlineScannerUninstaller.exe"
Schritt 2 Downloade dir bitte delfix auf deinen Desktop.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
27.01.2013, 18:14
| #21 |
| | GVU Virus Computer wurde gesperrt Ich bedanke mich vielmals für deine Hilfe. Der Trojaner ist weg und mein System wider aufbereitet. Alles läuft so wies sein soll. Viele Dank  |
|
27.01.2013, 18:23
| #22 |
| /// TB-Ausbilder | GVU Virus Computer wurde gesperrt Danke für die Rückmeldung. Freut mich, dass wir helfen konnten.  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu GVU Virus Computer wurde gesperrt |
| 100 euro zahlen, abgesicherte, abgesicherten, arten, bereits, besitz, compu, computer, entsperrt, euro, forum, frage, fragen, gefunde, gesperrt, gvu win xp, lösung, modus, sperrt, starte, starten, troja, trojaner, trojaner - ihr computer wurde gesperrt, virus, webcam, windows, windows xp |
Linear-Darstellung
