Internet lahmgelegt - Ddos / Anpingen?
Hallo liebes TB-Team,
Also mein Problem ist folgendes:
Seit gestern Abend ist mein Internet sogut wie lahmgelegt. Seiten aufzubauen dauern sehr lange und bricht oftmals einfach ab. Ich Downloade nicht mehr mit voller Geschwindigkeit ( zumindest meiner Meinung nach ), und der Ping schwankt beispielwesie bein Onlinegames von normal zb. 30 hoch auf 150, mal wiede runter auf 75 wieder hoch etc. , sprich wilkürlich.
Die Vermutung das es daran liegt das ich von einem anderen Rechner geDosd werde oder ähnliches, liegt daran, dass ich gestern mit drei Freunden in einem Voicechatt war, wir gegen ein gegnerisches Team gespielt haben, und nach deren vermeindlichen Niederlage bei allen dreien von uns das Internet wie oben beschrieben so gut wie down ist. Router RR bringt 2-5 Minuten was aber auch nicht ernsthaft irgendwelche Besserungen.
Ich kenne mich leider nicht sehr gut aus mit solchen Beschwerden, und hoffe das ich hier vielleicht schnelle und gute Hilfe bekommen kann =/
Was mir persönlich noch aufgefallen ist wenn ich per cmd - netstate öffne steht dort zu haufe
TCP 192.168.178.35:49170 217.118.170.204:http FIN_WARTEN_1
TCP 192.168.178.35:49171 217.118.170.204:http FIN_WARTEN_1
TCP 192.168.178.35:49172 217.118.170.204:http FIN_WARTEN_1
TCP 192.168.178.35:49173... usw.
War der erste Anhaltspunkt der mir eingefallen ist, da ich wie gesagt, mich da leider nicht so wahnsinnig gut auskenne.
Anbei dürften die Log Daten von MAM sein, sowie die von OTL
Benutzen tue ich die FritzBox 7270.
Bin natürlich für alle Fragen offen!
Mit freundlichen Grüßen
Jakob Code:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Datenbank Version: 6039
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
13.03.2011 10:28:29
mbam-log-2011-03-13 (10-28-29).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 159351
Laufzeit: 1 Minute(n), 1 Sekunde(n)
Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 6
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4
Infizierte Speicherprozesse:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> 1688 -> Not selected for removal.
c:\program files (x86)\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 2932 -> Not selected for removal.
Infizierte Speichermodule:
c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Not selected for removal.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\program files (x86)\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\program files (x86)\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
c:\program files (x86)\pdfforge toolbar\IE\4.3\pdfforgetoolbarie.dll (PUP.Dealio) -> Not selected for removal.
c:\program files (x86)\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal.
Code:
OTL logfile created on: 13.03.2011 09:01:49 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jakob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 468,71 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Computer Name: JAKOB-PC | User Name: Jakob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jakob\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jakob\AppData\Roaming\Microsoft_Updates_2011\Updater.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
========== Modules (SafeList) ==========
MOD - C:\Users\Jakob\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Creative HOAL Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
========== Driver Services (SafeList) ==========
DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (hidusbf) -- C:\Windows\SysNative\drivers\hidusbf.sys (SweetLow)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)
DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)
DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (skfiltv) -- C:\Windows\SysNative\drivers\skfiltv.sys (Creative Technology Ltd.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (SSHDRV76) -- C:\Windows\SysWOW64\drivers\SSHDRV76.sys ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6D 59 F8 72 37 70 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.3
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.3
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.6&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.05 09:43:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.05 09:43:14 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.01.03 17:25:07 | 000,000,000 | ---D | M]
[2010.10.21 20:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Extensions
[2010.10.21 20:52:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.03.12 21:14:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions
[2010.12.13 18:55:22 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.11.22 22:49:40 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.10.21 18:15:40 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.02.28 10:32:13 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.02.28 10:32:12 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.09 17:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.02.28 10:32:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jakob\AppData\Roaming\mozilla\Firefox\Profiles\01v8ntna.default\extensions\staged-xpis
[2011.03.08 22:00:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.20 17:13:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.11.22 22:46:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.28 10:06:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.03.08 22:00:13 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\WTXPCOM
[2011.03.08 22:00:13 | 000,000,000 | ---D | M] (pdfforge Toolbar) -- C:\PROGRAM FILES (X86)\PDFFORGE TOOLBAR\FF
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.10.12 21:24:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.12 21:24:52 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.12 21:24:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.12 21:24:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.12 21:24:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.11.06 20:45:56 | 000,424,779 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 14636 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\4.3\pdfforgeToolbarIE.dll (Spigot, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CookiePatrol] C:\PROGRA~2\PESTPA~1\CookiePatrol.exe (Computer Associates International)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PestPatrol Control Center] C:\PROGRA~2\PESTPA~1\PPControl.exe ()
O4 - HKLM..\Run: [PestPatrolCL] File not found
O4 - HKLM..\Run: [PPMemCheck] C:\PROGRA~2\PESTPA~1\PPMemCheck.exe ()
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Updater.exe] C:\Users\Jakob\AppData\Roaming\Microsoft_Updates_2011\Updater.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Programme\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jakob\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jakob\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jakob\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Jakob\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0cba7d49-4bd5-11e0-8472-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{0cba7d49-4bd5-11e0-8472-00ff01000001}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{f42bb76a-2eec-11e0-a52f-00ff01000001}\Shell - "" = AutoRun
O33 - MountPoints2\{f42bb76a-2eec-11e0-a52f-00ff01000001}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.03.13 08:56:14 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Malwarebytes
[2011.03.13 08:56:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.03.13 08:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.03.13 08:56:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.03.13 08:56:04 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.03.13 08:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.03.13 08:42:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2011.03.13 07:45:43 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PestPatrol
[2011.03.13 07:45:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PestPatrol
[2011.03.13 07:45:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PestPatrol
[2011.03.13 01:34:56 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\TrojanHunter
[2011.03.13 01:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.3
[2011.03.13 01:30:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojancheck 6
[2011.03.13 00:51:12 | 000,000,000 | ---D | C] -- C:\kav
[2011.03.12 22:13:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011.03.12 11:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2011.03.12 11:42:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2011.03.12 11:42:18 | 000,000,000 | -HSD | C] -- C:\Users\Jakob\AppData\Roaming\Microsoft_Updates_2011
[2011.03.11 16:09:29 | 000,000,000 | ---D | C] -- C:\Users\Jakob\Desktop\bin
[2011.03.09 16:38:05 | 000,000,000 | R--D | C] -- C:\Users\Jakob\Dropbox
[2011.03.09 16:37:04 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011.03.09 16:36:47 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Dropbox
[2011.03.09 06:57:00 | 001,540,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.03.09 06:57:00 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.03.09 06:57:00 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.03.09 06:57:00 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.03.09 06:56:59 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.03.09 06:56:58 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.03.09 06:56:58 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.03.09 06:56:58 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.03.09 06:56:58 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.03.09 06:56:58 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.03.09 06:56:58 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.03.09 06:56:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.03.09 06:56:57 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2011.03.09 06:56:57 | 002,690,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2011.03.09 06:56:57 | 001,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2011.03.09 06:56:57 | 001,034,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2011.03.08 22:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Application Updater
[2011.03.08 22:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Spigot
[2011.03.08 22:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pdfforge Toolbar
[2011.03.08 21:59:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2011.03.08 21:59:45 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2011.03.08 21:59:45 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2011.03.08 21:59:44 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2011.03.08 21:59:44 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2011.03.08 21:59:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2011.03.08 21:59:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2011.03.08 21:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2011.02.28 10:06:43 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.02.28 10:06:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.02.28 10:06:43 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.02.28 08:48:17 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\.minecraft
[2011.02.28 08:38:08 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Sun
[2011.02.26 14:14:40 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\InstallShield Installation Information
[2011.02.26 14:14:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 3 (LG)
[2011.02.26 14:08:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3 (LG)
[2011.02.25 23:48:42 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.02.25 23:48:38 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.02.25 23:48:37 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.02.25 23:48:37 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.02.25 23:48:37 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.02.25 23:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.02.25 23:48:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.02.25 23:47:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.02.24 20:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\r.u.s.e
[2011.02.24 17:07:00 | 000,000,000 | ---D | C] -- C:\Users\Jakob\Documents\Roaming
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2011.02.24 15:49:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2011.02.24 15:47:20 | 004,514,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2011.02.24 15:47:20 | 002,264,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2011.02.24 15:47:20 | 001,210,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2011.02.24 15:47:20 | 000,360,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2011.02.24 15:32:54 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2011.02.24 15:32:54 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcvmm.sys.mui
[2011.02.24 15:32:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2011.02.24 15:32:54 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2011.02.24 15:32:53 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2011.02.24 15:32:53 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2011.02.24 15:32:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2011.02.24 15:32:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2011.02.24 15:32:51 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2011.02.24 15:32:51 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2011.02.24 15:32:51 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2011.02.24 15:32:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2011.02.24 15:32:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2011.02.24 15:32:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2011.02.24 15:32:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2011.02.24 15:32:50 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2011.02.24 15:32:50 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2011.02.24 15:32:50 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcusb.sys.mui
[2011.02.24 15:32:48 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2011.02.24 15:32:47 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2011.02.24 15:32:46 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2011.02.24 15:20:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.02.24 15:20:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.02.24 15:07:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SSI
[2011.02.24 15:06:04 | 000,305,664 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2011.02.23 22:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paradox Interactive
[2011.02.23 15:46:11 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.02.23 15:46:11 | 000,475,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.02.23 15:46:11 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.02.23 15:46:11 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.02.16 10:33:41 | 000,000,000 | ---D | C] -- C:\Users\Jakob\Desktop\Sourcejunkies
[2011.02.15 15:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4PL-Insight
[2011.02.13 22:32:33 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CoffeeCup Software
[2011.02.13 22:32:33 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\CoffeeCup Software
[2011.02.13 22:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CoffeeCup Software
[2011.02.13 22:32:28 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2011.02.13 22:32:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
[2011.02.13 22:32:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CoffeeCup Software
[2011.02.13 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Roaming\GlobalSCAPE
[2011.02.13 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\Jakob\AppData\Local\GlobalSCAPE
[2011.02.13 22:17:51 | 000,000,000 | ---D | C] -- C:\ProgramData\GlobalSCAPE
[2011.02.11 12:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.03.13 08:56:07 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.13 07:45:51 | 000,001,736 | ---- | M] () -- C:\Windows\SetupPestPatrolCorporate.mif
[2011.03.13 07:20:02 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.13 07:20:02 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.13 07:17:21 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.13 07:17:21 | 000,655,802 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.03.13 07:17:21 | 000,616,348 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.13 07:17:21 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.03.13 07:17:21 | 000,106,728 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.13 07:12:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.13 07:12:43 | 3219,300,352 | -HS- | M] () -- C:\hiberfil.sys
[2011.03.13 01:32:11 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll
[2011.03.11 16:11:52 | 000,096,220 | ---- | M] () -- C:\Users\Jakob\Desktop\ItemslistV110.png
[2011.03.11 08:33:51 | 000,149,504 | ---- | M] () -- C:\Users\Jakob\AppData\Roaming\SharedSettings.ccs
[2011.02.21 16:59:58 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.21 16:59:52 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.21 16:59:52 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.19 07:37:10 | 001,540,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.02.19 07:36:49 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.02.19 06:32:48 | 001,074,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\DWrite.dll
[2011.02.19 06:32:35 | 000,739,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\d2d1.dll
[2011.02.18 13:10:36 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.02.18 13:06:02 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.02.18 13:06:00 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.02.18 13:05:56 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.02.18 13:05:52 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.02.14 15:47:10 | 000,005,120 | ---- | M] () -- C:\Users\Jakob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.03.13 08:56:07 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.03.13 07:45:21 | 000,001,736 | ---- | C] () -- C:\Windows\SetupPestPatrolCorporate.mif
[2011.03.13 01:32:06 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll
[2011.03.11 16:11:51 | 000,096,220 | ---- | C] () -- C:\Users\Jakob\Desktop\ItemslistV110.png
[2011.03.08 21:59:45 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2011.02.25 23:48:37 | 000,002,205 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.02.21 16:59:54 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.21 16:59:52 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.21 16:59:52 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.13 22:32:32 | 000,149,504 | ---- | C] () -- C:\Users\Jakob\AppData\Roaming\SharedSettings.ccs
[2011.02.08 16:20:03 | 000,001,129 | ---- | C] () -- C:\Windows\Settings.ini
[2011.01.24 09:24:14 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\GkSui18.EXE
[2011.01.21 17:52:14 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.03 23:13:16 | 000,000,132 | ---- | C] () -- C:\Users\Jakob\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.01.03 19:00:03 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfot.dat
[2010.12.04 19:26:58 | 000,128,512 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010.12.04 19:26:58 | 000,069,120 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010.11.23 17:01:23 | 000,001,442 | ---- | C] () -- C:\Windows\cwxdbb48.ini
[2010.11.23 17:01:22 | 000,004,303 | ---- | C] () -- C:\Windows\jcxq_pzk48.ini
[2010.11.12 21:29:00 | 000,005,120 | ---- | C] () -- C:\Users\Jakob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.10 16:11:45 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\SSHDRV76.sys
[2010.10.20 09:44:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.20 09:42:17 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.10.07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008.10.07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008.10.07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008.09.19 00:49:26 | 000,001,209 | ---- | C] () -- C:\Windows\skSPcfg.ini
[2008.09.19 00:49:24 | 000,000,381 | ---- | C] () -- C:\Windows\skMCcfg.ini
[2007.12.06 08:53:48 | 000,001,209 | R--- | C] () -- C:\Windows\xfiskcfg.ini
========== LOP Check ==========
[2011.03.11 16:10:49 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\.minecraft
[2011.02.13 22:49:02 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\CoffeeCup Software
[2010.10.30 11:53:48 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\DAEMON Tools Lite
[2011.03.10 08:39:41 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Dropbox
[2011.02.19 18:12:46 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.02.24 14:14:00 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\FileZilla
[2010.11.27 11:53:05 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\GHISLER
[2011.02.13 22:17:51 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\GlobalSCAPE
[2011.03.13 01:24:43 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\HLSW
[2011.03.07 10:58:58 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\ICQ
[2011.03.13 01:24:43 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\IrfanView
[2011.02.06 19:42:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Octoshape
[2010.10.20 17:15:12 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\OpenOffice.org
[2011.01.30 20:39:47 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Publish Providers
[2011.03.13 01:24:42 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Rainmeter
[2011.01.30 20:39:45 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Sony
[2011.01.31 15:30:46 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Sony Creative Software Inc
[2010.10.21 20:52:32 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\Thunderbird
[2011.03.13 01:34:56 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TrojanHunter
[2011.03.13 01:24:42 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TS3Client
[2011.02.25 23:48:31 | 000,000,000 | ---D | M] -- C:\Users\Jakob\AppData\Roaming\TuneUp Software
[2011.01.18 13:43:29 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
Code:
OTL Extras logfile created on: 13.03.2011 09:01:49 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Jakob\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 596,07 Gb Total Space | 468,71 Gb Free Space | 78,63% Space Free | Partition Type: NTFS
Computer Name: JAKOB-PC | User Name: Jakob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{203DE003-C392-FF19-BCA2-3F775477BC94}" = AMD Drag and Drop Transcoding
"{33A49BF2-CB4F-5E54-D7F5-25502CAB6B70}" = ATI AVIVO64 Codecs
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{397878FC-1B1B-EED7-04A8-3184CE494A3B}" = ATI Catalyst Install Manager
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{752CCAEE-8E33-DE50-9454-B377A2205193}" = ccc-utility64
"{77B8B4A5-EE79-4907-A318-2DA86325B8D7}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{E5C95CA5-4565-4B9D-97ED-05088D775614}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ESL Wire_is1" = ESL Wire 1.9.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00FE2654-4377-8F53-55F4-83B70EE44C73}" = CCC Help Dutch
"{01DD9D3D-FA8A-E148-008D-5CDF1BE8911F}" = CCC Help Korean
"{02F5BD83-B529-37E3-B5DF-32ABC7EC63C4}" = ccc-core-static
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{072224C5-0C98-0902-9A71-89D4A8F3E810}" = CCC Help Thai
"{1229D58B-9185-4F85-71B2-4B34EBF8AD17}" = CCC Help Italian
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24
"{27C6CB2E-415B-6020-91FC-BA5CE3B912AC}" = CCC Help Russian
"{29656550-8463-258C-55BA-5C4F7950DBDE}" = CCC Help Portuguese
"{41B21B1F-950E-13FC-57C7-2AC44B196223}" = Catalyst Control Center Graphics Previews Vista
"{48D5DBBA-7B60-B832-59DB-BE252C2E5A23}" = CCC Help Finnish
"{490F45FA-738D-5D4A-6B9D-DC1373ACF794}" = CCC Help Polish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53AFCE35-1653-91F4-8991-900731F32111}" = CCC Help Norwegian
"{568EF3B9-C672-E82A-BCD4-A88072578521}" = CCC Help Swedish
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5B3A354B-C059-4861-A85B-CA46F1089E15}" = Creative USB Headsets
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{654733F2-22EC-776F-9C2D-CF3C4F578768}" = CCC Help Danish
"{67ABC7E8-A241-F90D-0B04-5BB03428AF96}" = CCC Help Greek
"{6AA30800-F713-BB43-EDA2-1C380FE7FD63}" = Catalyst Control Center Localization All
"{6F235FE4-8EC6-3FAB-1739-A434BFE76E27}" = CCC Help Chinese Standard
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85090727-99E2-F1DC-1589-83D5AC986F3E}" = CCC Help Spanish
"{87323561-58BA-4D5B-BADA-A791B69D1705}" = Catalyst Control Center - Branding
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9EEA437C-F436-755C-6B39-1840A33F45CF}" = Catalyst Control Center InstallProxy
"{A05EF3DC-AAFA-6903-433D-0F383F5F4EC3}" = CCC Help German
"{A0B139A7-E8D5-49E8-A7BF-12421E652208}" = pdfforge Toolbar v4.3
"{A317EF8E-66FB-94B6-C4FA-96A0AED1AB2F}" = CCC Help Chinese Traditional
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.2 - Deutsch
"{B2AF5585-FACF-7760-5C68-F2DC6BBACE47}" = CCC Help Czech
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BCA434F2-A541-F63E-890C-F5D14E5B33D0}" = CCC Help English
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4406DB6-A28D-8047-7704-94A8DE7F6A68}" = CCC Help Hungarian
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D5134D14-A38D-A217-4310-5C8B6DFA08D0}" = HydraVision
"{D79E2563-3FDD-0A62-187A-5BE5F920F317}" = CCC Help Turkish
"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F538505D-D29C-6259-682C-E607D659B4B4}" = Catalyst Control Center Graphics Previews Common
"{F820F894-EC5F-D52A-F862-5B472EAFE69A}" = CCC Help French
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FFB4E67D-DEF9-30BC-39F6-E9C1B05539F9}" = CCC Help Japanese
"4PL-Insight" = 4PL-Insight!
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AudioCS" = Creative Audio-Systemsteuerung
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CoffeeCup Free FTP 4.3.2" = CoffeeCup Free FTP
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.02
"Fraps" = Fraps (remove only)
"Free YouTube Download_is1" = Free YouTube Download version 2.10.31
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9
"GameWiz32" = GameWiz32
"HLSW_is1" = HLSW v1.3.3.7b
"Host OpenAL" = Host OpenAL
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"mIRC" = mIRC
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter (remove only)
"RocketDock_is1" = RocketDock 1.3.5
"StarCraft II" = StarCraft II
"Steam App 100" = Counter-Strike: Condition Zero Deleted Scenes
"Steam App 240" = Counter-Strike: Source
"Steam App 260" = Counter-Strike: Source Beta
"Steam App 80" = Counter-Strike: Condition Zero
"SysInfo" = Creative Systeminformationen
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.4
"VTFEdit_is1" = VTFEdit 1.2.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.3.5.1
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.03.2011 11:03:09 | Computer Name = Jakob-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.03.2011 06:38:56 | Computer Name = Jakob-PC | Source = VSS | ID = 8194
Description =
Error - 12.03.2011 08:22:01 | Computer Name = Jakob-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.03.2011 20:18:27 | Computer Name = Jakob-PC | Source = System Restore | ID = 8200
Description =
Error - 12.03.2011 20:21:43 | Computer Name = Jakob-PC | Source = System Restore | ID = 8210
Description =
Error - 12.03.2011 20:22:15 | Computer Name = Jakob-PC | Source = System Restore | ID = 8200
Description =
Error - 12.03.2011 20:22:50 | Computer Name = Jakob-PC | Source = System Restore | ID = 8200
Description =
Error - 12.03.2011 20:25:44 | Computer Name = Jakob-PC | Source = System Restore | ID = 8210
Description =
Error - 12.03.2011 20:33:07 | Computer Name = Jakob-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tc6.exe, Version: 6.0.0.0, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: tc6.exe, Version: 6.0.0.0, Zeitstempel:
0x2a425e19 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001f63 ID des fehlerhaften Prozesses:
0xdc Startzeit der fehlerhaften Anwendung: 0x01cbe11603776749 Pfad der fehlerhaften
Anwendung: C:\Program Files (x86)\Trojancheck 6\tc6.exe Pfad des fehlerhaften Moduls:
C:\Program Files (x86)\Trojancheck 6\tc6.exe Berichtskennung: 76ed4894-4d09-11e0-ace8-00ff01000001
Error - 13.03.2011 02:45:03 | Computer Name = Jakob-PC | Source = MsiInstaller | ID = 10005
Description =
[ System Events ]
Error - 13.03.2011 02:12:41 | Computer Name = Jakob-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\SSHDRV76.sys
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 13.03.2011 02:13:08 | Computer Name = Jakob-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.03.2011 02:13:08 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.03.2011 02:13:08 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = PNRPSvc | ID = 102
Description =
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
beendet: %%-2140993535
Error - 13.03.2011 02:13:19 | Computer Name = Jakob-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%-2140993535
< End of report >
|
Internet lahmgelegt - Ddos / Anpingen?
(https://www.trojaner-board.de/96492-internet-lahmgelegt-ddos-anpingen.html)