Danke für die antwort!
Habe jetz schon die festplatte formatiert und windows7 neu installiert!
Soll ich das trotzdem vorsichtshalber noch machen?
MfG fnatic
Naja ich tue es einfach:
Malwarebytes Logfile: Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.08.13.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Pascal :: PASCAL-PC [Administrator]
13.08.2012 19:13:27
mbam-log-2012-08-13 (19-13-27).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 328491
Laufzeit: 19 Minute(n), 55 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) OTL Logfile 1: Code:
OTL logfile created on: 13.08.2012 19:58:52 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Pascal\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,97 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 68,55% Memory free
15,93 Gb Paging File | 13,33 Gb Available in Paging File | 83,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127,99 Gb Total Space | 99,13 Gb Free Space | 77,45% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 73,88 Gb Free Space | 48,17% Space Free | Partition Type: NTFS
Drive E: | 104,89 Gb Total Space | 50,85 Gb Free Space | 48,48% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Pascal\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe (Binary Fortress Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cd5d6686dd65a70df2bb47350e5565f2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d4e82d7d148d82bec5a0099f8c0a9d7c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\033c4be35e173939c647b9eab467f3ba\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\fe70d777535c215f4fe9f9def2b4c815\mscorlib.ni.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FLxHCIc) -- C:\Windows\SysNative\drivers\FLxHCIc.sys (Fresco Logic)
DRV:64bit: - (FLxHCIh) -- C:\Windows\SysNative\drivers\FLxHCIh.sys (Fresco Logic)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (cmuda3) -- C:\Windows\SysNative\drivers\cmudax3.sys (C-Media Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 3B 16 A7 6F 79 CD 01 [binary data]
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2875357547-857743034-3553125883-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.de"
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.08.13 18:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012.08.13 18:31:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions
[2012.08.13 18:31:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2875357547-857743034-3553125883-1000..\Run: [ASRockIES] File not found
O4 - HKU\S-1-5-21-2875357547-857743034-3553125883-1000..\Run: [DisplayFusion] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKU\S-1-5-21-2875357547-857743034-3553125883-1000..\Run: [zASRockInstantBoot] File not found
O4 - HKU\S-1-5-21-2875357547-857743034-3553125883-1001..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2875357547-857743034-3553125883-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C3CC317-971D-4AB1-872A-F8448B69A709}: DhcpNameServer = 192.168.2.1 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.23 12:50:30 | 000,000,103 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O33 - MountPoints2\{deaa02cc-e55c-11e1-a595-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{deaa02cc-e55c-11e1-a595-806e6f6e6963}\Shell\AutoRun\command - "" = F:\DVD-Start.exe -- [2012.02.17 16:51:46 | 008,874,368 | R--- | M] (Deutsche Telekom AG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 14 Days ==========
[2012.08.13 19:48:03 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\AppData\Roaming\Common
[2012.08.13 19:48:02 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\DisplayFusion
[2012.08.13 19:47:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
[2012.08.13 19:47:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DisplayFusion
[2012.08.13 19:47:02 | 000,000,000 | ---D | C] -- C:\Users\Pascal\Documents\DisplayFusion Backups
[2012.08.13 19:43:10 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.08.13 19:42:38 | 000,955,800 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2012.08.13 19:42:38 | 000,839,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.08.13 19:42:38 | 000,268,680 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.08.13 19:42:32 | 000,189,424 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.08.13 19:42:32 | 000,188,912 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.08.13 19:41:47 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.08.13 19:40:31 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Macromedia
[2012.08.13 19:40:31 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Macromedia
[2012.08.13 19:40:31 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Adobe
[2012.08.13 19:40:13 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.13 19:40:13 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.13 19:40:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.08.13 19:40:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.08.13 18:44:24 | 000,000,000 | ---D | C] -- C:\Symbols
[2012.08.13 18:37:11 | 000,000,000 | -HSD | C] -- C:\Boot
[2012.08.13 18:35:40 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Malwarebytes
[2012.08.13 18:35:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.13 18:35:30 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.13 18:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.13 18:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.13 18:31:28 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Mozilla
[2012.08.13 18:31:28 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Mozilla
[2012.08.13 18:31:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.08.13 18:31:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.08.13 18:31:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.08.13 18:27:51 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.08.13 18:27:51 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.08.13 18:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.08.13 18:27:48 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.08.13 18:27:48 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.08.13 18:27:47 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.08.13 18:27:45 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.08.13 18:27:45 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.08.13 18:27:09 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.08.13 18:27:09 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.08.13 18:26:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.08.13 18:26:59 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.08.13 18:18:38 | 001,142,648 | ---- | C] (mquadr.at software engineering und consulting GmbH) -- C:\Windows\SysWow64\M2ElevatedCalls.dll
[2012.08.13 18:18:38 | 000,948,600 | ---- | C] (mquadr.at software engineering) -- C:\Windows\SysWow64\M2ElevatedNetworkAdapters.dll
[2012.08.13 18:18:38 | 000,249,856 | ---- | C] (Nicomsoft Ltd.) -- C:\Windows\SysWow64\WiFiMan.dll
[2012.08.13 18:18:38 | 000,066,557 | ---- | C] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) -- C:\Windows\SysWow64\SSDPDiscovery.dll
[2012.08.13 18:18:37 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\PackageAware
[2012.08.13 18:14:14 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Dtag
[2012.08.13 18:14:12 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\mquadr.at
[2012.08.13 18:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.08.13 18:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.08.13 18:02:08 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.08.13 18:02:08 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.08.13 18:02:08 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.08.13 18:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.08.13 18:01:51 | 010,406,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2012.08.13 18:01:51 | 005,067,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2012.08.13 18:01:51 | 003,074,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2012.08.13 18:01:51 | 000,837,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2012.08.13 18:01:51 | 000,222,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2012.08.13 18:01:51 | 000,137,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2012.08.13 18:01:36 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.08.13 18:01:01 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.08.13 18:01:01 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.08.13 18:01:01 | 007,041,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012.08.13 18:01:01 | 001,533,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2012.08.13 18:01:01 | 001,454,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2012.08.13 18:01:01 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.13 18:01:01 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.13 18:01:00 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.08.13 18:01:00 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.08.13 18:01:00 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.08.13 18:01:00 | 013,205,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012.08.13 18:01:00 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.08.13 18:01:00 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.08.13 18:01:00 | 002,808,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012.08.13 18:01:00 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.08.13 18:01:00 | 002,458,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012.08.13 18:01:00 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.08.13 18:01:00 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.08.13 18:01:00 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.08.13 18:00:30 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.08.13 18:00:00 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.08.13 17:59:21 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.08.13 17:59:21 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.08.13 17:59:21 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.08.13 17:59:14 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.08.13 17:59:14 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.08.13 17:59:14 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.08.13 17:59:12 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic Inc
[2012.08.13 17:59:06 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.08.13 17:59:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.08.13 17:57:59 | 000,346,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2012.08.13 17:57:59 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012.08.13 17:57:23 | 008,151,040 | ---- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CMICNFG3.dll
[2012.08.13 17:57:23 | 000,200,704 | ---- | C] (C-Media) -- C:\Windows\SysWow64\CMPaOxy.dll
[2012.08.13 17:57:07 | 000,524,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012.08.13 17:56:29 | 000,000,000 | ---D | C] -- C:\TerraTec
[2012.08.13 17:56:05 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.08.13 17:56:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.08.13 17:56:03 | 000,831,488 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.08.13 17:56:03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.08.13 17:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.08.13 17:53:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\x64
[2012.08.13 17:53:24 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lang
[2012.08.13 17:53:23 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igxpun.exe
[2012.08.13 17:50:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.08.13 17:50:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.08.13 17:50:07 | 000,000,000 | ---D | C] -- C:\Intel
[2012.08.13 17:49:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
[2012.08.13 17:49:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASRock Utility
[2012.08.13 17:44:56 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Diagnostics
[2012.08.13 17:43:33 | 000,000,000 | R--D | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.08.13 17:43:33 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Searches
[2012.08.13 17:43:33 | 000,000,000 | R--D | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.08.13 17:43:25 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Identities
[2012.08.13 17:43:23 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Contacts
[2012.08.13 17:43:21 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\VirtualStore
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Vorlagen
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\AppData\Local\Verlauf
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\AppData\Local\Temporary Internet Files
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Startmenü
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\SendTo
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Recent
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Netzwerkumgebung
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Lokale Einstellungen
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Documents\Eigene Videos
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Documents\Eigene Musik
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Eigene Dateien
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Documents\Eigene Bilder
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Druckumgebung
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Cookies
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\AppData\Local\Anwendungsdaten
[2012.08.13 17:43:10 | 000,000,000 | -HSD | C] -- C:\Users\Pascal\Anwendungsdaten
[2012.08.13 17:43:09 | 000,000,000 | --SD | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Videos
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Saved Games
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Pictures
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Music
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Links
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Favorites
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Downloads
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Documents
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\Desktop
[2012.08.13 17:43:09 | 000,000,000 | R--D | C] -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.08.13 17:43:09 | 000,000,000 | -H-D | C] -- C:\Users\Pascal\AppData
[2012.08.13 17:43:09 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Temp
[2012.08.13 17:43:09 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\Microsoft
[2012.08.13 17:43:09 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Media Center Programs
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.08.13 17:43:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.08.13 17:42:58 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.08.13 17:38:39 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.08.13 17:38:34 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2012.08.09 16:46:31 | 001,312,768 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v1892.dll
[2012.08.09 16:46:31 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\oemdspif.dll
[2012.08.09 16:46:30 | 005,694,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
[2012.08.09 16:46:30 | 000,491,032 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
[2012.08.09 16:46:30 | 000,371,712 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
[2012.08.09 16:46:30 | 000,365,592 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
[2012.08.09 16:46:30 | 000,312,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
[2012.08.09 16:46:30 | 000,306,688 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
[2012.08.09 16:46:30 | 000,305,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
[2012.08.09 16:46:30 | 000,305,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
[2012.08.09 16:46:30 | 000,305,152 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresp.lrc
[2012.08.09 16:46:30 | 000,301,568 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
[2012.08.09 16:46:30 | 000,296,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
[2012.08.09 16:46:30 | 000,293,376 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
[2012.08.09 16:46:30 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
[2012.08.09 16:46:30 | 000,290,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
[2012.08.09 16:46:30 | 000,289,792 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
[2012.08.09 16:46:30 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
[2012.08.09 16:46:30 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
[2012.08.09 16:46:30 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
[2012.08.09 16:46:30 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
[2012.08.09 16:46:30 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
[2012.08.09 16:46:30 | 000,282,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
[2012.08.09 16:46:30 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
[2012.08.09 16:46:30 | 000,279,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
[2012.08.09 16:46:30 | 000,278,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
[2012.08.09 16:46:30 | 000,264,704 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
[2012.08.09 16:46:30 | 000,254,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
[2012.08.09 16:46:30 | 000,251,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
[2012.08.09 16:46:30 | 000,246,272 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
[2012.08.09 16:46:30 | 000,215,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
[2012.08.09 16:46:30 | 000,208,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
[2012.08.09 16:46:30 | 000,207,360 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
[2012.08.09 16:46:30 | 000,181,760 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
[2012.08.09 16:46:30 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
[2012.08.09 16:46:30 | 000,165,912 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
[2012.08.09 16:46:30 | 000,055,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
[2012.08.09 16:46:29 | 008,095,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
[2012.08.09 16:46:29 | 007,369,728 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
[2012.08.09 16:46:29 | 006,042,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
[2012.08.09 16:46:29 | 005,617,664 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
[2012.08.09 16:46:29 | 004,234,240 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
[2012.08.09 16:46:29 | 003,646,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
[2012.08.09 16:46:29 | 000,845,848 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcfg.exe
[2012.08.09 16:46:29 | 000,549,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
[2012.08.09 16:46:29 | 000,259,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
[2012.08.09 16:46:29 | 000,217,088 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
[2012.08.09 16:46:29 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
[2012.08.09 16:46:29 | 000,125,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
[2012.08.09 16:46:29 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
[2012.08.09 16:46:28 | 005,195,776 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4dev64.dll
[2012.08.09 16:46:28 | 003,839,488 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4dev32.dll
[2012.08.09 16:46:28 | 000,387,608 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
[2012.08.09 16:46:28 | 000,108,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
[2012.08.09 16:46:28 | 000,106,008 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe
========== Files - Modified Within 14 Days ==========
[2012.08.13 19:51:35 | 001,151,063 | ---- | M] () -- C:\Users\Pascal\Desktop\ws_weathered_windows_wallpaper_1920x1200.jpg
[2012.08.13 19:47:25 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\DisplayFusion.lnk
[2012.08.13 19:42:24 | 000,189,424 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.08.13 19:42:24 | 000,188,912 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.08.13 19:40:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.13 19:40:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.13 18:43:17 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.13 18:43:17 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.13 18:43:17 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.13 18:43:17 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.13 18:43:17 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.13 18:42:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.08.13 18:37:13 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2012.08.13 18:35:31 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.13 18:31:24 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.08.13 18:30:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.08.13 18:27:51 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.13 18:13:31 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.13 18:13:31 | 000,019,104 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.13 18:04:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.13 18:04:15 | 2120,024,063 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.13 18:00:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIh_01009.Wdf
[2012.08.13 17:59:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012.08.13 17:57:23 | 000,000,621 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.imi
[2012.08.13 17:57:23 | 000,000,188 | ---- | M] () -- C:\Windows\Cmicnfg3.ini.cfl
[2012.08.13 17:57:23 | 000,000,138 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2012.08.13 17:57:07 | 000,000,560 | ---- | M] () -- C:\Windows\System\Cmicnfg3.ini
[2012.08.13 17:55:20 | 000,018,490 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012.08.13 17:52:53 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\ASRock InstantBoot.lnk
[2012.08.13 17:51:58 | 000,275,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.13 17:49:41 | 000,001,043 | ---- | M] () -- C:\Users\Public\Desktop\ASRock IES.lnk
[2012.08.13 17:40:08 | 000,000,771 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.08.13 17:40:08 | 000,000,771 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.08.13 15:52:48 | 253,522,944 | ---- | M] () -- C:\Users\Pascal\Desktop\Windows_Win7SP1.7601.17514.101119-1850.IA64CHK.Symbols.msi
========== Files Created - No Company Name ==========
[2012.08.13 19:51:34 | 001,151,063 | ---- | C] () -- C:\Users\Pascal\Desktop\ws_weathered_windows_wallpaper_1920x1200.jpg
[2012.08.13 19:47:25 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\DisplayFusion.lnk
[2012.08.13 18:43:12 | 253,522,944 | ---- | C] () -- C:\Users\Pascal\Desktop\Windows_Win7SP1.7601.17514.101119-1850.IA64CHK.Symbols.msi
[2012.08.13 18:42:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.08.13 18:37:13 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2012.08.13 18:37:11 | 000,383,786 | RHS- | C] () -- C:\bootmgr
[2012.08.13 18:35:31 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.08.13 18:31:24 | 000,001,142 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.08.13 18:31:24 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.08.13 18:27:51 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.08.13 18:27:45 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.08.13 18:01:01 | 000,007,384 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.13 18:00:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIh_01009.Wdf
[2012.08.13 17:59:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012.08.13 17:57:59 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2012.08.13 17:57:23 | 001,144,983 | ---- | C] () -- C:\Windows\SysWow64\KB936225x64.msu
[2012.08.13 17:57:23 | 000,787,456 | ---- | C] () -- C:\Windows\SysNative\Cmeaupci.exe
[2012.08.13 17:57:23 | 000,389,120 | ---- | C] () -- C:\Windows\SysNative\CMICNFG3.cpl
[2012.08.13 17:57:23 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2012.08.13 17:57:23 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2012.08.13 17:57:23 | 000,000,138 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2012.08.13 17:57:07 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2012.08.13 17:57:07 | 000,002,641 | ---- | C] () -- C:\Windows\cmudax3.ini
[2012.08.13 17:57:07 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2012.08.13 17:57:07 | 000,000,621 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2012.08.13 17:57:07 | 000,000,560 | ---- | C] () -- C:\Windows\System\Cmicnfg3.ini
[2012.08.13 17:55:20 | 000,018,490 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012.08.13 17:52:53 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\ASRock InstantBoot.lnk
[2012.08.13 17:49:41 | 000,001,043 | ---- | C] () -- C:\Users\Public\Desktop\ASRock IES.lnk
[2012.08.13 17:43:38 | 000,001,405 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.08.13 17:43:34 | 000,001,439 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.08.13 17:38:07 | 2120,024,063 | -HS- | C] () -- C:\hiberfil.sys
[2012.08.09 16:46:30 | 001,991,936 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.08.09 16:46:30 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.08.09 16:46:30 | 000,982,220 | ---- | C] () -- C:\Windows\SysNative\igkrng500.bin
[2012.08.09 16:46:30 | 000,060,254 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.08.09 16:46:30 | 000,060,226 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.08.09 16:46:30 | 000,060,015 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.08.09 16:46:30 | 000,004,440 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2012.08.09 16:46:30 | 000,001,090 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2012.08.09 16:46:29 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.08.09 16:46:29 | 000,439,300 | ---- | C] () -- C:\Windows\SysNative\igcompkrng500.bin
[2012.08.09 16:46:29 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2012.08.09 16:46:29 | 000,134,592 | ---- | C] () -- C:\Windows\SysNative\igfcg500.bin
[2012.08.09 16:46:29 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.08.09 16:46:29 | 000,092,216 | ---- | C] () -- C:\Windows\SysNative\igfcg500m.bin
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
< End of report > OTL Logfile 2: Code:
OTL Extras logfile created on: 13.08.2012 19:58:52 - Run 1
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Pascal\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,97 Gb Total Physical Memory | 5,46 Gb Available Physical Memory | 68,55% Memory free
15,93 Gb Paging File | 13,33 Gb Available in Paging File | 83,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 127,99 Gb Total Space | 99,13 Gb Free Space | 77,45% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 73,88 Gb Free Space | 48,17% Space Free | Partition Type: NTFS
Drive E: | 104,89 Gb Total Space | 50,85 Gb Free Space | 48,48% Space Free | Partition Type: NTFS
Drive F: | 1,90 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: PASCAL-PC | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 14 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2875357547-857743034-3553125883-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D1CE183-03FF-447A-9E8D-0AF6D08B1901}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0EE0DB39-0897-47CD-9E3D-9E6517BD4C76}" = lport=2869 | protocol=6 | dir=in | app=system |
"{121F6CF3-C0F9-4F37-A2A4-39773B561104}" = rport=445 | protocol=6 | dir=out | app=system |
"{127E2F89-5EBB-4F7A-AFDF-3FF0E47363C3}" = rport=139 | protocol=6 | dir=out | app=system |
"{1DB759DB-A716-412D-9BEF-68E049614218}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2C24D35F-80D5-4AA9-973B-AAC4A40A8D72}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{31DF2644-8FED-43FB-B725-258F89C9DC83}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48167CEE-F291-495A-A5DF-53C3E3644CD5}" = rport=137 | protocol=17 | dir=out | app=system |
"{5ECEA2E7-C25D-4894-AC38-F29E30695439}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64534EDD-9908-4C05-B99D-EF9902C0A054}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ABC22BA1-00BD-4AB6-AB3A-351EA8C99883}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD52DF53-BAB0-4371-86CB-DC01EE2F662C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AF13744C-F276-4032-B09D-8273D2DFCF1C}" = lport=138 | protocol=17 | dir=in | app=system |
"{C9A5B066-171A-425A-9349-FB8A1695E76E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CB346AEA-3634-40B6-BF0D-5A02C87707DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{D492A4EC-7603-4A8F-ADF5-074066913853}" = lport=137 | protocol=17 | dir=in | app=system |
"{D5D8CA41-0528-449E-ADCF-6D9C692F7265}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DC3D0FD3-5996-4B0C-8EF6-732769C731F4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E33E5B05-C13E-4B90-9A26-E5FC1B21AEBB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E8E22E64-CCD2-4D15-BC7C-88DF728493A2}" = lport=445 | protocol=6 | dir=in | app=system |
"{FF57C020-A597-4AAE-8055-908765CCB3C7}" = rport=138 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F08BB57-6C2E-45A0-98A1-5F96DF5411BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1CDE4A81-C069-42D9-BA0A-9656F9BCE98C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{1FAD5504-7718-4B87-BB60-72E185E8CAFD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{33DEBBB3-23DF-4FD7-B9EA-FE1032BBF498}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44BD069A-8C4A-429D-910A-F51400B0894E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CCCB057-136D-4126-B85D-1C4753F0FB71}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7CAFC987-DC54-41E7-B4A1-766002019694}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80700B7F-0F70-4B5F-8558-B0540EAC8E3A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{85F88F01-213B-4668-9A3B-C500F84D07E3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9633B2E0-EA46-4057-B1ED-BFFACF59C773}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9C75717F-C3DB-4EB4-93FC-E0159774AE65}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A1C4C24B-33EA-41F8-BCAC-7912612F4391}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2A455CB-6C9F-4BA0-9DE6-A2EDA7E53999}" = protocol=6 | dir=out | app=system |
"{A90AEDE2-8017-4672-9E57-1C5A924C6028}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C8F90339-7B26-42C7-AABB-CF7735AA970B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D0BF6F6D-D3B7-4392-9B45-398EA52416E3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5E72543-B6BB-4F93-8B32-3C570D91FDD3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB647162-4BC7-4BB5-8B87-14CCD0D9E3AC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FA86127E-309D-41B9-9D8B-21F08160F29D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{0E961EC2-3F74-4D72-A45B-727AE2B1014A}C:\users\pascal\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=6 | dir=in | app=c:\users\pascal\appdata\local\temp\rarsfx0\bie_kms.exe |
"UDP Query User{FBAA4C8D-7D93-4735-AF81-4DB2EB80C098}C:\users\pascal\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=17 | dir=in | app=c:\users\pascal\appdata\local\temp\rarsfx0\bie_kms.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1111706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 (64-bit)
"{2222706F-666A-4037-7777-211648764D10}" = JavaFX 2.1.1 SDK (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0170050}" = Java SE Development Kit 7 Update 5 (64-bit)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{EA2EFBF6-7CFD-47A0-BECE-AFCB98428CFE}" = Fresco Logic USB3.0 Host Controller
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"C-Media PCI Audio Driver" = Aureon 5.1 PCI
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{5CBDF0C2-6FD1-4A32-9A0A-143D9AB91CCE}" = Microsoft Windows Debugging Symbols
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ASRock IES_is1" = ASRock IES v2.0.84
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"avast" = avast! Free Antivirus
"B076073A-5527-4f4f-B46B-B10692277DA2_is1" = DisplayFusion 4.0.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.08.2012 13:23:06 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:23:06 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:23:15 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:23:16 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:23:17 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:23:17 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:30:08 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:30:08 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:49:28 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 13.08.2012 13:49:28 | Computer Name = Pascal-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ System Events ]
Error - 13.08.2012 11:38:05 | Computer Name = WIN-I66AKVR29BF | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 13.08.2012 11:40:41 | Computer Name = Pascal-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 13.08.2012 11:51:39 | Computer Name = Pascal-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 13.08.2012 11:54:30 | Computer Name = Pascal-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 13.08.2012 12:04:13 | Computer Name = Pascal-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
Error - 13.08.2012 12:41:58 | Computer Name = Pascal-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.
< End of report > Danke |