Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Hohe Cpu Auslastung + Seltsame Prozesse im Windows Task Manager was tun ? (https://www.trojaner-board.de/132103-hohe-cpu-auslastung-seltsame-prozesse-windows-task-manager-tun.html)

Johann95 11.03.2013 23:07
Hohe Cpu Auslastung + Seltsame Prozesse im Windows Task Manager was tun ?
 
Guten Abend Community.

Ich hoffe ich bin hier richtig und ihr könnt mir helfen.

Mein Problem hat vor etwa 2 Monaten angefangen indem das Skype nicht mehr gestartet ist und dann nach wenigen Tagen die CPU Auslastung immer höher wurde.

Vor 1 Monat wie ich auf meinen Laptop einen Ordner öffen wollte die Fehler Meldung erhalten das die Datein beschädigt sind und das ich chckdsk.exe ausführen soll.

Gute habe dies gemacht jedoch sofort einen Bluescreen bekommen.

Habe Neugestartet und CCleaner ausgeführt da ist mir aufgefallen das über 885 Fehlerhafte einträge in der Registry vorhanden sind, habe sie behoben/gelöscht und dann neugestartet.

Neustart hat Funktioniert jedoch hab ich nachdem ich mich in Windows Angemeldet habe Um die 10 Meldungen in das Taskleiste bekommen das Datein von Programmen fehlen etc.

Habe wieder CCleaner ausgeführt jedoch ohne Erfolg sofort beim start von CCleaner habe ich einen Error erhalten von der Visual Runtime (Runtime Error).

Habe erneut probiert chckdsk auszuführen erneut Erfolglos + Die Zerstörung von Windows (Letzen Bluescreen erhalten).

Habe probiert neuzustarten jedoch Erfolglos, Windows hat bei dem Windows Logo abgebrochen und einen Bluescreen bekommen.

Ich habe dann eine Reperatur mit der Windows 7 CD Versucht jedoch hat dies dem System den Rest gegeben, (Festplatte wurde nicht mehr erkannt weder im Bios, weder sonst wo).

Gut habe die Festplatte getauscht, Windows 7 wieder Installiert Okay.

Die Nächsten 5 Tage wahr alles wie es sein sollte.

Jedoch trat wieder das gleiche Problem mit Skype auf das es einfach nicht mehr startet, 2 Tage Später wieder Sehr Hohe CPU Auslastung + Seltsame Prozesse im Task Manager.

Das Problem was mich aber jetzt am Allermeisten stört ist das mein Windows oft einige Sekunden extrem hängt.

Hier mal ein Paar Screenshots vom Task Manager.

http://www.bilder-upload.eu/show.php...1363039475.jpg

http://www.bilder-upload.eu/show.php...1363039567.jpg

Die Komischen prozesse im Task Manager habe ich rot markiert, beende ich soeinen prozess steht in 5 Minuten ein anderer Im Task Manager drinnen -.-

Bitte helft mir ich weiß nicht mehr weiter :(

cosinus 13.03.2013 13:19
Hallo und :hallo:

Zitat:
Habe Neugestartet und CCleaner ausgeführt da ist mir aufgefallen das über 885 Fehlerhafte einträge in der Registry vorhanden sind, habe sie behoben/gelöscht und dann neugestartet.
Finger weg von Registry-Cleanern!!

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr startet.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.





Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.



Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.

Johann95 14.03.2013 00:24
Hier Die Log Files von OTL

Logfiles von Extras.txt


Code:
OTL Extras logfile created on: 14.03.2013 00:15:31 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Gabriel Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
5,75 Gb Total Physical Memory | 4,20 Gb Available Physical Memory | 73,07% Memory free
11,49 Gb Paging File | 9,65 Gb Available in Paging File | 84,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 219,95 Gb Free Space | 73,81% Space Free | Partition Type: NTFS
 
Computer Name: GABRIELJOHANNES | User Name: Gabriel Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"UpdatesDisableNotify" = 1
"UacDisableNotify" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{17AD85AA-7753-4D6E-834D-3699AEC46D0D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1FDF6872-C6FC-49F9-A2CA-5B0EC2280B55}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2833F1C2-09CD-4B8A-8C07-D02C602C59F8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{45CCA462-FF09-4492-9F9C-210B30C98356}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{4FB301B2-88C8-4010-B38A-1776A0EEB514}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{502C483E-59D0-4182-92AF-0B1334AC9951}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{548BF6B0-F4FA-4736-A280-F1A6F2490716}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{5DD52B2D-AB6A-419B-8988-2EC4C2E5FC6B}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{69C231A8-6686-4691-B710-71867DA385C8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9E208E8E-F3F2-4CCD-975D-C784B678A447}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{ABBFA469-9B6C-4F59-A771-FE850A656BA0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{B2796BD6-5D84-47E7-99C4-9FA45BE370FF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B8162692-B9F3-41FD-BE1F-645905F26E43}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C0353CCE-DB98-4D4A-8CB3-76DEA5DC9805}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{C82266DA-9F51-49A1-BDDC-E4B5A0D21FD1}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{D835E503-2931-4766-A56D-2C8F9F4D3D7A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{E8CDB3EB-DCFF-4FE0-B3FF-50A4D8611BCA}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7m\icq.exe |
"{F029BABF-C71F-4C86-8D5C-A03D50357675}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"TCP Query User{031C57B6-7207-48BD-AF30-A264C86380B2}C:\program files\oracle\virtualbox\virtualbox.exe" = protocol=6 | dir=in | app=c:\program files\oracle\virtualbox\virtualbox.exe |
"TCP Query User{0612A5B8-512B-476F-971C-C5E0E08EEDB0}C:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe |
"TCP Query User{06A24A3B-E45D-4EB7-BE9B-F41EF25D14BD}C:\users\gabriel johannes\appdata\local\temp\payw.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\payw.exe |
"TCP Query User{2219D43B-63BD-4D15-9CA5-BA72B6F376D4}E:\programme\filezilla_3.5.3_win32-setup.exe" = protocol=6 | dir=in | app=e:\programme\filezilla_3.5.3_win32-setup.exe |
"TCP Query User{2595209E-9E5A-4616-A9D9-EB2224307A8C}E:\test server\samp-server.exe" = protocol=6 | dir=in | app=e:\test server\samp-server.exe |
"TCP Query User{2BD0BEDC-239F-486E-8965-1531ADD22B37}C:\users\gabriel johannes\appdata\local\temp\ibfgxc.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\ibfgxc.exe |
"TCP Query User{339F5E18-8321-4D23-A092-3D3D92002C40}C:\users\gabriel johannes\appdata\local\temp\winhrpjr.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winhrpjr.exe |
"TCP Query User{58FBB7E1-82B5-4429-9219-44088CC3491E}C:\program files (x86)\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\free download manager\fdm.exe |
"TCP Query User{5DA40733-BA44-4DE5-9F9E-D2973A2179A2}C:\windows\syswow64\runonce.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\runonce.exe |
"TCP Query User{5EB8D6F2-469A-405A-A551-EEC2F791B5F4}C:\program files (x86)\itunes\ituneshelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\ituneshelper.exe |
"TCP Query User{5F8C7C21-EE4A-44ED-98C2-2C69EEFE234A}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{65FFE24B-C837-4B18-9F42-C0E7A0D0B01C}C:\users\gabriel johannes\desktop\greek ultimate stuntages\samp-server.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\desktop\greek ultimate stuntages\samp-server.exe |
"TCP Query User{6AF71F19-BCA9-4CF0-B530-237D5F87AD35}C:\program files (x86)\samsung\kies\kiestrayagent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\kies\kiestrayagent.exe |
"TCP Query User{6ED39E4D-EF3B-4808-9576-DE7102669B9B}G:\test server\samp-server.exe" = protocol=6 | dir=in | app=g:\test server\samp-server.exe |
"TCP Query User{76419444-4247-4D4B-AA98-5059CA8DCA1D}C:\program files (x86)\samsung\kies\kies.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\kies\kies.exe |
"TCP Query User{77B375AE-9539-47E4-A647-590B269C380D}C:\users\gabriel johannes\appdata\local\temp\winywqh.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winywqh.exe |
"TCP Query User{786E1586-C309-4A7B-AD6B-8718CB25C396}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe |
"TCP Query User{890ADDE2-4511-428F-9098-F9D2A55CC916}G:\pg_1\engine\questviewer.exe" = protocol=6 | dir=in | app=g:\pg_1\engine\questviewer.exe |
"TCP Query User{8E606C99-DD3B-439A-8DAF-AA88BA4F43EC}C:\users\gabriel johannes\appdata\local\temp\winpqcofc.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winpqcofc.exe |
"TCP Query User{9252997D-8C5B-4048-BCEE-8B55B57781D1}C:\users\gabriel johannes\appdata\local\temp\winysmqsd.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winysmqsd.exe |
"TCP Query User{9517DD04-E11B-49F1-8AAA-BA2B4BAAA849}C:\users\gabriel johannes\appdata\local\temp\winqjvhqu.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winqjvhqu.exe |
"TCP Query User{9EED5712-B638-41E5-82B5-85544941B72C}C:\program files (x86)\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe |
"TCP Query User{B29C0DE8-A255-445C-B500-E769704508DE}C:\users\gabriel johannes\appdata\local\temp\wingkyp.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\wingkyp.exe |
"TCP Query User{BBB64FB8-B176-4BB4-B959-B00C2CCE83AF}C:\users\gabriel johannes\appdata\local\temp\winyayxr.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winyayxr.exe |
"TCP Query User{C4382366-1A47-4DEE-9C44-010081B64A28}C:\program files (x86)\common files\apple\apple application support\distnoted.exe" = protocol=6 | dir=in | app=c:\program files (x86)\common files\apple\apple application support\distnoted.exe |
"TCP Query User{C46CEED5-75DA-45A0-923B-B7D32EF42F3B}C:\program files (x86)\t-mobile\internetmanager_h\datacardmonitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\t-mobile\internetmanager_h\datacardmonitor.exe |
"TCP Query User{C595A15C-9AF4-4FFE-9E9C-6D3ABD2276DF}C:\programdata\datacardservice\dcshelper.exe" = protocol=6 | dir=in | app=c:\programdata\datacardservice\dcshelper.exe |
"TCP Query User{CBB4CC9B-FB75-40E6-AB78-4FC6E99E0C72}C:\program files (x86)\t-mobile\internetmanager_h\t-mobile internet manager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\t-mobile\internetmanager_h\t-mobile internet manager.exe |
"TCP Query User{CC5F39FE-F784-48B7-B9AB-83916F27B1CC}C:\users\gabriel johannes\appdata\local\temp\winuvxsau.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winuvxsau.exe |
"TCP Query User{D63F2366-3560-46AF-B6F6-60FB650C96EC}C:\users\gabriel johannes\desktop\pawno\pawno.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\desktop\pawno\pawno.exe |
"TCP Query User{D6A2EA97-3CE0-44E9-8E90-12D42E2BFC03}C:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe |
"TCP Query User{D82CC712-C0B9-4F90-8727-37E08633E849}E:\hp laptop treiber\wlan_treiber_sp57049.exe" = protocol=6 | dir=in | app=e:\hp laptop treiber\wlan_treiber_sp57049.exe |
"TCP Query User{E2D3F0CA-869F-4839-AFC7-877DD6EA8B4A}C:\users\gabriel johannes\appdata\roaming\t-mobile internet manager\ouc.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\roaming\t-mobile internet manager\ouc.exe |
"TCP Query User{E4318F0C-18C8-4146-A9EC-3817C980FEB1}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"TCP Query User{E7235EAA-DAFB-4E3A-A698-D41EAE2553D2}C:\program files (x86)\samsung\kies\external\devicemodules\devicemanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\kies\external\devicemodules\devicemanager.exe |
"TCP Query User{E8A18C04-F54C-47CA-8072-8DDD8019F5DF}C:\program files (x86)\rockstar games\grand theft auto san andreas\samp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\samp.exe |
"TCP Query User{EC8ED429-4D69-4E77-9EA5-DAA735832AAD}C:\program files (x86)\ati technologies\ati.ace\core-static\mmloaddrvpxdiscrete.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\mmloaddrvpxdiscrete.exe |
"TCP Query User{F4FC3CDD-48AE-4D43-A99D-BC0E23DC92E3}C:\users\gabriel johannes\appdata\local\temp\winxohsih.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winxohsih.exe |
"TCP Query User{F5023F95-8E67-4B5E-82C9-C081D36731DD}E:\hp laptop treiber\kartenleser_treiber_sp55085.exe" = protocol=6 | dir=in | app=e:\hp laptop treiber\kartenleser_treiber_sp55085.exe |
"TCP Query User{F52E72C1-EF2B-4D0D-A76F-59168AABA464}C:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe |
"TCP Query User{FA7712C1-FE13-4487-BED8-6C5DACBB6A45}C:\users\gabriel johannes\appdata\local\temp\winmxvjfv.exe" = protocol=6 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winmxvjfv.exe |
"UDP Query User{09B53AE6-1421-42AB-B9CA-5A950C5C5FA0}C:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe |
"UDP Query User{0D56F13F-E896-4306-86D5-34951490E3AC}C:\users\gabriel johannes\desktop\greek ultimate stuntages\samp-server.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\desktop\greek ultimate stuntages\samp-server.exe |
"UDP Query User{0EC5BCE9-8799-407F-8ADA-061FAC25FD55}C:\program files (x86)\t-mobile\internetmanager_h\datacardmonitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\t-mobile\internetmanager_h\datacardmonitor.exe |
"UDP Query User{2115EB54-E2DC-4D56-BBF5-D60F1242C8CD}C:\program files\oracle\virtualbox\virtualbox.exe" = protocol=17 | dir=in | app=c:\program files\oracle\virtualbox\virtualbox.exe |
"UDP Query User{291A1C71-A3F6-4D2D-8C63-35F5F8E3DD49}C:\users\gabriel johannes\appdata\local\temp\ibfgxc.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\ibfgxc.exe |
"UDP Query User{2C53DE13-AAC5-4BCC-8A3A-8123CE723687}C:\program files (x86)\mta san andreas 1.3\server\mta server.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mta san andreas 1.3\server\mta server.exe |
"UDP Query User{2E46E9DD-94A9-4187-855C-1A97580BB92C}C:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\gta_sa.exe |
"UDP Query User{31E23A91-CF7D-42C6-8EC6-830A4F38D03A}C:\program files (x86)\itunes\ituneshelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\ituneshelper.exe |
"UDP Query User{32B37A09-CA65-4CDE-982D-187E0A26ADAB}C:\users\gabriel johannes\appdata\local\temp\winqjvhqu.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winqjvhqu.exe |
"UDP Query User{3BB11145-ED9E-4D1F-8158-9956F7BE992C}C:\users\gabriel johannes\appdata\local\temp\winywqh.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winywqh.exe |
"UDP Query User{3E94CCCB-F7AD-4BE7-80B6-1C8F21890148}C:\users\gabriel johannes\appdata\local\temp\winyayxr.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winyayxr.exe |
"UDP Query User{4BE491D5-5986-4A86-A579-40694537C7B4}G:\pg_1\engine\questviewer.exe" = protocol=17 | dir=in | app=g:\pg_1\engine\questviewer.exe |
"UDP Query User{4D0043D7-D44F-42AF-987F-2E79C848F731}C:\program files (x86)\samsung\kies\external\devicemodules\devicemanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\kies\external\devicemodules\devicemanager.exe |
"UDP Query User{4E9409FA-F6D7-4680-A0E0-B5F7DDF3A9BE}C:\users\gabriel johannes\appdata\local\temp\winhrpjr.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winhrpjr.exe |
"UDP Query User{4F9A801B-D2C3-4CB9-AE2C-3FA9F0388614}C:\program files (x86)\common files\apple\apple application support\distnoted.exe" = protocol=17 | dir=in | app=c:\program files (x86)\common files\apple\apple application support\distnoted.exe |
"UDP Query User{5FD2EB07-4920-417A-93D1-CB22822C7148}C:\users\gabriel johannes\appdata\local\temp\payw.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\payw.exe |
"UDP Query User{6A676C03-FCA8-4AE5-AD54-9BE5BEAF14C7}C:\program files (x86)\samsung\kies\kies.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\kies\kies.exe |
"UDP Query User{6C818DB5-394C-4052-BC8F-7F30A3C299FC}E:\test server\samp-server.exe" = protocol=17 | dir=in | app=e:\test server\samp-server.exe |
"UDP Query User{6F66B072-66DE-430E-AEA8-E554238F31B5}C:\programdata\datacardservice\dcshelper.exe" = protocol=17 | dir=in | app=c:\programdata\datacardservice\dcshelper.exe |
"UDP Query User{6F6ACE8A-F31A-4B3C-ADA6-71E50A4B8CD9}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe |
"UDP Query User{7992C44A-38A9-4BF7-91E4-E08CE3779450}C:\users\gabriel johannes\appdata\local\temp\winxohsih.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winxohsih.exe |
"UDP Query User{7D167D88-15BF-4616-8EEF-BC151DA3BE86}G:\test server\samp-server.exe" = protocol=17 | dir=in | app=g:\test server\samp-server.exe |
"UDP Query User{7FA88539-AC03-4B74-87F7-2580824AC81A}C:\program files (x86)\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe |
"UDP Query User{85319C94-2EAC-4472-829D-299FC6A4B767}C:\program files (x86)\ati technologies\ati.ace\core-static\mmloaddrvpxdiscrete.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\mmloaddrvpxdiscrete.exe |
"UDP Query User{8DA76866-3DF5-458A-ACFC-ACD62EBF1E70}C:\program files (x86)\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\free download manager\fdm.exe |
"UDP Query User{947FA3F3-BCB6-4851-BDD4-4C34F61D24B1}C:\users\gabriel johannes\appdata\local\temp\winmxvjfv.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winmxvjfv.exe |
"UDP Query User{97198F33-B86C-4CD7-8611-FD069AAD5ECF}E:\hp laptop treiber\wlan_treiber_sp57049.exe" = protocol=17 | dir=in | app=e:\hp laptop treiber\wlan_treiber_sp57049.exe |
"UDP Query User{99EC2924-2E91-4EF8-A23E-EF13DF37C347}C:\program files (x86)\t-mobile\internetmanager_h\t-mobile internet manager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\t-mobile\internetmanager_h\t-mobile internet manager.exe |
"UDP Query User{9B292A39-0321-4D48-B3FD-85DB59559019}C:\program files (x86)\rockstar games\grand theft auto san andreas\samp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\rockstar games\grand theft auto san andreas\samp.exe |
"UDP Query User{9B76353B-2AD2-4D7E-A5F8-0671DD322D17}E:\hp laptop treiber\kartenleser_treiber_sp55085.exe" = protocol=17 | dir=in | app=e:\hp laptop treiber\kartenleser_treiber_sp55085.exe |
"UDP Query User{A06066B5-CEA9-4C2B-A26A-2784A1D61F26}C:\users\gabriel johannes\appdata\roaming\t-mobile internet manager\ouc.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\roaming\t-mobile internet manager\ouc.exe |
"UDP Query User{B2B2B93A-A08C-4D2E-AA06-78068BDC90E7}E:\programme\filezilla_3.5.3_win32-setup.exe" = protocol=17 | dir=in | app=e:\programme\filezilla_3.5.3_win32-setup.exe |
"UDP Query User{C782C9D0-D684-417A-A7EF-FEED55686189}C:\users\gabriel johannes\appdata\local\temp\winysmqsd.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winysmqsd.exe |
"UDP Query User{C7A2F8CE-9EDC-4A98-B9ED-AB69682525B4}C:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ati technologies\ati.ace\core-static\clistart.exe |
"UDP Query User{CD51869A-4DDE-400C-8F02-428DE656D1C3}C:\users\gabriel johannes\appdata\local\temp\wingkyp.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\wingkyp.exe |
"UDP Query User{D370FF89-3CC4-4FC3-9FA7-E525D4043992}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{D841D6B2-7BEE-4483-A841-1665E369B7CC}C:\windows\syswow64\runonce.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\runonce.exe |
"UDP Query User{D9AD3EB1-2CE9-4291-B258-CF9435D4ED88}C:\users\gabriel johannes\appdata\local\temp\winpqcofc.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winpqcofc.exe |
"UDP Query User{EE46FEFC-7652-4733-B863-F1DD2B8594F4}C:\users\gabriel johannes\desktop\pawno\pawno.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\desktop\pawno\pawno.exe |
"UDP Query User{F93D8FE7-4133-4F81-ADFD-E94793A5DE5B}C:\program files (x86)\samsung\kies\kiestrayagent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\kies\kiestrayagent.exe |
"UDP Query User{FD47217D-01A1-4EBC-B713-F43E194B9D3D}C:\users\gabriel johannes\appdata\local\temp\winuvxsau.exe" = protocol=17 | dir=in | app=c:\users\gabriel johannes\appdata\local\temp\winuvxsau.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{45726347-6D97-4613-9F89-A9635ACBD34D}" = AMD Media Foundation Decoders
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{883F56F3-B9E7-4B07-8F6D-2BEF6291DF16}" = Oracle VM VirtualBox 4.1.22
"{8A7CAA24-7B23-410B-A7C3-F994B0944160}" = Microsoft Virtual PC 2007
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{BF92729B-1505-55D8-DAD4-4727CDB02FF6}" = ccc-utility64
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"CCleaner" = CCleaner
"Recuva" = Recuva
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0535D679-6FFB-2CAB-F7FF-7B05D6D6CAB5}" = CCC Help Chinese Standard
"{16F1B95A-F813-7600-EFA5-A97CB11222BC}" = CCC Help French
"{17A5CB1F-712A-41D2-FBBB-4A881EBA9B17}" = CCC Help Polish
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{20DBF540-DF10-0A5C-7443-F139A84CC1F5}" = CCC Help Dutch
"{21CC6030-B1EA-3E53-DF36-38054A1596B4}" = CCC Help Turkish
"{29819186-C15B-D50E-AB2E-8C24E2619273}" = CCC Help Portuguese
"{314F8264-25FB-C833-1017-3A0E0846112C}" = CCC Help Hungarian
"{3167966F-9811-30EF-6093-B7B95E2F19B7}" = Catalyst Control Center Graphics Previews Common
"{346DAD45-38D4-B63C-C372-1E2BC136DE69}" = CCC Help Finnish
"{3A83B36C-17B9-4832-445A-7A9DF377BB12}" = CCC Help Swedish
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{58A2F6F8-6009-CC35-2A83-DB5F922003DE}" = CCC Help Czech
"{5E21F3A1-9E84-DC22-1C62-0DB056EC7344}" = CCC Help Japanese
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{81C9D048-B677-3CDD-7E20-3AF8DBFC4A0A}" = Catalyst Control Center Localization All
"{86790597-5E41-47AF-A6E4-6295D0C21B8B}" = A1 Dashboard
"{870163D1-4D3A-198C-5414-889F1F4347AE}" = CCC Help Korean
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{93335AAC-9F8B-54DF-7DB5-2C98D0DC2111}" = CCC Help Chinese Traditional
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{AD0AAA4D-9A81-8B10-EB28-3C1372987DE7}" = CCC Help Italian
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C55C2A19-BAD2-287A-1D7A-9D5FF5FD526E}" = AMD VISION Engine Control Center
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D46914D5-CA39-1A40-3CEC-9368E9C28568}" = CCC Help Greek
"{DEA477E5-F916-973D-E1AB-3CDC735FDB58}" = CCC Help Norwegian
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{EA0E4DD2-7CD7-9583-0BE6-AFF3DF09E3E4}" = CCC Help Thai
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0A76517-2D1D-8DE3-F3B7-121B6A1990E8}" = CCC Help English
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F35C5FE9-57EC-9936-5738-D7EB3EA73B28}" = CCC Help Spanish
"{F4708461-A1E0-0657-1FC6-FACFEEA55CBE}" = CCC Help Russian
"{F4EB5AE1-0065-0752-FF11-1E45ABCD443A}" = CCC Help Danish
"{FC2150C5-A1AF-6238-9632-E5BB8739C0BC}" = CCC Help German
"A1 Dashboard" = A1 Dashboard
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 2.70
"Free Download Manager_is1" = Free Download Manager 3.9.2
"Free Studio_is1" = Free Studio version 5.7.7.1031
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MTA:SA 1.3" = MTA:SA v1.3.1
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"TeamViewer 8" = TeamViewer 8
"T-Mobile Internet Manager" = T-Mobile Internet Manager
"winscp3_is1" = WinSCP 5.1.1
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.03.2013 22:46:35 | Computer Name = GabrielJohannes | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21619601
 
Error - 09.03.2013 22:46:35 | Computer Name = GabrielJohannes | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21619601
 
Error - 11.03.2013 05:25:25 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
Error - 11.03.2013 10:46:42 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
Error - 11.03.2013 12:31:30 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
Error - 11.03.2013 12:41:05 | Computer Name = GabrielJohannes | Source = Application Hang | ID = 1002
Description = Programm Bench32.exe, Version 2.47.0.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 494    Startzeit:
01ce1e76438f212e    Endzeit: 60000    Anwendungspfad: C:\Users\Gabriel Johannes\Desktop\Bench32.exe

Berichts-ID:
 4b90d3fd-8a6a-11e2-a342-2c27d7e83b34 
 
Error - 11.03.2013 18:40:43 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
Error - 12.03.2013 09:22:28 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
Error - 12.03.2013 09:40:37 | Computer Name = GabrielJohannes | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17514 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 6a0    Startzeit: 01ce1f246620bcb3    Endzeit: 93    Anwendungspfad:
C:\Windows\Explorer.EXE    Berichts-ID: 68b42c56-8b1a-11e2-96ce-2c27d7e83b34 
 
Error - 13.03.2013 17:40:10 | Computer Name = GabrielJohannes | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 11.03.2013 12:59:45 | Computer Name = GabrielJohannes | Source = Service Control Manager | ID = 7030
Description = Der Dienst "DCService.exe" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 11.03.2013 16:02:10 | Computer Name = GabrielJohannes | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 11.03.2013 16:02:10 | Computer Name = GabrielJohannes | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 11.03.2013 16:02:11 | Computer Name = GabrielJohannes | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 11.03.2013 16:02:11 | Computer Name = GabrielJohannes | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 11.03.2013 16:02:12 | Computer Name = GabrielJohannes | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 11.03.2013 18:38:57 | Computer Name = GabrielJohannes | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\Rtlihvs.dll  Fehlercode: 126 
 
Error - 12.03.2013 09:20:42 | Computer Name = GabrielJohannes | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\Rtlihvs.dll  Fehlercode: 126 
 
Error - 13.03.2013 08:09:23 | Computer Name = GabrielJohannes | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 13.03.2013 17:38:25 | Computer Name = GabrielJohannes | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\Rtlihvs.dll  Fehlercode: 126 
 
 
< End of report >
Dann die Logfile von OTL.txt

Code:
OTL logfile created on: 14.03.2013 00:15:31 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Gabriel Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
5,75 Gb Total Physical Memory | 4,20 Gb Available Physical Memory | 73,07% Memory free
11,49 Gb Paging File | 9,65 Gb Available in Paging File | 84,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 219,95 Gb Free Space | 73,81% Space Free | Partition Type: NTFS
 
Computer Name: GABRIELJOHANNES | User Name: Gabriel Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.03.14 00:12:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriel Johannes\Desktop\OTL.exe
PRC - [2013.03.13 22:47:59 | 000,051,370 | ---- | M] () -- C:\Users\GABRIE~1\AppData\Local\Temp\winywqh.exe
PRC - [2013.03.13 22:42:58 | 000,012,970 | ---- | M] () -- C:\Users\GABRIE~1\AppData\Local\Temp\winqjvhqu.exe
PRC - [2013.03.11 10:40:15 | 001,820,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe
PRC - [2013.02.13 19:38:18 | 000,379,760 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013.02.13 19:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013.02.03 07:49:28 | 000,493,568 | ---- | M] () -- C:\Program Files (x86)\Rockstar Games\Grand Theft Auto San Andreas\samp.exe
PRC - [2013.01.30 15:45:22 | 006,864,896 | ---- | M] (FreeDownloadManager.ORG) -- C:\Program Files (x86)\Free Download Manager\fdm.exe
PRC - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2012.10.24 18:49:10 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.08.19 09:52:14 | 000,241,664 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2010.08.19 09:52:04 | 000,229,376 | ---- | M] () -- C:\ProgramData\DatacardService\DCService.exe
PRC - [2009.12.31 14:13:52 | 000,188,416 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Gabriel Johannes\AppData\Roaming\T-Mobile Internet Manager\ouc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.03.13 22:47:59 | 000,051,370 | ---- | M] () -- C:\Users\GABRIE~1\AppData\Local\Temp\winywqh.exe
MOD - [2013.03.13 22:42:58 | 000,012,970 | ---- | M] () -- C:\Users\GABRIE~1\AppData\Local\Temp\winqjvhqu.exe
MOD - [2013.03.11 10:40:14 | 014,718,320 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
MOD - [2013.02.13 16:22:56 | 017,300,480 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\Theme\Kies.Theme.dll
MOD - [2013.02.13 16:21:38 | 000,569,344 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\Common\Kies.UI.dll
MOD - [2013.02.06 15:04:44 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
MOD - [2013.02.06 15:04:04 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\MVVM\Kies.MVVM.dll
MOD - [2013.02.05 17:53:48 | 000,057,856 | ---- | M] () -- C:\Program Files (x86)\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
MOD - [2013.02.03 07:49:28 | 000,493,568 | ---- | M] () -- C:\Program Files (x86)\Rockstar Games\Grand Theft Auto San Andreas\samp.exe
MOD - [2013.01.11 03:22:32 | 003,547,136 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
MOD - [2013.01.11 03:17:32 | 000,105,984 | ---- | M] () -- C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
MOD - [2012.11.28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.10.24 18:49:23 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.01.08 14:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011.04.12 08:43:07 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.04.12 08:43:06 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2010.11.21 04:49:32 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\fbc05b5b05dc6366b02b8e2f77d080f1\System.Core.ni.dll
MOD - [2010.11.21 04:49:27 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\20008c75bb41e2febf84d4d4aea5b4e8\System.ServiceProcess.ni.dll
MOD - [2010.11.21 04:49:13 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2010.11.21 04:49:02 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2010.11.21 04:48:40 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2010.11.21 04:48:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2010.11.21 04:48:25 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2010.11.21 04:48:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2010.11.21 04:48:21 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2010.11.21 04:48:14 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.28 18:12:18 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.28 06:19:38 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.12.14 10:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2011.06.28 17:12:08 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010.08.19 09:52:04 | 000,229,376 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\DCService.exe -- (DCService.exe)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.09 14:10:20 | 000,043,456 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2012.09.28 10:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.09.07 17:38:22 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.03.13 14:41:44 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2011.09.28 18:52:48 | 010,210,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.28 17:34:54 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.08.18 04:44:46 | 000,053,376 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011.06.17 03:08:26 | 000,040,064 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2011.06.17 03:08:24 | 000,079,488 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2011.05.30 16:03:34 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.30 14:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.01.26 21:35:26 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.06.17 17:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.04.09 15:24:38 | 000,079,360 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV:64bit: - [2010.04.09 15:24:32 | 000,076,288 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010.04.07 17:05:00 | 000,250,368 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2010.03.25 10:08:46 | 000,120,704 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010.03.20 11:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2010.02.22 09:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.15 10:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
DRV:64bit: - [2009.12.15 10:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.02.18 00:22:48 | 000,296,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2013.02.05 09:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2011.06.24 06:31:02 | 000,055,424 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- c:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3D A0 B8 55 3B 1E CE 01  [binary data]
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\..\SearchScopes\{F8E3FF85-1D0D-4DF9-A131-031C83702655}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1477639088-1981150506-519203538-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: firefox@mega.co.nz:1.0.3
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.18 02:27:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013.02.18 13:54:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriel Johannes\AppData\Roaming\mozilla\Extensions
[2013.03.12 18:20:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gabriel Johannes\AppData\Roaming\mozilla\Firefox\Profiles\ox69ausg.default\extensions
[2013.03.12 18:20:26 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Gabriel Johannes\AppData\Roaming\mozilla\Firefox\Profiles\ox69ausg.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2013.03.11 10:52:45 | 000,004,366 | ---- | M] () (No name found) -- C:\Users\Gabriel Johannes\AppData\Roaming\mozilla\firefox\profiles\ox69ausg.default\extensions\firefox@mega.co.nz.xpi
[2013.02.19 03:00:01 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Gabriel Johannes\AppData\Roaming\mozilla\firefox\profiles\ox69ausg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.18 02:27:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Gabriel Johannes\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Gabriel Johannes\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1477639088-1981150506-519203538-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-1477639088-1981150506-519203538-1000..\Run: [Free Download Manager] C:\Program Files (x86)\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKU\S-1-5-21-1477639088-1981150506-519203538-1000..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
O4 - HKU\S-1-5-21-1477639088-1981150506-519203538-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1477639088-1981150506-519203538-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{074D46F4-BE28-483A-B595-1F4448CC420E}: NameServer = 213.94.78.16 213.94.78.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80430FB5-FE72-4EF8-B9AE-07684EC881D1}: NameServer = 213.94.78.17 213.94.78.16
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB47FBBA-F354-49C9-AA1B-5523FDA343FF}: DhcpNameServer = 192.168.43.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.02.18 02:09:40 | 000,000,384 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{60dd0f62-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0f62-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{60dd0f71-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0f71-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{60dd0f9a-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0f9a-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{60dd0faa-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0faa-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{60dd0fb7-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0fb7-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{60dd0fcb-881f-11e2-a1c5-2c27d7e83b34}\Shell - "" = AutoRun
O33 - MountPoints2\{60dd0fcb-881f-11e2-a1c5-2c27d7e83b34}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.03.14 00:11:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gabriel Johannes\Desktop\OTL.exe
[2013.03.12 18:20:36 | 000,431,616 | ---- | C] (Fatih Kodak) -- C:\Users\Gabriel Johannes\Desktop\Bat_To_Exe_Converter.exe
[2013.03.12 18:20:24 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Complitly
[2013.03.12 18:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Complitly
[2013.03.11 23:46:48 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Pictures
[2013.03.11 23:35:18 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\USB Driver
[2013.03.11 16:06:02 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Old Mp3s
[2013.03.11 11:26:34 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Future Trance 63
[2013.03.11 10:41:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Macromedia
[2013.03.11 10:41:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Macromedia
[2013.03.11 10:41:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Adobe
[2013.03.11 10:40:15 | 000,691,568 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.11 10:40:15 | 000,071,024 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.11 10:40:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.03.11 10:40:07 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.03.11 10:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.03.10 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Documents\Eigene virtuelle Computer
[2013.03.10 14:19:29 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Test Server
[2013.03.09 16:48:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber
[2013.03.09 16:48:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC
[2013.03.09 15:57:02 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\VirtualBox VMs
[2013.03.09 15:56:08 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\.VirtualBox
[2013.03.09 14:10:20 | 000,075,200 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\libusb0.dll
[2013.03.09 14:10:20 | 000,067,008 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\libusb0.dll
[2013.03.09 14:10:20 | 000,043,456 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\drivers\libusb0.sys
[2013.03.09 13:55:53 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2013.03.08 19:50:47 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\T-Mobile Internet Manager
[2013.03.08 19:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Mobile Internet Manager
[2013.03.08 19:47:23 | 000,724,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\bmutil.dll
[2013.03.08 19:47:23 | 000,308,352 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysWow64\bminstall.dll
[2013.03.08 19:47:23 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\T-Mobile
[2013.03.08 19:47:22 | 000,039,552 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\tcpipBM.sys
[2013.03.08 19:47:22 | 000,016,512 | ---- | C] (Bytemobile, Inc.) -- C:\Windows\SysNative\drivers\BMLoad.sys
[2013.03.08 19:47:09 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2013.03.08 19:47:09 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01009.dll
[2013.03.08 19:47:09 | 000,079,360 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2013.03.08 19:47:09 | 000,076,288 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2013.03.08 19:47:09 | 000,049,664 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2013.03.08 19:47:09 | 000,027,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2013.03.08 19:47:07 | 001,001,472 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2013.03.08 19:47:07 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2013.03.08 19:47:02 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2013.03.08 19:46:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\T-Mobile
[2013.03.08 19:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
[2013.03.08 19:41:46 | 000,135,168 | ---- | C] (ZTE Corporation) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys
[2013.03.08 19:41:46 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys
[2013.03.08 19:41:46 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys
[2013.03.08 19:41:46 | 000,121,344 | ---- | C] (ZTE Incorporated) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys
[2013.03.08 19:41:46 | 000,011,776 | ---- | C] (MBB Incorporated) -- C:\Windows\SysNative\drivers\massfilter.sys
[2013.03.08 19:41:40 | 000,250,368 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2013.03.08 19:41:40 | 000,120,704 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2013.03.08 19:41:40 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2013.03.08 19:41:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{E20C9620-7DFA-4C75-8F3B-02E4B3F4D981}
[2013.03.08 19:41:33 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\mquadr.at
[2013.03.08 19:41:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\A1 Dashboard
[2013.03.08 19:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1
[2013.03.08 19:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\mquadr.at
[2013.03.08 19:41:09 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\PackageAware
[2013.03.07 12:30:42 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\System Backup Tablett
[2013.03.07 11:34:39 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.03.06 20:36:51 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Root sachen
[2013.03.06 19:28:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2013.03.06 12:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
[2013.03.06 12:36:44 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\SysWow64\dgderapi.dll
[2013.03.06 11:43:34 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Odin3-v1.85
[2013.03.04 18:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2013.03.04 18:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2013.03.04 18:25:15 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.03.04 18:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2013.03.04 18:09:51 | 000,000,000 | ---D | C] -- C:\Temp
[2013.03.04 18:07:37 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2013.03.04 18:07:27 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Samsung
[2013.03.04 18:07:23 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Samsung
[2013.03.04 14:08:42 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Documents\FFOutput
[2013.03.04 14:08:40 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2013.03.04 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
[2013.03.04 14:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreeTime
[2013.03.04 13:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2013.03.04 13:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2013.03.04 13:42:34 | 003,545,944 | ---- | C] (Piriform Ltd) -- C:\Users\Gabriel Johannes\Desktop\rcsetup145.exe
[2013.03.02 17:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.03.02 16:29:47 | 000,425,064 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2013.03.02 16:29:47 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2013.03.02 16:19:25 | 006,001,128 | ---- | C] (Hewlett-Packard                                            ) -- C:\Users\Gabriel Johannes\Desktop\sp55083.exe
[2013.02.28 13:27:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[2013.02.28 12:18:14 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\FileZilla
[2013.02.27 10:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.02.27 10:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.27 10:09:06 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013.02.27 10:00:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.02.26 12:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
[2013.02.26 12:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MTA San Andreas All
[2013.02.26 12:29:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MTA San Andreas 1.3
[2013.02.26 12:26:55 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\.minecraft
[2013.02.26 11:34:48 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\ElevatedDiagnostics
[2013.02.26 10:53:48 | 000,432,160 | ---- | C] (ATTO Technology Inc.) -- C:\Users\Gabriel Johannes\Desktop\Bench32.exe
[2013.02.26 10:50:51 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Audiosurf.2010.Non.Steam-AoN
[2013.02.26 10:47:56 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\WBB Plugins
[2013.02.26 10:47:52 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Zugangsdaten
[2013.02.26 10:47:46 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\Greek Ultimate Stuntages
[2013.02.26 10:47:35 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Desktop\pawno
[2013.02.26 10:46:23 | 001,028,096 | ---- | C] (hxxp://deluxe-tools.net/) -- C:\Users\Gabriel Johannes\Desktop\DeLuXe Chat Spam.exe
[2013.02.25 12:37:26 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2013.02.25 12:37:26 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2013.02.25 12:37:26 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2013.02.25 12:37:19 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2013.02.25 12:37:19 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2013.02.25 12:37:19 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2013.02.25 12:37:12 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.02.25 12:37:12 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2013.02.25 12:26:43 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2013.02.25 12:16:11 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Documents\GTA San Andreas User Files
[2013.02.23 17:10:04 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Documents\Scanned Documents
[2013.02.23 17:10:03 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Documents\Fax
[2013.02.23 15:57:45 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\TeamViewer
[2013.02.23 15:38:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.02.19 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Apple Computer
[2013.02.19 02:26:29 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Apple Computer
[2013.02.19 02:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.02.19 02:26:22 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2013.02.19 02:26:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.02.19 02:26:07 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.02.19 02:26:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.02.19 02:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.02.19 02:26:07 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.02.19 02:25:47 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Apple
[2013.02.19 02:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.02.19 02:25:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.02.19 02:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.02.19 02:25:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.02.19 02:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.02.19 02:25:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.02.19 00:13:06 | 000,000,000 | ---D | C] -- C:\Downloads
[2013.02.18 23:52:24 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Free Download Manager
[2013.02.18 23:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
[2013.02.18 23:52:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Download Manager
[2013.02.18 13:54:06 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Mozilla
[2013.02.18 13:54:06 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Mozilla
[2013.02.18 04:03:33 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Auslogics
[2013.02.18 03:34:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2013.02.18 02:42:23 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Apps
[2013.02.18 02:30:07 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\AMD
[2013.02.18 02:29:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\ATI
[2013.02.18 02:29:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\ATI
[2013.02.18 02:29:54 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.02.18 02:29:08 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\Documents\samsung
[2013.02.18 02:27:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.18 02:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2013.02.18 02:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinSCP
[2013.02.18 02:25:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013.02.18 02:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2013.02.18 02:24:24 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\BitTorrent
[2013.02.18 02:24:05 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.02.18 02:23:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.02.18 02:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.02.18 02:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.02.18 02:23:12 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\DVDVideoSoft
[2013.02.18 02:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2013.02.18 02:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2013.02.18 02:22:05 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Google
[2013.02.18 02:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2013.02.18 02:21:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.02.18 02:20:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2013.02.18 02:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2013.02.18 02:20:15 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.02.18 02:20:15 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.02.18 02:20:15 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.18 02:20:07 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.18 02:20:07 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.18 02:20:07 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.18 02:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.02.18 02:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
[2013.02.18 02:19:26 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\ICQ
[2013.02.18 02:19:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7M
[2013.02.18 02:18:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013.02.18 02:18:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013.02.18 02:17:42 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\WinRAR
[2013.02.18 02:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.02.18 02:13:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2013.02.18 02:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.02.18 02:12:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.02.18 02:11:54 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Downloaded Installations
[2013.02.18 02:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.02.18 02:10:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2013.02.18 02:10:07 | 000,878,184 | ---- | C] (Realtek Semiconductor Corporation                          ) -- C:\Windows\SysNative\drivers\rtl8192ce.sys
[2013.02.18 02:09:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2013.02.18 02:09:25 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013.02.18 02:09:11 | 009,888,360 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysWow64\RtsPStorIcon.dll
[2013.02.18 02:09:11 | 000,338,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtsPStor.sys
[2013.02.18 02:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013.02.18 02:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013.02.18 02:08:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013.02.18 02:08:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013.02.18 02:08:03 | 000,053,376 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2013.02.18 02:08:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.02.18 02:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2013.02.18 02:07:23 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2013.02.18 02:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013.02.18 02:06:37 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.02.18 02:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013.02.18 02:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013.02.18 02:02:57 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013.02.18 02:02:57 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Searches
[2013.02.18 02:02:57 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013.02.18 02:02:49 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Identities
[2013.02.18 02:02:46 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Contacts
[2013.02.18 02:02:42 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\VirtualStore
[2013.02.18 02:02:30 | 000,000,000 | --SD | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Videos
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Saved Games
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Pictures
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Music
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Links
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Favorites
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Downloads
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Documents
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\Desktop
[2013.02.18 02:02:30 | 000,000,000 | R--D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Vorlagen
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\AppData\Local\Verlauf
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\AppData\Local\Temporary Internet Files
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Startmenü
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\SendTo
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Recent
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Netzwerkumgebung
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Lokale Einstellungen
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Documents\Eigene Videos
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Documents\Eigene Musik
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Eigene Dateien
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Documents\Eigene Bilder
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Druckumgebung
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Cookies
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\AppData\Local\Anwendungsdaten
[2013.02.18 02:02:30 | 000,000,000 | -HSD | C] -- C:\Users\Gabriel Johannes\Anwendungsdaten
[2013.02.18 02:02:30 | 000,000,000 | -H-D | C] -- C:\Users\Gabriel Johannes\AppData
[2013.02.18 02:02:30 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Temp
[2013.02.18 02:02:30 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Local\Microsoft
[2013.02.18 02:02:30 | 000,000,000 | ---D | C] -- C:\Users\Gabriel Johannes\AppData\Roaming\Media Center Programs
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Recovery
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2013.02.18 02:02:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2013.02.18 02:00:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013.02.18 01:57:49 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013.02.18 01:57:05 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013.02.18 01:56:45 | 000,000,000 | ---D | C] -- C:\Windows\Panther
 
========== Files - Modified Within 30 Days ==========
 
[2013.03.14 00:12:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gabriel Johannes\Desktop\OTL.exe
[2013.03.13 23:18:13 | 000,031,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.03.13 23:18:13 | 000,031,280 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.03.13 23:15:30 | 000,093,233 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Mein Neuer Laptop =).JPG
[2013.03.13 22:47:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.03.13 22:42:57 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.03.13 22:42:57 | 000,645,542 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.03.13 22:42:57 | 000,607,864 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.03.13 22:42:57 | 000,127,110 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.03.13 22:42:57 | 000,104,242 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.03.13 22:38:16 | 331,534,335 | -HS- | M] () -- C:\hiberfil.sys
[2013.03.13 13:19:06 | 000,000,107 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Crack for Call of Duty MW 3.bat
[2013.03.12 17:33:23 | 000,000,604 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\virus.bat
[2013.03.11 23:03:43 | 000,089,849 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\2.JPG
[2013.03.11 23:01:58 | 000,126,405 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\1.JPG
[2013.03.11 10:40:15 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.03.11 10:40:15 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.03.09 18:33:44 | 000,000,600 | ---- | M] () -- C:\Users\Gabriel Johannes\AppData\Local\PUTTY.RND
[2013.03.09 18:24:58 | 005,949,440 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\recovery-image.tar
[2013.03.09 18:13:34 | 005,171,760 | ---- | M] () -- C:\vmlinuz
[2013.03.09 15:50:24 | 005,947,392 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\recovery-clockwork-6.0.2.3-p3100.img
[2013.03.09 14:10:20 | 000,075,200 | ---- | M] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\libusb0.dll
[2013.03.09 14:10:20 | 000,067,008 | ---- | M] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\libusb0.dll
[2013.03.09 14:10:20 | 000,043,456 | ---- | M] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysNative\drivers\libusb0.sys
[2013.03.09 13:56:17 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013.03.09 13:55:53 | 001,002,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2013.03.08 19:48:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01009.Wdf
[2013.03.08 19:47:28 | 000,001,286 | ---- | M] () -- C:\Users\Public\Desktop\T-Mobile Internet Manager.lnk
[2013.03.08 19:47:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2013.03.08 19:42:35 | 000,001,016 | ---- | M] () -- C:\Users\Public\Desktop\A1 Dashboard.lnk
[2013.03.06 20:28:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.03.06 20:23:09 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.03.06 20:23:09 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.03.06 12:44:37 | 000,001,702 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2013.03.04 14:08:28 | 000,001,198 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Format Factory.lnk
[2013.03.04 13:42:45 | 003,545,944 | ---- | M] (Piriform Ltd) -- C:\Users\Gabriel Johannes\Desktop\rcsetup145.exe
[2013.03.03 15:54:17 | 000,007,597 | ---- | M] () -- C:\Users\Gabriel Johannes\AppData\Local\Resmon.ResmonCfg
[2013.03.02 17:14:08 | 158,761,416 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\setup_11.0.0.1245.x01_2013_02_18_12_18.exe
[2013.03.02 16:29:13 | 006,001,128 | ---- | M] (Hewlett-Packard                                            ) -- C:\Users\Gabriel Johannes\Desktop\sp55083.exe
[2013.02.27 10:43:49 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.26 12:30:06 | 000,002,120 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2013.02.26 10:54:02 | 000,000,000 | ---- | M] () -- C:\Windows\Bench32.INI
[2013.02.26 06:23:36 | 003,244,032 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\fugees_-_ready_or_not.mp3
[2013.02.26 05:57:28 | 005,700,907 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Mario Winans feat. P. Diddy - I dont wanna know.mp3
[2013.02.25 12:16:23 | 000,001,296 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\San Andreas Multiplayer.lnk
[2013.02.24 06:57:46 | 000,275,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.23 18:33:32 | 004,376,381 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Nick Kershaw - Wouldnt it be good.mp3
[2013.02.23 16:47:48 | 003,250,022 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Olly Murs - Heart Skips a Beat.mp3
[2013.02.23 15:38:03 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.02.23 15:37:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.02.21 12:20:38 | 007,866,087 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Cascada - Everytime we Touch.mp3
[2013.02.20 00:33:39 | 000,088,280 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2013.02.19 02:26:27 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.18 23:52:20 | 000,001,067 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Free Download Manager.lnk
[2013.02.18 14:45:00 | 000,000,600 | ---- | M] () -- C:\Users\Gabriel Johannes\AppData\Roaming\winscp.rnd
[2013.02.18 02:28:14 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013.02.18 02:27:02 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.18 02:26:11 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2013.02.18 02:25:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.02.18 02:25:05 | 000,001,246 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Auslogics Disk Defrag.lnk
[2013.02.18 02:24:03 | 000,001,239 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\DVDVideoSoft Free Studio.lnk
[2013.02.18 02:22:31 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.02.18 02:22:17 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.02.18 02:20:47 | 000,001,031 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\PhotoScape.lnk
[2013.02.18 02:20:03 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.02.18 02:20:02 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.02.18 02:20:02 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.02.18 02:20:02 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.02.18 02:20:02 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.02.18 02:20:02 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.02.18 02:19:33 | 000,001,813 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2013.02.18 02:18:34 | 000,002,000 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013.02.18 02:17:42 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2013.02.18 02:09:40 | 000,103,140 | RHS- | M] () -- C:\seiv.pif
[2013.02.18 02:09:40 | 000,000,384 | RHS- | M] () -- C:\autorun.inf
[2013.02.18 02:00:47 | 000,177,271 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013.02.18 02:00:47 | 000,177,271 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013.02.15 00:13:03 | 006,809,391 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\CrystalDiskInfo5_3_1Shizuku.zip
[2013.02.14 23:48:16 | 000,242,310 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\bench32_247.zip
[2013.02.13 22:17:56 | 005,716,730 | ---- | M] () -- C:\Users\Gabriel Johannes\Desktop\Evanescence - Bring Me to Life.mp3
 
========== Files Created - No Company Name ==========
 
[2013.03.13 23:15:30 | 000,093,233 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Mein Neuer Laptop =).JPG
[2013.03.12 17:48:13 | 000,000,107 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Crack for Call of Duty MW 3.bat
[2013.03.12 17:16:03 | 000,000,604 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\virus.bat
[2013.03.11 23:03:43 | 000,089,849 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\2.JPG
[2013.03.11 23:01:57 | 000,126,405 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\1.JPG
[2013.03.09 18:24:39 | 005,949,440 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\recovery-image.tar
[2013.03.09 18:13:33 | 005,171,760 | ---- | C] () -- C:\vmlinuz
[2013.03.09 16:48:38 | 000,001,877 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2013.03.09 16:37:50 | 005,947,392 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\recovery-clockwork-6.0.2.3-p3100.img
[2013.03.09 13:56:17 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2013.03.08 19:48:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jucdcacm_01009.Wdf
[2013.03.08 19:47:28 | 000,001,286 | ---- | C] () -- C:\Users\Public\Desktop\T-Mobile Internet Manager.lnk
[2013.03.08 19:47:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2013.03.08 19:41:33 | 000,001,016 | ---- | C] () -- C:\Users\Public\Desktop\A1 Dashboard.lnk
[2013.03.08 16:59:22 | 004,443,264 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\01 - Clubland Xtreme Hardcore 5 - Turn The Tide - Kopie.mp3
[2013.03.08 16:59:01 | 004,443,264 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\01 - Clubland Xtreme Hardcore 5 - Turn The Tide.mp3
[2013.03.07 22:42:46 | 000,000,600 | ---- | C] () -- C:\Users\Gabriel Johannes\AppData\Local\PUTTY.RND
[2013.03.06 20:28:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2013.03.06 20:23:09 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.03.06 20:23:09 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk
[2013.03.04 18:25:15 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.03.04 18:25:15 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.03.04 14:08:28 | 000,001,198 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Format Factory.lnk
[2013.03.04 14:07:38 | 042,176,845 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\FFSetup270.exe
[2013.03.04 13:43:50 | 000,001,702 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2013.03.03 15:54:17 | 000,007,597 | ---- | C] () -- C:\Users\Gabriel Johannes\AppData\Local\Resmon.ResmonCfg
[2013.03.02 17:11:19 | 158,761,416 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\setup_11.0.0.1245.x01_2013_02_18_12_18.exe
[2013.03.02 16:29:47 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2013.02.27 10:22:21 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.02.26 12:30:06 | 000,002,120 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk
[2013.02.26 11:22:38 | 001,993,107 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\StuntLandia.rar
[2013.02.26 10:54:02 | 000,000,000 | ---- | C] () -- C:\Windows\Bench32.INI
[2013.02.26 10:53:48 | 000,035,877 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Bench32.chm
[2013.02.26 10:48:01 | 006,809,391 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\CrystalDiskInfo5_3_1Shizuku.zip
[2013.02.26 10:46:36 | 000,242,310 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\bench32_247.zip
[2013.02.26 10:45:34 | 002,342,998 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\XtremePlanet.rar
[2013.02.26 10:39:51 | 003,794,104 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Shaggy - Angel.mp3
[2013.02.26 10:39:48 | 003,340,833 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Rihanna-Te-Amo.mp3
[2013.02.26 10:39:43 | 006,013,943 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Half Mast.mp3
[2013.02.26 10:39:40 | 004,190,555 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Bruce Hornsby - The Way It Is.mp3
[2013.02.26 10:39:31 | 005,716,730 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Evanescence - Bring Me to Life.mp3
[2013.02.26 06:15:41 | 003,244,032 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\fugees_-_ready_or_not.mp3
[2013.02.26 05:45:53 | 005,700,907 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Mario Winans feat. P. Diddy - I dont wanna know.mp3
[2013.02.25 12:16:23 | 000,001,296 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\San Andreas Multiplayer.lnk
[2013.02.23 18:22:01 | 004,376,381 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Nick Kershaw - Wouldnt it be good.mp3
[2013.02.23 16:40:51 | 003,250,022 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Olly Murs - Heart Skips a Beat.mp3
[2013.02.23 15:38:03 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.02.23 15:38:03 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.02.23 15:37:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.02.21 12:09:09 | 007,866,087 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Cascada - Everytime we Touch.mp3
[2013.02.20 00:33:39 | 000,088,280 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013.02.19 02:26:27 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.02.19 02:25:46 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.02.18 23:52:20 | 000,001,067 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Free Download Manager.lnk
[2013.02.18 14:45:00 | 000,000,600 | ---- | C] () -- C:\Users\Gabriel Johannes\AppData\Roaming\winscp.rnd
[2013.02.18 02:28:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.02.18 02:27:02 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.02.18 02:27:02 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.02.18 02:26:11 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinSCP.lnk
[2013.02.18 02:25:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013.02.18 02:25:05 | 000,001,246 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\Auslogics Disk Defrag.lnk
[2013.02.18 02:24:03 | 000,001,239 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\DVDVideoSoft Free Studio.lnk
[2013.02.18 02:22:31 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2013.02.18 02:22:17 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk
[2013.02.18 02:20:47 | 000,001,031 | ---- | C] () -- C:\Users\Gabriel Johannes\Desktop\PhotoScape.lnk
[2013.02.18 02:19:33 | 000,001,813 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7M.lnk
[2013.02.18 02:18:34 | 000,002,000 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013.02.18 02:17:42 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2013.02.18 02:10:07 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2013.02.18 02:09:40 | 000,103,140 | RHS- | C] () -- C:\seiv.pif
[2013.02.18 02:09:08 | 000,000,384 | RHS- | C] () -- C:\autorun.inf
[2013.02.18 02:03:03 | 000,001,405 | ---- | C] () -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013.02.18 02:02:59 | 000,001,439 | ---- | C] () -- C:\Users\Gabriel Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013.02.18 02:00:38 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013.02.18 02:00:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013.02.18 01:57:05 | 331,534,335 | -HS- | C] () -- C:\hiberfil.sys
[2013.02.05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.10.29 12:09:28 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.10.29 12:09:28 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.10.29 12:09:28 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.10.29 12:09:28 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.28 06:49:36 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2011.03.18 01:51:46 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
Bitte & Danke

cosinus 14.03.2013 15:28
Zitat:
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?


Zitat:
C:\Users\Gabriel Johannes\Desktop\Crack for Call of Duty MW 3.bat
Was genau mag das wohl sein? :pfeiff:


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19