| Big-Blue | 01.10.2010 20:51 |
OTL Log auswerten
Hi,
nachdem aus meinem Startmenü die Spybot S&D exe seltsamerweise verschwunden ist,
dachte ich mir ich mache mal ein OTL-Log, da W7 64-bit: Code:
OTL logfile created on: Freitag, 01. Oktober 2010 21:45:44 - Run 3
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Big-Blue\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dddd, dd. MMMM yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 69,00% Memory free
10,00 Gb Paging File | 9,00 Gb Available in Paging File | 87,00% Paging File free
Paging file location(s): d:\pagefile.sys 6000 6000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 399,29 Gb Total Space | 128,48 Gb Free Space | 32,18% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 53,71 Gb Free Space | 55,00% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 27,94 Gb Total Space | 26,25 Gb Free Space | 93,94% Space Free | Partition Type: NTFS
Drive G: | 292,97 Gb Total Space | 198,07 Gb Free Space | 67,61% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: GAMING-AREA
Current User Name: Big-Blue
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/10/01 21:36:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Big-Blue\Downloads\OTL.exe
PRC - [2010/09/07 17:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Programme\Avast! 5\AvastUI.exe
PRC - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Programme\Avast! 5\AvastSvc.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/07/06 18:14:56 | 000,716,024 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2010/05/23 12:20:35 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
PRC - [2009/09/23 15:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009/09/23 15:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
========== Modules (SafeList) ==========
MOD - [2010/10/01 21:36:19 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Big-Blue\Downloads\OTL.exe
MOD - [2009/07/14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\linkinfo.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\PnkBstrA.exe -- (PnkBstrA)
SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Avast! 5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Avast! 5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/09/07 17:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Avast! 5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/08/26 03:57:14 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/04/17 12:56:30 | 000,094,440 | ---- | M] (tzuk) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2010/09/23 21:02:48 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/07/16 16:07:57 | 005,722,920 | ---- | M] (Bitvise) [On_Demand | Stopped] -- C:\Program Files (x86)\Bitvise WinSSHD\WinSSHD.exe -- (WinSSHD)
SRV - [2010/07/06 18:14:56 | 000,716,024 | ---- | M] (Tunngle.net GmbH) [Disabled | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010/05/23 12:20:35 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/04/23 05:39:00 | 000,136,616 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010/03/30 11:16:14 | 001,823,112 | ---- | M] (LogMeIn Inc.) [Disabled | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010/03/18 14:27:14 | 000,138,576 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_64)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 23:38:00 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/01/29 23:18:20 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/10/20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/09/26 07:35:02 | 000,819,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE -- (cvhsvc)
SRV - [2009/09/23 15:04:42 | 000,447,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/09/23 15:04:42 | 000,203,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe -- (EpsonBidirectionalService)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - File not found [Kernel | System | Stopped] -- C:\Windows\SysNative\DRIVERS\EIO64.sys -- (EIO64)
DRV:64bit: - [2010/09/07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/08/28 14:33:54 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/08/26 05:37:26 | 007,767,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/08/26 03:20:56 | 000,279,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/07/15 14:47:42 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010/05/28 13:04:52 | 000,017,456 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/05/24 13:44:45 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010/05/24 13:44:44 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2010/05/06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/02 19:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2010/02/09 11:42:14 | 000,325,664 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2010/01/22 12:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/01/22 12:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/11/10 13:53:40 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/11/10 13:53:16 | 000,058,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/11/10 13:53:00 | 000,056,336 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/10/20 20:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/09/23 15:04:52 | 000,025,944 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009/09/16 08:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/09/11 21:49:18 | 000,076,552 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2009/09/11 21:49:08 | 000,015,880 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2009/09/11 21:48:46 | 000,041,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/09/11 21:48:36 | 000,026,248 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/05 09:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/02/17 18:22:22 | 000,017,792 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asusgsb.sys -- (asusgsb)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2010/04/23 05:38:48 | 000,052,352 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys -- (AODDriver2)
DRV - [2010/04/17 12:56:26 | 000,134,760 | ---- | M] (tzuk) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/09/23 15:04:42 | 000,261,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftplaylh.sys -- (sftplay)
DRV - [2009/09/23 15:04:42 | 000,017,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftvollh.sys -- (sftvol)
DRV - [2009/09/23 15:04:38 | 000,712,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\drivers\sftfslh.sys -- (sftfs)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 B5 60 C9 4B F8 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.3.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: shaved-bieber@gleuch.com:1.0.1
FF - prefs.js..extensions.enabledItems: stratareloaded@addons.mozilla.org:2.5.4
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/09/29 17:12:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/09/29 17:12:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\components [2010/09/29 17:12:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 1\plugins
[2010/05/29 13:51:42 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Extensions
[2010/09/24 21:36:13 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions
[2010/09/21 18:48:14 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/09/11 10:08:15 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/04 19:30:28 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/07/28 08:50:24 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/08/18 19:59:34 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/11 20:00:35 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010/07/16 16:56:05 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\shaved-bieber@gleuch.com
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.0x\mozapps\extensions
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.5x\mozapps\extensions
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.6x\mozapps\extensions
[2010/09/24 21:17:31 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\3.6x\mozapps_old\extensions
[2010/09/24 21:17:31 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\4.0b6\mozapps\extensions
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\4.0x\mozapps\extensions
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\imageres\mozapps\extensions
[2010/09/24 21:17:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\mozilla\Firefox\Profiles\857vo1oj.default\extensions\stratareloaded@addons.mozilla.org\chrome\imageres\mozapps\extensions\3.6
[2010/07/24 14:32:19 | 000,001,531 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\amazonde.xml
[2010/09/12 02:52:48 | 000,001,077 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\battlenet.xml
[2010/06/20 21:24:35 | 000,002,016 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\forumbase.xml
[2010/07/26 11:13:38 | 000,001,660 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\leo-deu-eng.xml
[2010/06/04 17:28:19 | 000,002,504 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\steam-search.xml
[2010/08/25 17:23:29 | 000,002,698 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\twitter.xml
[2010/07/26 11:14:17 | 000,001,328 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\wikipedia-de.xml
[2010/05/29 19:40:41 | 000,002,057 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\Mozilla\FireFox\Profiles\857vo1oj.default\searchplugins\youtube-videosuche.xml
[2010/06/06 11:26:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010/06/06 11:26:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/06/06 11:26:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/09/14 22:22:23 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/09/14 22:22:23 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/09/14 22:22:23 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/09/14 22:22:23 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/09/14 22:22:23 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010/10/01 21:35:08 | 000,420,779 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 14510 more lines...
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Avast! 5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime Alternative\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\Big-Blue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Taskbar Eliminator.lnk = C:\Users\Big-Blue\Taskbar Eliminator\Taskbar Eliminator.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = InYaFaceBAM
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - Reg Error: Key error. - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e37216d1-6b1e-11df-ad11-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{e37216d1-6b1e-11df-ad11-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/09/29 21:03:13 | 000,000,000 | ---D | C] -- C:\Programme\TeamSpeak 3 Client
[2010/09/29 17:13:43 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010/09/29 17:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/09/29 17:13:43 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010/09/29 15:54:41 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\HandBrake
[2010/09/29 15:54:37 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\HandBrake
[2010/09/29 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Handbrake
[2010/09/29 14:53:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ks.sys
[2010/09/29 14:19:14 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\vlc
[2010/09/25 13:35:01 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\World in Conflict - DEMO
[2010/09/25 13:34:56 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\Documents\World in Conflict - DEMO
[2010/09/25 13:24:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sierra Entertainment
[2010/09/23 20:10:37 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\systemgestartet_data
[2010/09/23 20:03:04 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\crabs_data
[2010/09/23 19:59:02 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Audacity
[2010/09/23 19:34:28 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Need for Speed World
[2010/09/23 19:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2010/09/23 19:28:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2010/09/23 19:07:11 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\Electronic_Arts_Inc
[2010/09/23 18:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2010/09/23 17:31:03 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\Documents\PrettyMay
[2010/09/23 17:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\PrettyMay
[2010/09/22 21:25:01 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Win7codecs
[2010/09/22 21:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Win7codecs
[2010/09/22 21:24:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2010/09/21 17:24:34 | 000,000,000 | ---D | C] -- C:\StarCraft II
[2010/09/21 17:09:49 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Miranda
[2010/09/21 17:09:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Miranda IM
[2010/09/21 16:42:53 | 000,000,000 | ---D | C] -- C:\StarCraftIIGame
[2010/09/20 19:34:41 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Trillian
[2010/09/20 19:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2010/09/20 19:31:18 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\mIRC
[2010/09/20 19:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scratch
[2010/09/18 18:13:14 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010/09/17 20:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010/09/17 20:36:01 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\NPE
[2010/09/15 14:03:05 | 002,441,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/09/14 17:18:54 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2010/09/13 17:11:01 | 000,000,000 | ---D | C] -- C:\Mandelbrot
[2010/09/11 14:24:45 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\skypePM
[2010/09/11 13:58:22 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Skype
[2010/09/11 13:58:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010/09/11 13:57:59 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010/09/11 13:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010/09/09 20:43:17 | 000,000,000 | ---D | C] -- C:\thumb
[2010/09/08 20:12:45 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Roaming\Apple Computer
[2010/09/08 20:12:45 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\Apple Computer
[2010/09/08 20:12:32 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010/09/08 20:12:32 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010/09/08 20:12:32 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010/09/08 20:12:26 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/09/08 20:11:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/09/08 20:11:58 | 000,000,000 | ---D | C] -- C:\Users\Big-Blue\AppData\Local\Apple
[2010/09/08 20:11:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010/09/08 20:11:42 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010/09/08 20:11:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/09/08 20:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/09/08 20:11:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/02/04 00:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/10/01 21:46:35 | 007,864,320 | -HS- | M] () -- C:\Users\Big-Blue\NTUSER.DAT
[2010/10/01 21:35:08 | 000,420,779 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010/10/01 20:57:01 | 000,000,258 | ---- | M] () -- C:\Windows\tasks\Epson Printer Software Downloader.job
[2010/10/01 14:59:22 | 000,080,577 | ---- | M] () -- C:\Users\Big-Blue\Documents\mad marine.SC2Map
[2010/10/01 14:57:03 | 000,080,221 | ---- | M] () -- C:\Users\Big-Blue\Documents\mad marineAutoBackup001.SC2Map
[2010/10/01 14:07:46 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/01 14:07:46 | 000,014,800 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/01 14:00:35 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/10/01 14:00:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/30 21:39:19 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2010/09/30 21:39:10 | 009,808,960 | -H-- | M] () -- C:\Users\Big-Blue\AppData\Local\IconCache.db
[2010/09/27 17:16:55 | 019,657,194 | ---- | M] () -- C:\Users\Big-Blue\vlc-1.1.4-win32.exe
[2010/09/26 18:43:42 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/09/26 18:43:42 | 000,654,372 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010/09/26 18:43:42 | 000,616,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/09/26 18:43:42 | 000,129,986 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010/09/26 18:43:42 | 000,106,376 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/09/26 16:11:18 | 000,001,383 | ---- | M] () -- C:\Users\Big-Blue\AppData\Roaming\MPQEditor.ini
[2010/09/24 21:33:19 | 070,374,013 | ---- | M] () -- C:\Users\Big-Blue\Desktop\Starcraft 2 - This is War.mp4
[2010/09/24 15:08:37 | 000,014,045 | ---- | M] () -- C:\Users\Big-Blue\Documents\laserguy.SC2Map
[2010/09/24 14:47:35 | 000,008,672 | ---- | M] () -- C:\Users\Big-Blue\Documents\laserguyAutoBackup001.SC2Map
[2010/09/23 20:10:37 | 000,002,136 | ---- | M] () -- C:\Users\Big-Blue\systemgestartet.aup
[2010/09/23 20:03:04 | 000,001,931 | ---- | M] () -- C:\Users\Big-Blue\crabs.aup
[2010/09/22 19:22:57 | 000,111,781 | ---- | M] () -- C:\Users\Big-Blue\Documents\lostoutpost2.SC2Map
[2010/09/22 19:16:50 | 000,111,608 | ---- | M] () -- C:\Users\Big-Blue\Documents\lostoutpost.SC2Map
[2010/09/22 19:10:17 | 000,111,236 | ---- | M] () -- C:\Users\Big-Blue\Documents\lostoutpost2AutoBackup001.SC2Map
[2010/09/22 19:00:42 | 000,110,190 | ---- | M] () -- C:\Users\Big-Blue\Documents\lostoutpostAutoBackup001.SC2Map
[2010/09/22 14:31:08 | 000,000,795 | ---- | M] () -- C:\sc2-2.x.x.x-1890-x86-Win-enGB-tools - Kopie.torrent
[2010/09/21 19:51:47 | 000,148,684 | ---- | M] () -- C:\Users\Big-Blue\Documents\sare.SC2Map
[2010/09/21 19:48:39 | 000,149,283 | ---- | M] () -- C:\Users\Big-Blue\Documents\sareAutoBackup001.SC2Map
[2010/09/21 19:47:20 | 000,149,283 | ---- | M] () -- C:\Users\Big-Blue\Documents\easydefeat.SC2Map
[2010/09/21 19:32:37 | 000,129,445 | ---- | M] () -- C:\Users\Big-Blue\Documents\easydefeatAutoBackup001.SC2Map
[2010/09/21 18:39:25 | 000,045,233 | ---- | M] () -- C:\Users\Big-Blue\Documents\marinie.SC2Map
[2010/09/21 18:32:56 | 000,029,606 | ---- | M] () -- C:\Users\Big-Blue\Documents\marinieAutoBackup001.SC2Map
[2010/09/19 19:09:40 | 000,094,963 | ---- | M] () -- C:\Users\Big-Blue\Documents\phoenixr11.SC2Map
[2010/09/19 19:01:43 | 000,092,856 | ---- | M] () -- C:\Users\Big-Blue\Documents\phoenixr11AutoBackup001.SC2Map
[2010/09/11 14:24:47 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010/09/11 13:47:46 | 000,054,363 | ---- | M] () -- C:\Users\Big-Blue\Documents\Unbenannt.wma
[2010/09/10 16:32:49 | 000,040,611 | ---- | M] () -- C:\Users\Big-Blue\Documents\karte.SC2Map
[2010/09/10 16:25:14 | 000,040,099 | ---- | M] () -- C:\Users\Big-Blue\Documents\karteAutoBackup001.SC2Map
[2010/09/10 14:25:39 | 000,000,862 | ---- | M] () -- C:\Users\Big-Blue\.recently-used.xbel
[2010/09/09 19:32:18 | 000,419,365 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101001-213508.backup
[2010/09/08 13:54:13 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010/09/07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010/09/07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010/09/07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010/09/07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010/09/07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010/09/07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010/09/07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010/09/05 10:42:14 | 000,418,005 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100909-193218.backup
[2010/09/05 10:17:12 | 000,408,755 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20100905-104214.backup
[2010/09/05 10:17:12 | 000,408,755 | ---- | M] () -- C:\Users\Big-Blue\Documents\hosts
[2010/09/02 00:53:48 | 000,108,032 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/10/01 14:57:03 | 000,080,221 | ---- | C] () -- C:\Users\Big-Blue\Documents\mad marineAutoBackup001.SC2Map
[2010/10/01 14:56:54 | 000,080,577 | ---- | C] () -- C:\Users\Big-Blue\Documents\mad marine.SC2Map
[2010/09/27 17:16:19 | 019,657,194 | ---- | C] () -- C:\Users\Big-Blue\vlc-1.1.4-win32.exe
[2010/09/26 15:56:21 | 000,001,383 | ---- | C] () -- C:\Users\Big-Blue\AppData\Roaming\MPQEditor.ini
[2010/09/24 21:31:08 | 070,374,013 | ---- | C] () -- C:\Users\Big-Blue\Desktop\Starcraft 2 - This is War.mp4
[2010/09/24 14:47:35 | 000,014,045 | ---- | C] () -- C:\Users\Big-Blue\Documents\laserguy.SC2Map
[2010/09/24 14:47:35 | 000,008,672 | ---- | C] () -- C:\Users\Big-Blue\Documents\laserguyAutoBackup001.SC2Map
[2010/09/23 20:10:37 | 000,002,136 | ---- | C] () -- C:\Users\Big-Blue\systemgestartet.aup
[2010/09/23 20:03:04 | 000,001,931 | ---- | C] () -- C:\Users\Big-Blue\crabs.aup
[2010/09/22 19:10:17 | 000,111,236 | ---- | C] () -- C:\Users\Big-Blue\Documents\lostoutpost2AutoBackup001.SC2Map
[2010/09/22 19:10:16 | 000,111,781 | ---- | C] () -- C:\Users\Big-Blue\Documents\lostoutpost2.SC2Map
[2010/09/22 19:00:43 | 000,110,190 | ---- | C] () -- C:\Users\Big-Blue\Documents\lostoutpostAutoBackup001.SC2Map
[2010/09/22 19:00:36 | 000,111,608 | ---- | C] () -- C:\Users\Big-Blue\Documents\lostoutpost.SC2Map
[2010/09/22 14:31:18 | 000,000,795 | ---- | C] () -- C:\sc2-2.x.x.x-1890-x86-Win-enGB-tools - Kopie.torrent
[2010/09/21 19:48:39 | 000,149,283 | ---- | C] () -- C:\Users\Big-Blue\Documents\sareAutoBackup001.SC2Map
[2010/09/21 19:48:20 | 000,148,684 | ---- | C] () -- C:\Users\Big-Blue\Documents\sare.SC2Map
[2010/09/21 19:32:37 | 000,129,445 | ---- | C] () -- C:\Users\Big-Blue\Documents\easydefeatAutoBackup001.SC2Map
[2010/09/21 19:32:36 | 000,149,283 | ---- | C] () -- C:\Users\Big-Blue\Documents\easydefeat.SC2Map
[2010/09/21 18:32:57 | 000,029,606 | ---- | C] () -- C:\Users\Big-Blue\Documents\marinieAutoBackup001.SC2Map
[2010/09/21 18:32:55 | 000,045,233 | ---- | C] () -- C:\Users\Big-Blue\Documents\marinie.SC2Map
[2010/09/19 19:01:43 | 000,092,856 | ---- | C] () -- C:\Users\Big-Blue\Documents\phoenixr11AutoBackup001.SC2Map
[2010/09/19 19:01:41 | 000,094,963 | ---- | C] () -- C:\Users\Big-Blue\Documents\phoenixr11.SC2Map
[2010/09/11 14:24:47 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/09/11 13:47:46 | 000,054,363 | ---- | C] () -- C:\Users\Big-Blue\Documents\Unbenannt.wma
[2010/09/10 16:25:15 | 000,040,099 | ---- | C] () -- C:\Users\Big-Blue\Documents\karteAutoBackup001.SC2Map
[2010/09/10 16:25:14 | 000,040,611 | ---- | C] () -- C:\Users\Big-Blue\Documents\karte.SC2Map
[2010/09/10 14:25:39 | 000,000,862 | ---- | C] () -- C:\Users\Big-Blue\.recently-used.xbel
[2010/09/05 10:17:12 | 000,408,755 | ---- | C] () -- C:\Users\Big-Blue\Documents\hosts
[2010/09/02 00:53:48 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/08/18 20:50:54 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/07/26 13:08:15 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\xmltok.dll
[2010/07/26 13:08:15 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\xmlparse.dll
[2010/06/23 13:53:54 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2010/06/08 16:22:07 | 001,501,068 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/06/05 13:30:19 | 000,002,166 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/05/25 15:10:08 | 000,007,604 | ---- | C] () -- C:\Users\Big-Blue\AppData\Local\Resmon.ResmonCfg
[2010/05/24 13:37:09 | 000,019,456 | ---- | C] () -- C:\Users\Big-Blue\AppData\Local\WebpageIcons.db
[2010/05/24 13:36:47 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010/05/20 20:14:52 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010/04/02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009/10/20 20:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/08/16 10:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
========== LOP Check ==========
[2010/09/23 20:12:42 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Audacity
[2010/06/05 13:41:35 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\BonkEnc
[2010/06/17 19:00:59 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Canneverbe Limited
[2010/08/28 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\DAEMON Tools Lite
[2010/08/19 13:48:26 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Epson
[2010/06/23 11:02:21 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\FreeFLVConverter
[2010/06/26 10:51:48 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\FUEL
[2010/08/07 19:10:45 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\gtk-2.0
[2010/09/29 15:54:39 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\HandBrake
[2010/06/22 15:59:40 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\ImgBurn
[2010/06/17 18:44:41 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\IrfanView
[2010/05/20 21:14:48 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Leadertech
[2010/07/08 12:43:41 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\LucasArts
[2010/09/21 17:09:49 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Miranda
[2010/09/23 19:34:28 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Need for Speed World
[2010/08/20 21:28:06 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Notepad++
[2010/06/08 16:27:57 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\NVD
[2010/07/03 20:34:44 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\OpenOffice.org
[2010/08/13 19:55:29 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Rainmeter
[2010/09/10 22:32:47 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\SoftGrid Client
[2010/05/26 19:19:29 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Subversion
[2010/06/08 16:30:34 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\TP
[2010/09/20 19:36:57 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Trillian
[2010/06/30 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\TrueCrypt
[2010/08/30 22:23:22 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Tunngle
[2010/09/05 13:36:04 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Ubisoft
[2010/10/01 18:24:51 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\uTorrent
[2010/09/22 21:25:01 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Win7codecs
[2010/05/28 17:04:41 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\Wireshark
[2010/08/06 21:24:55 | 000,000,000 | ---D | M] -- C:\Users\Big-Blue\AppData\Roaming\XMedia Recode
[2010/10/01 20:57:01 | 000,000,258 | ---- | M] () -- C:\Windows\Tasks\Epson Printer Software Downloader.job
[2010/09/12 10:05:56 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:8CE646EE
< End of report >
Ich habe genau das angeklickt wie im Anleitungsthread. Ich hoffe ihr könnt mir entweder eine Entwarnung geben, oder mir die Anweisung geben, komplett neuzuinstallieren. ^^
Grüße |
