trojaner / keylogger? |
||
|---|---|---|
| #0
| ||
|
21.04.2010, 00:21
...neu hier
Beiträge: 7 |
||
 
|
|
|
|
21.04.2010, 15:50
Moderator
Beiträge: 5694 |
#2
Hallo und herzlich Willkommen auf Protecus.de
Um ein infiziertes System zu bereinigen bedarf es neben Zeit auch die Beachtung folgender Punkte: • Halte Dich an die Anweisungen des jeweiligen Helfers. • Falls Du externen Speichermedien (USB Sticks, Festplatten) hast, dann schliesse die vor der Reinigung an. • Während der Reinigung solltest Du weder Programme installieren noch deinstallieren, welche nicht ausdrücklich verlangt werden. • Bitte arbeite jeden Schritt der Reihe nach ab. • Falls bei einem Schritt Probleme auftauchen, poste was du bereits hast und melde Dich mit dem Problembeschreiben. • Die Bereinigung ist erst beendet wenn der jeweilige Helfer das OK gibt. • Wenn die Kiste wieder flott läuft heisst das nicht, dass das Sytem auch sauber ist. • Bei geschäftlich genutzten Rechner sollte der zuständige IT Verantwortliche beigezogen werden. • Ein Support unsererseits kann unter Umständen bei einem Firmenrechner abgelehnt werden. • Bei illegaler Software besteht die Möglichkeit, dass der Support eingestellt wird. • Jegliche Cracks oder Keygens werden weder gefördert noch akzeptiert. • Bei stark infizierten Systemen vorallem wenn Backdoors oder Rootkits involviert sind kann es vorkommen, dass ein Helfer zum Neuaufsetzen rät. • In letzter Instanz ist dann immer der User welcher entscheidet. Vista und Win7 User: Alle Programme und Tools, die wir anordnen, immer mit Rechtsklick und Als Administrator ausführen. Schritt 1 Die Host Einträge werden beim immunisieren mittels Spybot erstellt. Also mach Dir diesbezüglich keine Gedanken. Ich sehe nichts was auf Malware hindeuted. Schritt 2 Mach denoch bitte folgende Onlinescans und berichte: FSecure, Bitdefender, ESET http://forum.hijackthis.de/allgemeines/25893-kostenlose-online-scanner.html |
|
|
|
|
|
|
21.04.2010, 17:09
...neu hier
Themenstarter Beiträge: 7 |
#3
hier fsecure im anhang.. ein tracking cookie
eset hat nichts gefunden, habe ausversehn deinstalliert bevor ich die log gespeichert hab -.- aba macht ja nichts wenn er nix gefunden hat oder? oh habe dazwischen auch nich neugestartet schlimm? werde jetz neustarten und dann bitdefender reinhaun Anhang: f-secure.txt.txt Dieser Beitrag wurde am 21.04.2010 um 18:03 Uhr von minman editiert.
|
|
|
|
|
|
|
21.04.2010, 17:25
...neu hier
Themenstarter Beiträge: 7 |
#4
habs bereits geschlossen das konto
 warn eh nurnoch 54 cents draufsiehe oben bitte für die logdateien in meinem 2. beitrag der usb stick war au drin also hat der wohl au nix oder? ^^ bitdefender hat au nix gefunden bin clean oder`? Anhang: bitdefender.txt Dieser Beitrag wurde am 21.04.2010 um 20:48 Uhr von minman editiert.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
wenn sich jmd vlt mal die otl logfile anschaun kann?
danke schonmal im voraus!
logfile otl:
OTL logfile created on: 20.04.2010 23:59:35 - Run 2
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\***\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 40,60 Gb Free Space | 69,41% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 384,83 Gb Free Space | 94,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - C:\Users\***\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - D:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
[color=#E56717]========== Modules (SafeList) ==========[/color]
MOD - C:\Users\*** \Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (CSC) -- C:\Windows\CSC [2010.04.09 20:17:48 | 000,000,000 | ---D | M]
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ***://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = ***://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 EF 41 C6 E4 D7 CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..keyword.URL: "***://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q="
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.04.09 15:18:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.04.12 17:04:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.04.09 22:34:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.04.11 17:03:44 | 000,000,000 | ---D | M]
[2010.04.09 22:34:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2010.04.09 22:34:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*** \AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.04.14 21:11:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\2pkz1m2y.default\extensions
[2010.04.09 22:00:10 | 000,002,059 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\2pkz1m2y.default\searchplugins\daemon-search.xml
[2010.04.17 22:47:47 | 000,000,947 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\FireFox\Profiles\2pkz1m2y.default\searchplugins\icqplugin.xml
[2010.04.09 15:18:18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.04.01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.04.01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.04.01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.04.01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.04.20 21:24:28 | 000,392,034 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 ***.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 ***.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 ***.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 ***.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 ***.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 ***.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 ***.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 ***.100888290cs.com
O1 - Hosts: 127.0.0.1 ***.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 ***.10sek.com
O1 - Hosts: 127.0.0.1 ***.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 ***.123fporn.info
O1 - Hosts: 13539 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ICQ] D:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - D:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ***://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 82.212.63.118 192.168.0.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2010.04.20 22:22:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NEC Electronics
[2010.04.20 21:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.04.19 19:23:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2010.04.19 19:23:19 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.19 19:23:18 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.19 19:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.04.15 22:29:51 | 000,000,000 | ---D | C] -- C:\Users\*** \AppData\Roaming\Avira
[2010.04.15 17:49:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.04.15 17:48:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2010.04.15 17:47:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2010.04.15 17:34:33 | 000,000,000 | ---D | C] -- C:\Programme\DIFX
[2010.04.15 17:34:32 | 000,038,456 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2010.04.15 17:34:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.04.15 17:34:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010.04.15 17:34:25 | 000,000,000 | ---D | C] -- C:\Programme\ATI
[2010.04.15 17:33:54 | 000,000,000 | ---D | C] -- C:\Programme\ATI Technologies
[2010.04.14 22:17:51 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\BFBC2
[2010.04.14 21:49:28 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2010.04.14 21:49:28 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2010.04.14 21:49:28 | 001,943,584 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.04.14 21:49:28 | 001,660,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.04.14 21:49:28 | 001,210,912 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.04.14 21:49:28 | 000,612,384 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.04.14 21:49:28 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010.04.14 21:49:28 | 000,476,192 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.04.14 21:49:28 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010.04.14 21:49:28 | 000,332,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.04.14 21:49:28 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.04.14 21:49:28 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.04.14 21:49:28 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010.04.14 21:49:28 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010.04.14 21:49:28 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010.04.14 21:49:28 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010.04.14 21:49:28 | 000,149,536 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.04.14 21:49:28 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010.04.14 21:49:28 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010.04.14 21:49:28 | 000,069,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.04.14 21:49:27 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2010.04.14 21:49:27 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2010.04.14 21:49:27 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2010.04.14 21:49:27 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2010.04.14 21:49:27 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2010.04.14 21:49:27 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2010.04.14 21:49:27 | 000,331,168 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.04.14 21:49:27 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010.04.14 21:49:27 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2010.04.14 21:49:27 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2010.04.14 21:49:27 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2010.04.14 21:49:27 | 000,168,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2010.04.14 21:49:27 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2010.04.14 21:49:27 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2010.04.14 21:49:27 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2010.04.14 21:49:27 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2010.04.14 21:49:20 | 001,247,776 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.04.14 21:43:51 | 000,346,144 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.04.14 21:43:51 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2010.04.14 21:20:25 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.04.14 21:20:25 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.04.14 21:20:25 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.04.14 21:20:24 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.04.14 21:20:24 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.04.14 21:20:22 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.04.14 21:20:22 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.04.14 21:20:22 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.04.14 16:42:59 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\Neuer Ordner
[2010.04.14 16:34:31 | 000,000,000 | ---D | C] -- C:\symbols
[2010.04.14 16:32:26 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.04.14 16:24:14 | 000,000,000 | ---D | C] -- C:\WinDDK
[2010.04.14 16:21:26 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.04.14 16:21:26 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.04.14 16:16:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.04.14 16:16:25 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.04.13 16:56:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\PunkBuster
[2010.04.13 16:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.04.13 16:56:22 | 000,000,000 | RH-D | C] -- C:\Users\***\AppData\Roaming\SecuROM
[2010.04.11 17:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.04.11 17:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.04.11 17:02:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Adobe
[2010.04.11 01:49:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\teamspeak2
[2010.04.11 01:49:02 | 000,034,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm
[2010.04.10 13:31:47 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DVDVideoSoft
[2010.04.10 13:31:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.04.10 13:31:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.04.10 03:03:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2010.04.10 02:02:54 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Electronic Arts
[2010.04.09 23:32:38 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DivX
[2010.04.09 23:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.04.09 23:32:31 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.04.09 23:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.04.09 23:32:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.04.09 23:31:51 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.04.09 23:11:29 | 000,000,000 | ---D | C] -- C:\Users\***\Programme
[2010.04.09 22:34:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.04.09 22:34:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Thunderbird
[2010.04.09 22:34:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010.04.09 22:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft WSE
[2010.04.09 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2010.04.09 21:59:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.04.09 21:59:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.04.09 21:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.04.09 21:52:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\WinRAR
[2010.04.09 21:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2010.04.09 21:02:52 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\ICQ
[2010.04.09 20:17:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.04.09 20:17:48 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010.04.09 18:11:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.04.09 18:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.04.09 18:11:10 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ICQ
[2010.04.09 18:11:09 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\AOL
[2010.04.09 16:36:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\LolClient.F24C99354F615F3BAB18AE7B93E3F9B9E8784FA6.1
[2010.04.09 15:52:21 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2010.04.09 15:52:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.04.09 15:52:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.04.09 15:40:14 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.04.09 15:40:14 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.04.09 15:40:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.04.09 15:40:14 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.04.09 15:40:14 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.04.09 15:40:14 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.04.09 15:40:14 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.04.09 15:40:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.04.09 15:40:13 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.04.09 15:40:13 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.04.09 15:40:13 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.04.09 15:40:13 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.04.09 15:40:13 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.04.09 15:40:13 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.04.09 15:40:13 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.04.09 15:40:13 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.04.09 15:40:13 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.04.09 15:40:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.04.09 15:40:13 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.04.09 15:40:13 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.04.09 15:40:13 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.04.09 15:40:13 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.04.09 15:40:12 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.04.09 15:40:12 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.04.09 15:40:12 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.04.09 15:40:12 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.04.09 15:40:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.04.09 15:40:12 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.04.09 15:40:12 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.04.09 15:40:12 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.04.09 15:40:12 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.04.09 15:40:12 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.04.09 15:40:12 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.04.09 15:40:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.04.09 15:40:12 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.04.09 15:40:12 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.04.09 15:40:12 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.04.09 15:40:12 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.04.09 15:40:12 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.04.09 15:40:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.04.09 15:40:11 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.04.09 15:40:11 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.04.09 15:40:11 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.04.09 15:40:11 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.04.09 15:40:11 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.04.09 15:40:11 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.04.09 15:40:11 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.04.09 15:40:11 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.04.09 15:40:11 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.04.09 15:40:11 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.04.09 15:40:11 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.04.09 15:40:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.04.09 15:40:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.04.09 15:40:11 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.04.09 15:40:11 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.04.09 15:40:11 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.04.09 15:40:11 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.04.09 15:40:11 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.04.09 15:40:11 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.04.09 15:40:11 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.04.09 15:40:11 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.04.09 15:40:11 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.04.09 15:40:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.04.09 15:40:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.04.09 15:40:10 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.04.09 15:40:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.04.09 15:40:10 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.04.09 15:40:10 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.04.09 15:40:10 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.04.09 15:40:10 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.04.09 15:40:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.04.09 15:40:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.04.09 15:40:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.04.09 15:40:10 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.04.09 15:40:10 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.04.09 15:40:10 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.04.09 15:40:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.04.09 15:40:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.04.09 15:40:09 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.04.09 15:40:09 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.04.09 15:40:09 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.04.09 15:40:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.04.09 15:40:09 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.04.09 15:40:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.04.09 15:40:09 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.04.09 15:40:09 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.04.09 15:40:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.04.09 15:40:09 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.04.09 15:40:09 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.04.09 15:40:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.04.09 15:40:08 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.04.09 15:40:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.04.09 15:40:08 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.04.09 15:40:08 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.04.09 15:40:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.04.09 15:40:08 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.04.09 15:40:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.04.09 15:40:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.04.09 15:40:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.04.09 15:40:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.04.09 15:40:08 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.04.09 15:40:08 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.04.09 15:40:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.04.09 15:40:07 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.04.09 15:40:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.04.09 15:40:07 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.04.09 15:40:07 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.04.09 15:40:07 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.04.09 15:40:07 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.04.09 15:40:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.04.09 15:40:07 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.04.09 15:40:07 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.04.09 15:40:07 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.04.09 15:40:07 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.04.09 15:40:07 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.04.09 15:40:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.04.09 15:40:06 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.04.09 15:40:06 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.04.09 15:40:06 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.04.09 15:40:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.04.09 15:40:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.04.09 15:40:06 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.04.09 15:40:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.04.09 15:40:06 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.04.09 15:40:06 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.04.09 15:40:06 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.04.09 15:40:06 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.04.09 15:40:06 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.04.09 15:40:06 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.04.09 15:40:06 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.04.09 15:40:05 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.04.09 15:40:05 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.04.09 15:40:05 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.04.09 15:40:05 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.04.09 15:40:05 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.04.09 15:40:05 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.04.09 15:40:05 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.04.09 15:40:05 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.04.09 15:40:05 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.04.09 15:40:05 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.04.09 15:40:04 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.04.09 15:40:04 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.04.09 15:40:04 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.04.09 15:40:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.04.09 15:40:04 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.04.09 15:40:04 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.04.09 15:40:04 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.04.09 15:40:04 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.04.09 15:40:02 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.04.09 15:40:02 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.04.09 15:40:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.04.09 15:40:02 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.04.09 15:40:02 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.04.09 15:40:02 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.04.09 15:40:02 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.04.09 15:40:02 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.04.09 15:40:01 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.04.09 15:40:01 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.04.09 15:40:01 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.04.09 15:40:01 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.04.09 15:40:01 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.04.09 15:40:01 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.04.09 15:40:01 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.04.09 15:40:01 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.04.09 15:40:00 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.04.09 15:40:00 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.04.09 15:18:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2010.04.09 15:18:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2010.04.09 15:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.04.09 15:12:54 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.04.09 15:12:53 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.04.09 15:12:53 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.04.09 15:12:53 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.04.09 15:12:53 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.04.09 15:12:53 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.04.09 15:12:53 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.04.09 15:12:53 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.04.09 15:12:53 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.04.09 15:12:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.04.09 15:12:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.04.09 15:12:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.04.09 15:12:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.04.09 15:12:53 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.04.09 15:12:51 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.04.09 15:12:51 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.04.09 15:12:40 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.04.09 15:12:40 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.04.09 15:12:39 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.04.09 15:12:39 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.04.09 15:12:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.04.09 15:12:39 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.04.09 15:12:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.04.09 15:04:34 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.04.09 15:04:34 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.04.09 15:04:34 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.04.09 15:04:34 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.04.09 15:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.04.09 15:04:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.04.09 15:00:19 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.04.09 14:55:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2010.04.09 14:53:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.04.09 14:53:18 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.04.09 14:53:12 | 001,596,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkHDM64.dll
[2010.04.09 14:53:12 | 001,285,632 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHDMEx64.dll
[2010.04.09 14:53:12 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DHT64.dll
[2010.04.09 14:53:12 | 000,304,640 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RH3DAA64.dll
[2010.04.09 14:53:12 | 000,201,472 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys
[2010.04.09 14:53:12 | 000,056,320 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RHCoInst64.dll
[2010.04.09 14:53:06 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.04.09 14:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.04.09 14:52:28 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.04.09 14:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte
[2010.04.09 14:52:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.04.09 14:49:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ATI
[2010.04.09 14:49:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\ATI
[2010.04.09 14:47:10 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.04.09 14:46:31 | 000,000,000 | ---D | C] -- C:\ATI
[2010.04.09 14:29:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2010.04.09 14:29:05 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.04.09 14:29:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe
[2010.04.09 14:25:30 | 000,000,000 | R--D | C] -- C:\Users\***\Searches
[2010.04.09 14:25:22 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities
[2010.04.09 14:25:19 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts
[2010.04.09 14:25:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore
[2010.04.09 14:25:07 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2010.04.09 14:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2010.04.09 14:25:07 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2010.04.09 14:25:07 | 000,000,000 | -H-D | C] -- C:\Users\***\AppData
[2010.04.09 14:25:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2010.04.09 14:25:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2010.04.09 14:25:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010.04.09 14:22:16 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.04.09 14:22:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.03.31 03:58:24 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2010.04.21 00:00:34 | 005,242,880 | -HS- | M] () -- C:\Users\***\NTUSER.DAT
[2010.04.20 23:51:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.20 23:51:37 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.20 22:36:28 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.04.20 22:36:28 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.04.20 22:34:41 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.04.20 22:34:41 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.04.20 22:34:41 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.04.20 22:34:41 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.04.20 22:34:41 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.04.20 22:29:00 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.04.20 22:28:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.04.20 22:28:49 | 3218,939,904 | -HS- | M] () -- C:\hiberfil.sys
[2010.04.20 22:26:53 | 002,660,511 | -H-- | M] () -- C:\Users\***\AppData\Local\IconCache.db
[2010.04.20 22:03:29 | 000,000,168 | ---- | M] () -- C:\Users\***\Desktop\hwmonitorw.ini
[2010.04.20 21:24:28 | 000,392,034 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.04.20 21:20:41 | 000,000,929 | ---- | M] () -- C:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2010.04.14 22:14:06 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.04.14 22:14:06 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.14 22:13:22 | 000,000,232 | ---- | M] () -- C:\Users\***\Desktop\Battlefield Bad Company™ 2.lnk
[2010.04.14 21:04:54 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000002.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000001.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000002.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000001.regtrans-ms
[2010.04.14 21:04:54 | 000,262,144 | ---- | M] () -- C:\ProgramData\NTUser.dat
[2010.04.14 21:04:54 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TM.blf
[2010.04.14 21:04:54 | 000,065,536 | -HS- | M] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TM.blf
[2010.04.14 19:55:47 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.04.12 23:25:41 | 000,000,988 | ---- | M] () -- C:\Users\***\AppData\Local\7F68A003.il
[2010.04.12 23:25:41 | 000,000,280 | ---- | M] () -- C:\Users\***\AppData\Local\IndexIE_7F68A003.il
[2010.04.11 01:49:02 | 000,034,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\lhacm.acm
[2010.04.10 03:04:48 | 000,475,648 | ---- | M] () -- C:\Users\***\Desktop\SDTimer.exe
[2010.04.10 02:13:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.09 23:16:43 | 002,407,792 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.04.09 22:34:47 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.04.09 21:59:54 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.09 20:19:41 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.04.09 20:19:41 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.04.09 15:52:12 | 000,000,783 | ---- | M] () -- C:\Users\***\Desktop\League of Legends.lnk
[2010.04.09 15:18:19 | 000,001,943 | ---- | M] () -- C:\Users\***\Desktop\Mozilla Firefox.lnk
[2010.04.09 14:56:35 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
[2010.04.09 14:49:10 | 000,057,560 | ---- | M] () -- C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.04.09 14:48:41 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2010.04.09 14:42:11 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.09 14:42:11 | 000,524,288 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.09 14:42:11 | 000,065,536 | -HS- | M] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.09 14:25:07 | 000,000,020 | -HS- | M] () -- C:\Users\***\ntuser.ini
[2010.04.06 17:59:00 | 001,943,584 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2010.04.06 17:59:00 | 001,660,960 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2010.04.06 17:59:00 | 001,210,912 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2010.04.06 17:59:00 | 000,612,384 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2010.04.06 17:59:00 | 000,476,192 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2010.04.06 17:59:00 | 000,332,320 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2010.04.06 17:59:00 | 000,149,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2010.04.06 17:59:00 | 000,069,664 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2010.03.31 03:58:24 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl
[2010.03.30 20:35:00 | 000,331,168 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.03.30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.03.30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.03.22 14:22:00 | 001,247,776 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2010.04.20 21:20:41 | 000,000,929 | ---- | C] () -- C:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2010.04.14 22:13:22 | 000,000,232 | ---- | C] () -- C:\Users\***\Desktop\Battlefield Bad Company™ 2.lnk
[2010.04.14 21:43:51 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.04.14 21:04:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000002.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000001.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000002.regtrans-ms
[2010.04.14 21:04:54 | 000,524,288 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TMContainer00000000000000000001.regtrans-ms
[2010.04.14 21:04:54 | 000,262,144 | ---- | C] () -- C:\ProgramData\NTUser.dat
[2010.04.14 21:04:54 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef08f-47f8-11df-a897-6cf04972ee3a}.TM.blf
[2010.04.14 21:04:54 | 000,065,536 | -HS- | C] () -- C:\ProgramData\NTUser.dat{3d2ef084-47f8-11df-a897-6cf04972ee3a}.TM.blf
[2010.04.14 21:04:54 | 000,005,120 | -HS- | C] () -- C:\ProgramData\NTUser.dat.LOG1
[2010.04.14 21:04:54 | 000,000,000 | -HS- | C] () -- C:\ProgramData\NTUser.dat.LOG2
[2010.04.14 00:35:14 | 000,000,168 | ---- | C] () -- C:\Users\***\Desktop\hwmonitorw.ini
[2010.04.13 16:57:01 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.04.13 16:51:27 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.04.10 03:04:48 | 000,475,648 | ---- | C] () -- C:\Users\***\Desktop\SDTimer.exe
[2010.04.10 02:13:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.04.09 23:16:44 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.04.09 23:16:43 | 002,407,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_heroes.exe
[2010.04.09 23:16:43 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.04.09 22:34:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.04.09 21:59:54 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.04.09 21:04:35 | 000,000,988 | ---- | C] () -- C:\Users\***\AppData\Local\7F68A003.il
[2010.04.09 21:04:35 | 000,000,280 | ---- | C] () -- C:\Users\***\AppData\Local\IndexIE_7F68A003.il
[2010.04.09 20:17:28 | 3218,939,904 | -HS- | C] () -- C:\hiberfil.sys
[2010.04.09 15:52:12 | 000,000,783 | ---- | C] () -- C:\Users\***\Desktop\League of Legends.lnk
[2010.04.09 15:18:19 | 000,001,943 | ---- | C] () -- C:\Users\***\Desktop\Mozilla Firefox.lnk
[2010.04.09 14:50:41 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.04.09 14:48:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.09 14:25:07 | 005,242,880 | -HS- | C] () -- C:\Users\***\NTUSER.DAT
[2010.04.09 14:25:07 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.04.09 14:25:07 | 000,524,288 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.04.09 14:25:07 | 000,262,144 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG1
[2010.04.09 14:25:07 | 000,065,536 | -HS- | C] () -- C:\Users\***\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.04.09 14:25:07 | 000,000,020 | -HS- | C] () -- C:\Users\***\ntuser.ini
[2010.04.09 14:25:07 | 000,000,000 | -HS- | C] () -- C:\Users\***\ntuser.dat.LOG2
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >
logfile extras:
OTL Extras logfile created on: 20.04.2010 23:59:35 - Run 2
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\*** \Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,50 Gb Total Space | 40,60 Gb Free Space | 69,41% Space Free | Partition Type: NTFS
Drive D: | 407,17 Gb Total Space | 384,83 Gb Free Space | 94,51% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ***
Current User Name: ***
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23F108F0-BD12-A639-8C6E-BB1F7AF736C1}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6741B646-3DBE-AF40-75FA-959847831D9F}" = ATI Catalyst Install Manager
"{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}" = Debugging Tools for Windows (x64)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{36D8A747-3FC1-121F-6C92-2F79A9B3172D}" = Catalyst Control Center Graphics Full New
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.20
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{89D16846-7491-A3C3-89D9-006906602FA2}" = Catalyst Control Center Graphics Previews Common
"{8CDCDD72-388E-0A2A-4847-873C448033EA}" = Catalyst Control Center Graphics Previews Vista
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2010.03.10
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = DieSims™3
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{DC3F66CA-9DFD-41EA-9D9E-FD86F1446A3D}" = Catalyst Control Center Core Implementation
"{E25BEA72-89F8-121D-5481-0347B9446673}" = ccc-core-static
"{E288FAEB-D102-0ACA-DF6A-9BD3C90FA08B}" = Catalyst Control Center HydraVision Full
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4D35928-2C24-A87E-8240-CC7E25548F52}" = Catalyst Control Center Graphics Full Existing
"{E76CDA48-6FB1-49C5-0769-7B9444664056}" = Catalyst Control Center Graphics Light
"{EB3B36B9-E1F4-81BA-BEB5-4FB07D4CEE39}" = Catalyst Control Center InstallProxy
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5E0B89C-AABA-639D-B6F5-C3FB085FB120}" = CCC Help English
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"[url="***://www.ccleaner.de"]CCleaner[/url]" = [url="***://www.ccleaner.de"]CCleaner[/url]
"DivX Setup.divx.com" = DivX-Setup
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3
"HD Tune_is1" = HD Tune 2.55
"HijackThis" = HijackThis 2.0.2
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"League of Legends_is1" = League of Legends
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (3.0.4)" = Mozilla Thunderbird (3.0.4)
"NirSoft BlueScreenView" = NirSoft BlueScreenView
"oZone3D.Net FurMark_is1" = oZone3D.Net FurMark v1.8.0
"PunkBusterSvc" = PunkBuster Services
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"WinRAR archiver" = WinRAR archiver
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 09.04.2010 09:03:01 | Computer Name = *** | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\*** \AppData\Local\Temp\RarSFX0\redist.dll".
Die
abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.04.2010 18:10:33 | Computer Name = *** | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 09.04.2010 19:38:09 | Computer Name = *** | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.9.2.3743 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: da4 Startzeit:
01cad831ff957f2a Endzeit: 13 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
ee62cefd-4430-11df-8687-6cf04972ee3a
Error - 15.04.2010 11:26:28 | Computer Name = *** | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 15.04.2010 11:29:49 | Computer Name = *** | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
Error - 15.04.2010 11:35:35 | Computer Name = *** | Source = ATIeRecord | ID = 16388
Description = ATI EEU Client event error
[ System Events ]
Error - 09.04.2010 14:39:04 | Computer Name = *** | Source = RasSstp | ID = 1
Description =
Error - 09.04.2010 14:39:14 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{FDBE24B1-58E8-4855-8FEC-645DECE38463} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 09.04.2010 14:39:15 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{FDBE24B1-58E8-4855-8FEC-645DECE38463} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 11.04.2010 18:24:13 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{FDBE24B1-58E8-4855-8FEC-645DECE38463} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 12.04.2010 17:25:01 | Computer Name = *** | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
\Device\NetBT_Tcpip_{FDBE24B1-58E8-4855-8FEC-645DECE38463} vom Serverdienst nicht
gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error - 13.04.2010 18:05:18 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?04.?2010 um 00:03:42 unerwartet heruntergefahren.
Error - 14.04.2010 10:32:26 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?04.?2010 um 16:28:05 unerwartet heruntergefahren.
Error - 14.04.2010 10:32:30 | Computer Name = *** | Source = BugCheck | ID = 1001
Description =
Error - 14.04.2010 13:05:49 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?04.?2010 um 19:04:55 unerwartet heruntergefahren.
Error - 14.04.2010 13:55:42 | Computer Name = *** | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?14.?04.?2010 um 19:53:13 unerwartet heruntergefahren.
< End of report >
mir sin beim namen verheimlichen diese host: sexlinks, fporn, scan dinger usw. aufgefallen.. das heisst nichts gutes oder?
mbam hat beim quickscan nichts gefunden