Searchqu deinstallieren

#0
09.08.2011, 11:11
Member

Beiträge: 180
#1 Seit kurzem ist searchqu als Startseite beim Browser festgelegt. Wenn ich die Seite ändere, ist beim nächsten Systemstart wieder searchqu drin.

Hier mal das Logfile von OLT:

Code

OTL logfile created on: 09.08.2011 11:00:33 - Run 2
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Dokumente und Einstellungen\***********\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy

1007.23 Mb Total Physical Memory | 111.78 Mb Available Physical Memory | 11.10% Memory free
2.37 Gb Paging File | 1.55 Gb Available in Paging File | 65.57% Paging File free
Paging file location(s): C:\pagefile.sys 1512 3024 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232.88 Gb Total Space | 175.47 Gb Free Space | 75.35% Space Free | Partition Type: NTFS
Drive D: | 4.48 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 1863.01 Gb Total Space | 1665.91 Gb Free Space | 89.42% Space Free | Partition Type: NTFS

Computer Name: PC001 | User Name: *********** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011.08.07 00:00:15 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2011.07.21 14:29:38 | 001,547,152 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
PRC - [2011.07.19 02:02:03 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCore.exe
PRC - [2011.07.16 23:01:25 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***********\Desktop\OTL.exe
PRC - [2011.06.24 19:34:37 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.06.16 18:41:22 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\sp_rsser.exe
PRC - [2011.06.01 14:10:00 | 000,821,080 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.05.26 11:29:03 | 000,800,768 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2011.05.04 13:59:46 | 000,252,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.02.22 13:57:34 | 000,378,128 | ---- | M] (PC Tools) -- C:\Programme\ThreatFire\TFTray.exe
PRC - [2011.02.22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) -- C:\Programme\ThreatFire\TFService.exe
PRC - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe
PRC - [2011.01.12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe
PRC - [2010.12.08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe
PRC - [2010.08.09 14:47:54 | 000,248,832 | ---- | M] (FileHippo.com) -- C:\Programme\FileHippo.com\UpdateChecker.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.10.14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Programme\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009.10.14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2009.03.08 14:47:20 | 000,073,728 | ---- | M] (r2 studios) -- C:\Programme\r2 Studios\Startup Delayer\Startup Launcher.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.02.17 13:35:58 | 001,966,928 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2007.02.17 13:31:02 | 001,194,728 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2007.02.16 18:49:58 | 000,149,024 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2007.02.16 18:49:50 | 000,411,168 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () -- C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe
PRC - [2005.04.27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) -- C:\Programme\UPHClean\uphclean.exe


[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - [2011.07.16 23:01:25 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***********\Desktop\OTL.exe
MOD - [2011.02.22 13:57:42 | 000,406,800 | ---- | M] (PC Tools) -- C:\Programme\ThreatFire\TFWAH.dll
MOD - [2010.08.23 18:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011.08.07 00:00:15 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011.07.19 02:02:03 | 000,123,264 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011.06.16 18:41:22 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Programme\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011.06.01 14:10:00 | 000,821,080 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.02.22 13:57:30 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Programme\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2011.01.12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Programme\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011.01.12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Programme\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2011.01.01 15:52:50 | 000,136,584 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Programme\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2011.01.01 15:52:18 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Programme\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2010.12.08 14:11:32 | 000,374,152 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Programme\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009.06.02 10:10:08 | 000,637,952 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008.11.04 01:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007.02.16 18:49:50 | 000,411,168 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2006.10.26 14:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006.04.21 21:06:14 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Programme\Microsoft Private Folder 1.0\PrfldSvc.exe -- (prfldsvc)
SRV - [2005.04.27 14:59:24 | 000,241,725 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\UPHClean\uphclean.exe -- (UPHClean)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011.06.16 18:41:22 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2011.04.27 19:18:34 | 000,239,472 | ---- | M] () [File_System | Disabled | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.04.17 14:54:24 | 000,094,208 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ezplay.sys -- (ezplay)
DRV - [2011.03.23 01:00:08 | 000,016,080 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2011.03.23 01:00:06 | 000,030,368 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys -- (RegFilter)
DRV - [2011.03.20 18:34:00 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2011.03.20 18:04:07 | 000,053,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tetri5.sys -- (Tetri5)
DRV - [2011.02.22 13:57:52 | 000,069,392 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2011.02.22 13:57:52 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2011.02.22 13:57:50 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2011.01.01 15:52:00 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.12.21 15:04:06 | 000,141,264 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
DRV - [2010.12.21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
DRV - [2010.08.16 15:31:08 | 000,016,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
DRV - [2010.08.16 15:31:06 | 000,011,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.28 13:24:56 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\hotcore3.sys -- (hotcore3)
DRV - [2010.04.27 04:25:20 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2010.04.27 04:25:20 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2010.04.27 04:25:20 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2009.10.07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009.08.19 17:32:45 | 000,165,376 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009.08.19 17:32:45 | 000,018,048 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.05.01 01:01:34 | 000,265,496 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009.05.01 00:55:56 | 002,687,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2009.05.01 00:55:32 | 000,013,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.07.24 18:46:12 | 000,012,856 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Programme\LogMeIn\x86\rainfo.sys -- (LMIInfo)
DRV - [2008.07.24 18:46:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.06.17 16:49:22 | 004,756,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2007.10.12 04:00:43 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.08.26 12:23:12 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2007.08.26 12:23:11 | 000,392,320 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2007.08.26 12:23:08 | 000,114,048 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2007.08.26 09:33:38 | 000,223,128 | ---- | M] (DT Soft Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\dtscsi.sys -- (dtscsi)
DRV - [2006.11.02 01:50:52 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006.07.25 13:46:24 | 000,043,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2006.04.21 08:22:24 | 000,070,912 | ---- | M] (Windows (R) 2000 DDK provider) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\prvflder.sys -- (Prvflder)
DRV - [2005.10.21 14:19:34 | 000,036,352 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ch.msn.com/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A2 29 31 77 D6 20 CA 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Search Results"
FF - prefs.js..browser.startup.homepage: "google.ch"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=417&q="
FF - prefs.js..network.proxy.http: "207.197.40.250"
FF - prefs.js..network.proxy.http_port: 3127
FF - prefs.js..network.proxy.type: 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.05.07 10:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.06.24 19:34:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.06.15 17:45:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Programme\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.05.07 17:48:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Programme\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.05.07 10:25:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.0.2\Extensions\\Components: C:\Programme\mozilla.org\SeaMonkey\Components
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey 1.0.2\Extensions\\Plugins: C:\Programme\mozilla.org\SeaMonkey\Plugins

[2011.08.07 13:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Extensions
[2011.08.07 18:31:59 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\extensions
[2010.05.14 21:26:14 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.08.06 15:54:45 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\searchplugins\icqplugin-1.xml
[2011.01.01 16:13:18 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\searchplugins\icqplugin-2.xml
[2010.02.03 15:37:50 | 000,000,947 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\searchplugins\icqplugin.xml
[2011.08.07 13:11:34 | 000,002,497 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\Mozilla\Firefox\Profiles\zgo6rqkw.default\searchplugins\SearchResults.xml
[2011.08.07 13:11:59 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.05.14 21:16:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.01.01 15:55:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.06.10 18:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.08.07 00:00:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
File not found (No name found) --
[2011.06.24 19:34:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.08.07 00:00:18 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.01 11:52:11 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.01 11:52:11 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.05.01 11:52:11 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.01 11:52:11 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.07 13:11:34 | 000,002,497 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\SearchResults.xml
[2011.05.01 11:52:11 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.01 11:52:11 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011.06.04 17:36:31 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Programme\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [egui] C:\Programme\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [Nuance OmniPage 17-reminder] C:\Programme\Nuance\OmniPage17\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartupDelayer] C:\Programme\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [ThreatFire] C:\Programme\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Dokumente und Einstellungen\***********\Startmenü\Programme\Autostart\Verknüpfung mit exefix_xp.pif ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1250687660828 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250687653640 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\GEMEIN~1\Dell\KONTAI~1\AviLdr.DLL) - C:\Programme\Gemeinsame Dateien\Dell\Kontainers\AviLdr.dll (Dell Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O20 - Winlogon\Notify\TPSvc: DllName - TPSvc.dll -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.23 18:17:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.08.06 11:22:49 | 000,000,044 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.07.10 03:14:42 | 000,000,000 | RH-D | M] - E:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.16 14:56:50 | 000,000,036 | RH-- | M] () - E:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{17b2a766-5310-11e0-8e6d-000ffe5f8bd6}\Shell - "" = AutoRun
O33 - MountPoints2\{17b2a766-5310-11e0-8e6d-000ffe5f8bd6}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{17b2a766-5310-11e0-8e6d-000ffe5f8bd6}\Shell\AutoRun\command - "" = G:\PWAutoRun.exe
O33 - MountPoints2\{63177b61-5f93-11df-8e5c-000ffe5f8bd6}\Shell\AutoRun\command - "" = E:\avira.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2100.06.30 19:58:50 | 000,000,000 | ---D | C] -- C:\Daten\Mario\Diverses
[2011.08.09 01:21:40 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***********\Recent
[2011.08.08 10:59:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.08.07 20:22:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\AppData
[2011.08.07 14:07:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Desktop\Tongkat Ali
[2011.08.07 13:12:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Free Screen To Video
[2011.08.07 13:11:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\FreeScreenToVideo
[2011.08.07 13:11:54 | 000,000,000 | ---D | C] -- C:\Programme\Free Screen To Video
[2011.08.07 13:11:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\searchqutoolbar
[2011.08.07 13:11:33 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar
[2011.08.07 12:46:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\screenrecorder
[2011.08.07 11:37:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Software
[2011.08.07 11:37:33 | 000,000,000 | ---D | C] -- C:\Programme\NCH Software
[2011.08.07 09:38:19 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2011.08.07 00:04:48 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2011.08.07 00:04:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2011.08.07 00:00:49 | 000,214,408 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2011.08.07 00:00:49 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2011.08.07 00:00:49 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2011.08.04 09:58:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\!SASCORE
[2011.07.31 10:06:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Hewlett-Packard
[2011.07.30 14:16:58 | 000,000,000 | ---D | C] -- C:\Daten\Mario\My Recordings
[2011.07.30 14:14:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Deskshare
[2011.07.30 14:13:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Lokale Einstellungen\Anwendungsdaten\DeskShare Data
[2011.07.30 14:12:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Lokale Einstellungen\Anwendungsdaten\Spoon
[2011.07.25 18:24:40 | 000,000,000 | ---D | C] -- C:\Daten\Mario\DVDVideoSoft
[2011.07.25 18:24:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVDVideoSoft
[2011.07.25 18:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Plasmoo
[2011.07.25 18:24:19 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
[2011.07.25 18:24:18 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2011.07.20 19:15:49 | 000,000,000 | ---D | C] -- C:\Daten\Mario\TarnaRider+Dunkleo Stuff
[2011.07.20 17:38:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Desktop\Rasur
[2011.07.17 22:45:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Desktop\Beiträge
[2011.07.17 08:31:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2011.07.16 23:01:25 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***********\Desktop\OTL.exe
[2011.07.15 20:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.07.12 09:22:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Standalone System Sweeper
[2011.04.17 14:54:24 | 000,094,208 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\ezplay.sys
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011.08.09 10:55:00 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.09 10:54:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.09 01:16:29 | 000,065,536 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.09 00:44:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2011.08.09 00:42:53 | 000,000,013 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Shutdown.cmd
[2011.08.07 20:35:59 | 000,000,925 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\DVDVideoSoft Free Studio.lnk
[2011.08.07 20:35:59 | 000,000,872 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Free Video Dub.lnk
[2011.08.07 20:03:08 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.08.07 19:10:15 | 000,000,096 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Rehadis Online Shop - Heizkissen HK 25 Heizkissen HK 25 WG02002.URL
[2011.08.07 13:12:00 | 000,000,792 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Free Screen To Video.lnk
[2011.08.07 09:38:19 | 000,002,855 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Startmenü\Programme\Autostart\Verknüpfung mit exefix_xp.pif
[2011.08.07 00:00:29 | 000,445,874 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.08.07 00:00:29 | 000,429,418 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.07 00:00:29 | 000,078,760 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.08.07 00:00:29 | 000,066,176 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.07 00:00:09 | 000,214,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2011.08.07 00:00:08 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2011.08.07 00:00:07 | 000,128,000 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2011.08.07 00:00:06 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2011.08.06 23:59:59 | 000,544,656 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2011.08.06 22:51:12 | 000,000,056 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\meinbild.ch.URL
[2011.08.04 18:45:42 | 000,010,752 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\exefix_xp.com
[2011.08.04 16:06:05 | 524,288,000 | ---- | M] () -- C:\REMOVE_THIS_FILE.livecd.swap
[2011.08.04 09:58:07 | 000,001,661 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.08.03 14:45:45 | 000,000,101 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Orange Support mobile phone setup.URL
[2011.08.03 13:31:24 | 000,000,112 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Avena Sativa für Erektionskraft & Lustgefühl. Dose mit 90 Kapseln nur 25,95ý size=25 maxlenght=50 Meta Description input typ.URL
[2011.07.30 09:43:40 | 000,000,068 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\QuestScan Sicher PC.URL
[2011.07.28 17:24:05 | 000,000,064 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Simviation.com. Aircraft Engine & other Sounds for Flight Simulator & Combat Flight Simulator..URL
[2011.07.28 09:41:01 | 000,269,392 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.27 09:10:07 | 000,000,673 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2011.07.26 13:48:25 | 000,000,313 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Conrad Electronic - Europas führendes Versandhandelsunternehmen für Elektronik und Technik.URL
[2011.07.24 17:47:17 | 000,000,085 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Vitamin B Komplex.URL
[2011.07.20 19:40:12 | 000,000,065 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\Seniorenhandy.URL
[2011.07.17 09:55:04 | 000,000,239 | -HS- | M] () -- C:\boot.ini
[2011.07.16 23:01:25 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***********\Desktop\OTL.exe
[2011.07.15 20:00:26 | 000,000,775 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.12 17:53:47 | 000,000,125 | ---- | M] () -- C:\Dokumente und Einstellungen\***********\Desktop\UpgradeCenter - G Data Software AG.URL
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011.08.09 01:26:21 | 000,161,080 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011.08.07 19:10:15 | 000,000,096 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Rehadis Online Shop - Heizkissen HK 25 Heizkissen HK 25 WG02002.URL
[2011.08.07 13:12:00 | 000,000,792 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Free Screen To Video.lnk
[2011.08.07 09:38:19 | 000,002,855 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Startmenü\Programme\Autostart\Verknüpfung mit exefix_xp.pif
[2011.08.07 00:04:48 | 000,002,243 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.08.06 22:51:12 | 000,000,056 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\meinbild.ch.URL
[2011.08.04 18:49:12 | 000,010,752 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\exefix_xp.com
[2011.08.03 14:45:45 | 000,000,101 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Orange Support mobile phone setup.URL
[2011.08.03 13:31:24 | 000,000,112 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Avena Sativa für Erektionskraft & Lustgefühl. Dose mit 90 Kapseln nur 25,95ý size=25 maxlenght=50 Meta Description input typ.URL
[2011.07.30 09:43:40 | 000,000,068 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\QuestScan Sicher PC.URL
[2011.07.28 17:24:05 | 000,000,064 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Simviation.com. Aircraft Engine & other Sounds for Flight Simulator & Combat Flight Simulator..URL
[2011.07.26 13:48:25 | 000,000,313 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Conrad Electronic - Europas führendes Versandhandelsunternehmen für Elektronik und Technik.URL
[2011.07.25 18:24:41 | 000,000,925 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\DVDVideoSoft Free Studio.lnk
[2011.07.25 18:24:25 | 000,000,872 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Free Video Dub.lnk
[2011.07.24 17:47:17 | 000,000,085 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Vitamin B Komplex.URL
[2011.07.20 19:40:12 | 000,000,065 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\Seniorenhandy.URL
[2011.07.12 17:53:47 | 000,000,125 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Desktop\UpgradeCenter - G Data Software AG.URL
[2011.06.16 18:41:21 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.06.05 19:53:58 | 000,017,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro35.sys
[2011.05.07 10:21:45 | 000,221,023 | ---- | C] () -- C:\WINDOWS\hpoins43.dat
[2011.05.07 10:21:45 | 000,000,601 | ---- | C] () -- C:\WINDOWS\hpomdl43.dat
[2011.04.24 12:40:47 | 000,725,064 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
[2011.04.24 12:40:46 | 000,016,472 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
[2011.04.24 12:40:46 | 000,011,104 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
[2011.04.17 14:54:24 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\inst.exe
[2011.04.17 14:54:24 | 000,007,861 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\ezplay.cat
[2011.04.17 14:54:24 | 000,001,104 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\ezplay.inf
[2011.04.17 14:54:24 | 000,000,125 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\ezplay.ini
[2011.04.09 12:39:51 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2011.04.09 12:39:51 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2011.04.09 12:39:41 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\$_hpcst$.hpc
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll
[2011.03.20 18:04:07 | 000,053,088 | ---- | C] () -- C:\WINDOWS\System32\drivers\Tetri5.sys
[2011.03.20 16:13:17 | 000,000,044 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2011.01.02 11:27:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\pestpatrol5.INI
[2010.05.15 00:47:21 | 000,000,383 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2010.05.14 21:11:03 | 000,000,760 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\setup_ldm.iss
[2009.10.07 01:46:36 | 000,025,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.10.07 01:23:08 | 000,013,584 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009.08.21 12:04:11 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.08.21 12:02:42 | 000,065,536 | ---- | C] () -- C:\Dokumente und Einstellungen\***********\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.19 23:47:06 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\default_user_class.dat
[2009.08.19 18:12:27 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.08.19 17:32:45 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009.08.19 17:32:45 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.08.19 17:20:50 | 000,082,289 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2009.08.19 15:05:45 | 001,481,884 | ---- | C] () -- C:\WINDOWS\System32\igkrng400.bin
[2009.08.19 15:05:45 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v5016.dll
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007.10.06 17:55:38 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007.01.24 10:07:29 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007.01.23 19:05:21 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007.01.23 19:05:14 | 000,118,784 | ---- | C] () -- C:\WINDOWS\GREUninstall.exe
[2007.01.23 19:05:13 | 000,011,882 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007.01.23 18:54:23 | 000,001,996 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2007.01.23 18:54:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007.01.23 18:39:19 | 000,348,880 | ---- | C] () -- C:\WINDOWS\System32\igmedkrn.dll
[2007.01.23 18:39:19 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4642.dll
[2007.01.23 18:19:31 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007.01.23 18:15:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.01.23 17:53:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007.01.23 17:52:57 | 000,269,392 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.08.04 20:24:28 | 000,010,747 | ---- | C] () -- C:\WINDOWS\System32\UDBDef.exe
[2004.08.04 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004.08.04 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004.08.04 14:00:00 | 000,445,874 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004.08.04 14:00:00 | 000,429,418 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004.08.04 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004.08.04 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004.08.04 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004.08.04 14:00:00 | 000,078,760 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004.08.04 14:00:00 | 000,066,176 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004.08.04 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004.08.04 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004.08.04 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004.08.04 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004.08.04 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004.08.04 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 247 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:9B013599
@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C895616B

< End of report >


Ein Scan mit Malwarebyte's Antimalware hat leider keinen Fund ergeben.

Dem OLT Logfile ist zu entnehmen, dass sich searchqu weit verbreitet hat, also mehrere Dateien vorhanden sind. Wie kann ich es denn am einfachsten löschen?
Seitenanfang Seitenende
10.08.2011, 19:18
Moderator

Beiträge: 5694
#2 Schritt 1

[color=blue]Programme deinstallieren[/color]

Da einige Programme und Anti-Spy-Programme uns u. U. bei der Bereinigung behindern (z. B. durch ständig laufende Hintergrundwächter), unnötig oder schädlich sind oder einfach nicht mehr gebraucht werden, bitte ich darum, die folgenden Programme über Systemsteuerung => Software komplett zu deinstallieren.

Code

Windows Searchqu Toolbar
Berichte mir, falls sich ein Programm nicht deinstallieren lässt. Nach Beendigung der Bereinigung können wir schauen, welche davon Du wieder installieren kannst/sollest.

Schritt 2

Fixen mit OTL

• Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die Textbox.

Code

:OTL
PRC - [2011.07.21 14:29:38 | 001,547,152 | ---- | M] (Bandoo Media, inc) -- C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe
O2 - BHO: (Loader Class) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll) - C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
[2011.08.07 13:11:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***********\Anwendungsdaten\searchqutoolbar
[2011.08.07 13:11:33 | 000,000,000 | ---D | C] -- C:\Programme\Windows Searchqu Toolbar
:Commands
[purity]
[emptytemp]
• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
Kopiere nun den Inhalt hier in Deinen Thread
Seitenanfang Seitenende
23.10.2011, 22:02
...neu hier

Beiträge: 8
#3 All processes killed
========== OTL ==========
No active process named datamngrUI.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ not found.
File C:\Programme\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR not found.
File C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\WI9130~1\Datamngr\datamngr.dll deleted successfully.
File C:\Programme\Windows Searchqu Toolbar\Datamngr\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~1\WI9130~1\Datamngr\IEBHO.dll deleted successfully.
File C:\Programme\Windows Searchqu Toolbar\Datamngr\IEBHO.dll not found.
Folder C:\Dokumente und Einstellungen\***********\Anwendungsdaten\searchqutoolbar\ not found.
Folder C:\Programme\Windows Searchqu Toolbar\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Drahnier016
->Temp folder emptied: 48526576 bytes
->Temporary Internet Files folder emptied: 22256939 bytes
->Java cache emptied: 19883633 bytes
->FireFox cache emptied: 46824844 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 17343436 bytes
->Flash cache emptied: 475 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4192 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 69272646 bytes

Total Files Cleaned = 214.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 10232011_215401

Files\Folders moved on Reboot...
C:\Users\Drahnier016\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Seitenanfang Seitenende
23.10.2011, 22:03
...neu hier

Beiträge: 8
#4 haffe du kannst mir weiter helfen bitte

danke im voraus
Seitenanfang Seitenende
24.10.2011, 12:49
Moderator

Beiträge: 5694
#5 Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
• Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die Textbox.

Code

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
explorer.exe
regedit.exe
winlogon.exe
wininit.exe
userinit.exe
/md5stop
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
CREATERESTOREPOINT
• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
Seitenanfang Seitenende
24.10.2011, 15:52
...neu hier

Beiträge: 8
#6 OTL logfile created on: 24.10.2011 15:45:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Drahnier016\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

8.00 Gb Total Physical Memory | 6.25 Gb Available Physical Memory | 78.09% Memory free
16.00 Gb Paging File | 14.06 Gb Available in Paging File | 87.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 303.81 Gb Free Space | 65.24% Space Free | Partition Type: NTFS

Computer Name: DRAHNIER016-PC | User Name: Drahnier016 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2011.10.24 00:31:24 | 003,071,384 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2011.10.23 21:51:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Drahnier016\Desktop\OTL.exe
PRC - [2011.10.23 21:18:43 | 000,947,056 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.10.11 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.09.23 09:02:58 | 011,515,184 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\BitComet.exe
PRC - [2011.08.16 00:56:16 | 002,589,808 | ---- | M] (GamersFirst) -- C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2011.10.24 00:31:24 | 003,071,384 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2011.10.23 21:18:44 | 000,776,704 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2011.10.23 21:18:44 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2011.10.23 21:18:44 | 000,275,968 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2011.10.23 21:18:44 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2011.10.23 21:18:44 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreelements.dll
MOD - [2011.10.23 21:18:44 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2011.10.23 21:18:44 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2011.10.23 21:18:44 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2011.10.23 21:18:44 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2011.10.23 21:18:44 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2011.10.23 21:18:44 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2011.10.23 21:18:44 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2011.10.23 21:18:44 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.01.07 19:40:30 | 015,988,224 | ---- | M] () -- C:\Program Files (x86)\GamersFirst\LIVE!\libcef.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - [2011.10.11 14:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.11 14:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.03 03:31:42 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.12.28 10:00:34 | 001,296,728 | ---- | M] (www.BitComet.com) [On_Demand | Running] -- C:\Program Files (x86)\BitComet\tools\BitCometService.exe -- (BITCOMET_HELPER_SERVICE)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2011.10.11 15:00:01 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.10.11 15:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 11:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.12.22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&affID=107763&mntrId=9a14d7e70000000000006c626dd9c7e3
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 68 74 BC B7 76 8A CC 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.10.21 07:00:24 | 000,000,000 | ---D | M]

[2011.10.24 06:29:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.10.21 07:00:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
[2011.10.21 13:45:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011.09.09 06:49:04 | 001,037,112 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.22 00:58:26 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.10.15 22:53:30 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011.10.21 21:43:52 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - Extension: Facemoods = C:\Users\Drahnier016\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif\1.4.1_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (DivX Plus Web Player HTML5 <video>;) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s File not found
O4 - HKCU..\Run: [BitComet] C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [MediaGet2] C:\Users\Drahnier016\AppData\Local\MediaGet2\mediaget.exe --minimized File not found
O4 - HKCU..\Run: [Steam] C:\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8:64bit: - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &Alles mit BitComet herunterladen - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Mit BitComet herunter&laden - C:\Program Files (x86)\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D2853B30-B3FC-40ED-AF99-B5C04F31A241}: DhcpNameServer = 10.0.0.138
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP



CREATERESTOREPOINT
Restore point Set: OTL Restore Point

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011.10.24 06:49:19 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2011.10.24 06:49:19 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2011.10.24 00:48:59 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\OpenCandy
[2011.10.24 00:48:58 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\OpenCandy
[2011.10.24 00:31:37 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\GamersFirst LIVE!
[2011.10.24 00:31:26 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\PMB Files
[2011.10.24 00:31:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.10.24 00:31:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2011.10.24 00:31:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamersFirst
[2011.10.24 00:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2011.10.23 21:54:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.10.23 21:51:09 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Drahnier016\Desktop\OTL.exe
[2011.10.23 20:55:58 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\JonDo
[2011.10.23 20:23:04 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2011.10.23 20:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue
[2011.10.23 04:46:57 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.10.23 04:46:57 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.10.23 04:46:53 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.10.23 04:46:53 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.10.23 04:46:53 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.10.23 04:46:53 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.10.23 04:46:53 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.10.23 04:46:53 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.10.23 04:46:53 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.10.23 02:57:09 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2011.10.22 23:36:30 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Skype
[2011.10.22 23:36:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.10.22 23:36:25 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011.10.22 23:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.10.22 20:28:15 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\TS3Client
[2011.10.22 20:27:51 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.10.22 20:27:49 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\TeamSpeak 3 Client
[2011.10.22 06:01:55 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Avira
[2011.10.22 06:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.10.22 03:52:15 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.10.22 03:52:15 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.10.22 03:52:15 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.10.22 03:52:15 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.10.22 03:52:15 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.10.22 03:52:15 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.10.22 03:52:15 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.10.22 03:51:52 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xmllite.dll
[2011.10.22 03:51:50 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbcjt32.dll
[2011.10.22 03:51:50 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbctrac.dll
[2011.10.22 03:51:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbctrac.dll
[2011.10.22 03:51:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccp32.dll
[2011.10.22 03:51:50 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccp32.dll
[2011.10.22 03:51:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccu32.dll
[2011.10.22 03:51:50 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\odbccr32.dll
[2011.10.22 03:51:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccu32.dll
[2011.10.22 03:51:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\odbccr32.dll
[2011.10.22 03:51:49 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.10.22 03:51:49 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.10.22 03:50:14 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.10.22 03:50:14 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.10.22 03:50:12 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sbe.dll
[2011.10.22 03:50:12 | 000,961,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2011.10.22 03:50:12 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sbe.dll
[2011.10.22 03:50:12 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.10.22 03:50:12 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2011.10.22 03:50:12 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.10.22 03:50:12 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mpg2splt.ax
[2011.10.22 03:50:12 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mpg2splt.ax
[2011.10.22 03:47:46 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.10.22 03:47:46 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.10.22 03:47:46 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.10.22 03:47:46 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.10.22 03:47:46 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.10.22 03:47:46 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.10.22 03:47:46 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011.10.22 03:47:46 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011.10.22 03:47:46 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.10.22 03:47:46 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011.10.22 03:47:46 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011.10.22 03:47:46 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011.10.22 03:47:46 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011.10.22 03:40:19 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011.10.22 03:40:19 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011.10.22 03:39:12 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.10.22 03:39:12 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.10.22 03:39:12 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011.10.22 03:39:05 | 001,465,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.10.22 03:39:05 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.10.22 03:39:00 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011.10.22 03:39:00 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011.10.22 03:39:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011.10.22 03:39:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011.10.22 03:28:39 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011.10.22 03:28:39 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011.10.22 03:28:39 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2011.10.22 03:28:39 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2011.10.22 03:28:39 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011.10.22 03:28:39 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011.10.22 03:28:28 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.10.22 03:28:27 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011.10.22 03:28:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011.10.22 03:28:27 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011.10.22 03:27:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2011.10.22 03:27:40 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.10.22 03:27:40 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.10.22 03:27:40 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.10.22 03:27:40 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.10.22 03:26:57 | 000,642,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011.10.22 03:26:57 | 000,605,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011.10.22 03:26:57 | 000,566,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011.10.22 03:26:57 | 000,518,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011.10.22 03:26:57 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011.10.22 03:26:57 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011.10.22 03:26:57 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011.10.22 03:21:31 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.10.22 03:21:31 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.10.22 03:21:31 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.10.22 03:21:31 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.10.22 03:21:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.10.22 03:21:31 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.10.22 03:21:31 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.10.22 03:21:31 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.10.22 03:21:31 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.10.22 03:21:31 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.10.22 03:21:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.10.22 03:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.10.22 03:21:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.10.22 03:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.10.22 03:21:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.10.22 03:21:31 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.10.22 03:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.10.22 03:21:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.10.22 03:21:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.10.22 03:21:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.10.22 03:20:57 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.10.22 03:20:57 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.10.22 03:20:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.10.22 03:20:35 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.10.22 03:20:34 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011.10.22 03:20:02 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.10.22 03:20:02 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.10.22 03:19:56 | 005,561,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.10.22 03:19:56 | 003,967,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.10.22 03:19:56 | 003,912,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.10.21 23:21:19 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\vlc
[2011.10.21 23:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.10.21 23:21:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2011.10.21 21:59:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smallvideosoft
[2011.10.21 21:43:53 | 000,307,200 | ---- | C] (FLV.com) -- C:\Windows\SysWow64\TubeFinder.exe
[2011.10.21 21:43:53 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.10.21 21:43:52 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
[2011.10.21 21:43:52 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2011.10.21 21:43:52 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCFR.DLL
[2011.10.21 21:43:52 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6FR.DLL
[2011.10.21 21:43:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2011.10.21 21:43:52 | 000,084,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PICCLP32.OCX
[2011.10.21 21:43:52 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CMDLGFR.DLL
[2011.10.21 21:43:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCCLPFR.DLL
[2011.10.21 21:43:52 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\FreeFLVConverter
[2011.10.21 21:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2011.10.21 21:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2011.10.21 21:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2011.10.21 21:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2011.10.21 21:37:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NCH Software
[2011.10.21 21:37:49 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\NCH Software
[2011.10.21 21:34:23 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\AVS4YOU
[2011.10.21 21:33:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2011.10.21 21:33:21 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[2011.10.21 21:33:21 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2011.10.21 21:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011.10.21 17:04:07 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\DDMSettings
[2011.10.21 14:13:46 | 000,000,000 | ---D | C] -- C:\WebCD
[2011.10.21 13:45:29 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.10.21 13:45:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.10.21 13:45:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.10.21 08:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.10.21 08:29:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.10.21 07:52:12 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.10.21 07:44:30 | 000,000,000 | -H-D | C] -- C:\$WINDOWS.~Q
[2011.10.21 07:42:26 | 000,000,000 | -H-D | C] -- C:\$INPLACE.~TR
[2011.10.21 06:58:17 | 000,000,000 | --SD | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Videos
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Saved Games
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Pictures
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Music
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Links
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Favorites
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Downloads
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Documents
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Desktop
[2011.10.21 06:58:17 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Vorlagen
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\AppData\Local\Verlauf
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\AppData\Local\Temporary Internet Files
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Startmenü
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\SendTo
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Recent
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Netzwerkumgebung
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Lokale Einstellungen
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Documents\Eigene Videos
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Documents\Eigene Musik
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Eigene Dateien
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Documents\Eigene Bilder
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Druckumgebung
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Cookies
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\AppData\Local\Anwendungsdaten
[2011.10.21 06:58:17 | 000,000,000 | -HSD | C] -- C:\Users\Drahnier016\Anwendungsdaten
[2011.10.21 06:58:17 | 000,000,000 | -H-D | C] -- C:\Users\Drahnier016\AppData
[2011.10.21 06:58:17 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Temp
[2011.10.21 06:58:17 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Microsoft
[2011.10.21 06:58:17 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Media Center Programs
[2011.10.21 06:55:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.10.21 06:55:58 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.10.21 06:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2011.10.21 06:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.10.21 06:53:52 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2011.10.21 05:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011.10.21 04:37:54 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\SysWow64\xvid.ax
[2011.10.21 04:10:58 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Babylon
[2011.10.21 04:10:58 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Babylon
[2011.10.21 04:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2011.10.21 04:10:55 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\MediaGet2
[2011.10.21 04:02:26 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\PackageAware
[2011.10.21 02:06:17 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\ElevatedDiagnostics
[2011.10.20 22:38:47 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.10.20 22:38:47 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.10.20 22:38:47 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.10.20 22:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.10.20 22:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.10.20 20:35:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.10.20 20:35:38 | 000,000,000 | ---D | C] -- C:\Steam
[2011.10.20 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2011.10.19 15:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
[2011.10.19 15:22:12 | 023,801,112 | ---- | C] (DivX, Inc.) -- C:\Users\Drahnier016\Documents\DivXInstaller0310.exe
[2011.10.19 11:38:22 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\Eigene Filme
[2011.10.19 09:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2011.10.19 00:26:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.10.18 06:17:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Stardock
[2011.10.18 06:16:58 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Stardock
[2011.10.18 05:22:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2011.10.18 03:53:16 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\DivX
[2011.10.18 03:53:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2011.10.18 03:51:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2011.10.18 03:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011.10.17 23:43:38 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.10.17 21:47:25 | 004,137,464 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011.10.17 21:46:38 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011.10.17 21:46:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011.10.17 21:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gPotato.eu
[2011.10.17 21:41:25 | 000,000,000 | ---D | C] -- C:\Program Files\gPotato.eu
[2011.10.17 20:20:32 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Overwolf
[2011.10.17 00:44:05 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\TVU Networks
[2011.10.17 00:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2011.10.16 22:58:02 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\riotsGamesLogs
[2011.10.16 22:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2011.10.16 20:53:20 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Ubisoft
[2011.10.16 19:46:53 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2011.10.16 19:46:53 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2011.10.16 19:46:53 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2011.10.16 19:46:53 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2011.10.16 19:46:52 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2011.10.16 19:46:52 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2011.10.16 19:46:51 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2011.10.16 19:46:51 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2011.10.16 19:46:50 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2011.10.16 19:46:50 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2011.10.16 19:46:49 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2011.10.16 19:46:49 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2011.10.16 19:46:48 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2011.10.16 19:46:48 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2011.10.16 19:46:47 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2011.10.16 19:46:47 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2011.10.16 19:46:46 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2011.10.16 19:46:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2011.10.16 19:46:46 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2011.10.16 19:46:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2011.10.16 19:46:42 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2011.10.16 19:46:42 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2011.10.16 19:46:40 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2011.10.16 19:46:40 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2011.10.16 18:35:21 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Tropico 3
[2011.10.16 06:07:19 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mall Tycoon 3
[2011.10.16 06:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spiele
[2011.10.16 03:31:29 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\NVIDIA
[2011.10.16 03:20:54 | 000,000,000 | RH-D | C] -- C:\Users\Drahnier016\AppData\Roaming\SecuROM
[2011.10.16 03:18:51 | 000,581,632 | R--- | C] (City Interactive) -- C:\Users\Drahnier016\Desktop\Sniper Ghost.exe
[2011.10.16 03:08:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtuelles Laufwerk
[2011.10.15 23:32:35 | 000,000,000 | ---D | C] -- C:\Downloads
[2011.10.15 23:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
[2011.10.15 23:24:36 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\BitComet
[2011.10.15 23:24:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BitComet
[2011.10.15 22:55:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.10.15 22:55:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.10.15 22:55:08 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.10.15 22:54:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.10.15 22:52:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\i4j_jres
[2011.10.15 14:27:29 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Shareaza
[2011.10.15 14:27:00 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Shareaza
[2011.10.15 14:03:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2011.10.15 13:20:44 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\LolClient
[2011.10.15 03:56:50 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\Documents\TheMatrix Screen Saver
[2011.10.15 03:56:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TheMatrix Screen Saver
[2011.10.15 03:52:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Office
[2011.10.15 03:52:39 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Kingsoft
[2011.10.15 03:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Kingsoft
[2011.10.15 03:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kingsoft
[2011.10.15 03:48:18 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Stardock
[2011.10.15 03:47:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock
[2011.10.15 03:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock
[2011.10.15 03:21:37 | 000,332,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll.backup
[2011.10.15 03:21:34 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\themeui.dll.backup
[2011.10.15 02:50:55 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.10.15 02:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.10.15 00:26:45 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011.10.15 00:26:45 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011.10.15 00:26:44 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011.10.14 21:14:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.10.14 21:12:11 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011.10.14 19:58:54 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Mozilla
[2011.10.14 19:58:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.10.14 17:21:48 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\Documents\Microsoft Hardware
[2011.10.14 16:46:09 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\Documents\My Games
[2011.10.14 16:46:09 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\FalloutNV
[2011.10.14 16:46:05 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2011.10.14 16:46:05 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011.10.14 16:46:04 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.10.14 16:46:04 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.10.14 16:46:04 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2011.10.14 16:46:04 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2011.10.14 16:46:03 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.10.14 16:46:03 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.10.14 16:46:03 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.10.14 16:46:03 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2011.10.14 16:46:03 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.10.14 16:46:03 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2011.10.14 16:46:03 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.10.14 16:46:03 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2011.10.14 16:46:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.10.14 16:46:03 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2011.10.14 16:46:03 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.10.14 16:46:03 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.10.14 16:46:02 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2011.10.14 16:46:02 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2011.10.14 16:46:02 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2011.10.14 16:46:02 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2011.10.14 16:46:02 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2011.10.14 16:46:02 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2011.10.14 16:46:02 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2011.10.14 16:46:02 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011.10.14 16:46:01 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2011.10.14 16:46:01 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2011.10.14 16:46:01 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2011.10.14 16:46:01 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2011.10.14 16:46:01 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2011.10.14 16:46:01 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2011.10.14 16:46:01 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2011.10.14 16:46:01 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2011.10.14 16:46:01 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2011.10.14 16:46:01 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2011.10.14 16:46:01 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2011.10.14 16:46:01 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2011.10.14 16:46:00 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2011.10.14 16:46:00 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2011.10.14 16:46:00 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2011.10.14 16:46:00 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2011.10.14 16:45:59 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2011.10.14 16:45:59 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2011.10.14 16:45:59 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2011.10.14 16:45:59 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2011.10.14 16:45:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2011.10.14 16:45:59 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2011.10.14 16:45:59 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2011.10.14 16:45:59 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2011.10.14 16:45:58 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2011.10.14 16:45:58 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2011.10.14 16:45:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2011.10.14 16:45:58 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2011.10.14 16:45:58 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2011.10.14 16:45:58 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2011.10.14 16:45:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2011.10.14 16:45:58 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2011.10.14 16:45:58 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2011.10.14 16:45:58 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2011.10.14 16:45:58 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2011.10.14 16:45:58 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2011.10.14 16:45:58 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2011.10.14 16:45:57 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2011.10.14 16:45:57 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2011.10.14 16:45:57 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2011.10.14 16:45:57 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2011.10.14 16:45:57 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2011.10.14 16:45:57 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2011.10.14 16:45:57 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2011.10.14 16:45:57 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2011.10.14 16:45:56 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2011.10.14 16:45:56 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2011.10.14 16:45:56 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2011.10.14 16:45:56 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2011.10.14 16:45:56 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2011.10.14 16:45:56 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2011.10.14 16:45:56 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2011.10.14 16:45:56 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2011.10.14 16:45:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2011.10.14 16:45:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2011.10.14 16:45:55 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2011.10.14 16:45:55 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2011.10.14 16:45:55 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2011.10.14 16:45:55 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2011.10.14 16:45:55 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2011.10.14 16:45:55 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2011.10.14 16:45:55 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2011.10.14 16:45:55 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2011.10.14 16:45:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2011.10.14 16:45:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2011.10.14 16:45:54 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2011.10.14 16:45:54 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2011.10.14 16:45:54 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2011.10.14 16:45:54 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2011.10.14 16:45:54 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2011.10.14 16:45:54 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2011.10.14 16:45:54 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2011.10.14 16:45:54 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2011.10.14 16:45:54 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2011.10.14 16:45:54 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2011.10.14 16:45:54 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2011.10.14 16:45:54 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2011.10.14 16:45:53 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011.10.14 16:45:53 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.10.14 16:45:51 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2011.10.14 16:45:51 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2011.10.14 16:45:51 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2011.10.14 16:45:51 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2011.10.14 16:45:51 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2011.10.14 16:45:51 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2011.10.14 16:45:51 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2011.10.14 16:45:51 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2011.10.14 16:45:50 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2011.10.14 16:45:50 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2011.10.14 16:45:50 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2011.10.14 16:45:50 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2011.10.14 16:45:49 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2011.10.14 16:45:49 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2011.10.14 16:45:49 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2011.10.14 16:45:49 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2011.10.14 16:45:49 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2011.10.14 16:45:49 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2011.10.14 16:45:49 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2011.10.14 16:45:49 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2011.10.14 16:45:48 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2011.10.14 16:45:48 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011.10.14 16:45:47 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2011.10.14 16:45:47 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2011.10.14 16:45:47 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2011.10.14 16:45:47 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2011.10.14 16:45:47 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2011.10.14 16:45:47 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2011.10.14 16:45:47 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2011.10.14 16:45:47 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2011.10.14 16:45:46 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2011.10.14 16:45:46 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2011.10.14 16:45:43 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2011.10.14 16:45:43 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2011.10.14 16:45:42 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2011.10.14 16:45:42 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2011.10.14 16:45:42 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2011.10.14 16:45:42 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2011.10.14 16:45:42 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2011.10.14 16:45:42 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2011.10.14 16:45:41 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2011.10.14 16:45:41 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2011.10.14 16:45:39 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2011.10.14 16:45:39 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2011.10.14 16:45:39 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2011.10.14 16:45:39 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2011.10.14 16:45:39 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2011.10.14 16:45:39 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2011.10.14 16:45:38 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2011.10.14 16:45:38 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2011.10.14 16:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.10.14 16:16:13 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Macromedia
[2011.10.14 16:16:13 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Adobe
[2011.10.14 16:15:35 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Google
[2011.10.14 16:15:09 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.10.14 16:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.10.14 16:08:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2011.10.14 16:08:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.10.14 16:02:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
[2011.10.14 16:02:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliType Pro
[2011.10.14 15:51:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2011.10.14 15:47:04 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\WinRAR
[2011.10.14 15:47:02 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.10.14 15:46:57 | 024,692,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2011.10.14 15:46:57 | 022,470,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2011.10.14 15:46:57 | 017,193,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2011.10.14 15:46:57 | 016,595,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2011.10.14 15:46:57 | 015,064,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2011.10.14 15:46:57 | 012,636,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2011.10.14 15:46:57 | 008,355,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2011.10.14 15:46:57 | 007,254,632 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2011.10.14 15:46:57 | 006,613,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2011.10.14 15:46:57 | 005,404,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2011.10.14 15:46:57 | 002,758,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2011.10.14 15:46:57 | 002,532,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2011.10.14 15:46:57 | 002,412,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2011.10.14 15:46:57 | 002,391,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2011.10.14 15:46:57 | 002,222,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2011.10.14 15:46:57 | 002,090,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2011.10.14 15:46:57 | 001,519,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll
[2011.10.14 15:46:57 | 001,453,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll
[2011.10.14 15:46:57 | 001,426,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco642040.dll
[2011.10.14 15:46:57 | 000,174,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2011.10.14 15:46:57 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2011.10.14 15:46:57 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2011.10.14 15:46:57 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2011.10.14 15:46:12 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2011.10.14 15:43:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011.10.14 15:43:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.10.14 15:43:25 | 006,136,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2011.10.14 15:43:25 | 003,021,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2011.10.14 15:43:25 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2011.10.14 15:43:25 | 000,836,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\easyupdatusapiu64.dll
[2011.10.14 15:43:25 | 000,117,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2011.10.14 15:43:25 | 000,061,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2011.10.14 15:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.14 15:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.14 15:41:11 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Opera
[2011.10.14 15:41:11 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\Opera
[2011.10.14 15:41:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2011.10.14 15:35:52 | 002,578,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.10.14 15:35:51 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.10.14 15:35:51 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2011.10.14 15:35:51 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2011.10.14 15:35:51 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.10.14 15:35:51 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.10.14 15:35:51 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.10.14 15:35:51 | 000,121,744 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll
[2011.10.14 15:35:51 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2011.10.14 15:35:51 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2011.10.14 15:35:51 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011.10.14 15:35:50 | 002,828,904 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2011.10.14 15:35:50 | 000,626,792 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2011.10.14 15:35:50 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2011.10.14 15:35:49 | 002,328,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2011.10.14 15:35:49 | 001,247,848 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2011.10.14 15:35:49 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2011.10.14 15:35:49 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.10.14 15:35:49 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.10.14 15:35:49 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.10.14 15:35:49 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.10.14 15:35:48 | 000,608,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2011.10.14 15:35:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.10.14 15:35:48 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.10.14 15:35:48 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2011.10.14 15:35:46 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.10.14 15:35:46 | 001,868,944 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011.10.14 15:35:46 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011.10.14 15:35:46 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011.10.14 15:35:46 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011.10.14 15:35:46 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011.10.14 15:35:46 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.10.14 15:35:46 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011.10.14 15:35:46 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011.10.14 15:35:46 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011.10.14 15:35:42 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.10.14 15:35:42 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011.10.14 15:35:42 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011.10.14 15:35:42 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011.10.14 15:35:42 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011.10.14 15:35:41 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011.10.14 15:35:41 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011.10.14 15:35:41 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011.10.14 15:35:41 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011.10.14 15:35:41 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011.10.14 15:35:41 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2011.10.14 15:35:41 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011.10.14 15:35:41 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011.10.14 15:35:41 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011.10.14 15:35:41 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2011.10.14 15:35:38 | 001,251,944 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011.10.14 15:35:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.10.14 15:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.10.14 15:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.10.14 15:34:29 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.10.14 15:32:24 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2011.10.14 15:32:18 | 000,038,456 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\usbfilter.sys
[2011.10.14 15:32:18 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.10.14 15:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.10.14 15:32:13 | 000,016,440 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\drivers\AtiPcie.sys
[2011.10.14 15:31:54 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.10.14 15:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011.10.14 15:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011.10.14 15:28:04 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.10.14 15:28:04 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Searches
[2011.10.14 15:28:04 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.10.14 15:27:52 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Roaming\Identities
[2011.10.14 15:27:50 | 000,000,000 | R--D | C] -- C:\Users\Drahnier016\Contacts
[2011.10.14 15:27:48 | 000,000,000 | ---D | C] -- C:\Users\Drahnier016\AppData\Local\VirtualStore
[2011.10.14 15:27:32 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.10.14 15:27:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.10.14 15:27:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011.10.24 15:36:49 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.24 15:36:49 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.24 15:33:38 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.24 15:33:38 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.24 15:33:38 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.24 15:33:38 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.24 15:33:38 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.24 15:29:38 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.24 15:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.24 15:29:02 | 2146,836,479 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.24 07:26:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Drahnier016.job
[2011.10.24 07:16:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.24 02:57:28 | 000,000,386 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Verbindung.lnk
[2011.10.24 00:53:24 | 000,001,165 | ---- | M] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.10.24 00:31:21 | 000,001,156 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.10.24 00:31:21 | 000,001,122 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.10.23 21:51:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Drahnier016\Desktop\OTL.exe
[2011.10.23 04:39:15 | 000,282,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.23 02:57:11 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.10.23 02:41:44 | 000,007,597 | ---- | M] () -- C:\Users\Drahnier016\AppData\Local\Resmon.ResmonCfg
[2011.10.22 23:36:26 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.22 20:27:51 | 000,001,227 | ---- | M] () -- C:\Users\Drahnier016\Desktop\TeamSpeak 3 Client.lnk
[2011.10.22 06:01:41 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.21 23:21:14 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\VLC Player.lnk
[2011.10.21 21:37:54 | 000,001,076 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Prism.lnk
[2011.10.21 07:14:11 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.10.21 07:14:11 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.10.21 07:09:40 | 000,022,960 | ---- | M] () -- C:\Windows\SysNative\emptyregdb.dat
[2011.10.21 06:25:00 | 000,002,544 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.10.21 06:24:57 | 000,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.10.21 05:37:06 | 000,001,617 | ---- | M] () -- C:\Users\Drahnier016\Desktop\DivX Movies.lnk
[2011.10.20 22:38:19 | 083,538,448 | ---- | M] () -- C:\Users\Drahnier016\Documents\avira_free_antivirus_de1200855.exe
[2011.10.20 21:46:55 | 000,000,178 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Fallout New Vegas.url
[2011.10.20 21:42:30 | 000,000,201 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Forsaken World .url
[2011.10.20 20:48:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.10.20 15:54:21 | 000,001,174 | ---- | M] () -- C:\Users\Drahnier016\Documents\DivX Converter.lnk
[2011.10.19 15:22:34 | 023,801,112 | ---- | M] (DivX, Inc.) -- C:\Users\Drahnier016\Documents\DivXInstaller0310.exe
[2011.10.18 06:56:45 | 000,000,994 | ---- | M] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2011.10.18 06:56:45 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.18 02:30:58 | 000,001,478 | ---- | M] () -- C:\Users\Drahnier016\Desktop\JDownloader.lnk
[2011.10.17 17:33:33 | 000,005,719 | ---- | M] () -- C:\Users\Drahnier016\Desktop\League of Legends.lnk
[2011.10.16 23:13:20 | 000,001,805 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Virtual Clone.lnk
[2011.10.16 22:54:57 | 000,001,137 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Mall Tycoon 3.lnk
[2011.10.16 19:47:51 | 000,000,022 | ---- | M] () -- C:\Windows\tpcsd
[2011.10.15 23:24:37 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\BitComet.lnk
[2011.10.15 14:03:10 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.10.15 03:53:06 | 000,001,400 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Kingsoft Writer.lnk
[2011.10.15 03:53:06 | 000,001,400 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Kingsoft Presentation.lnk
[2011.10.15 03:53:06 | 000,001,379 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Kingsoft Spreadsheets.lnk
[2011.10.15 02:50:55 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2011.10.14 21:16:05 | 000,001,345 | ---- | M] () -- C:\Users\Drahnier016\Desktop\Media Center.lnk
[2011.10.14 15:41:10 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.10.11 15:00:01 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.10.11 15:00:01 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.10.03 05:06:16 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.10.03 05:06:15 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.10.03 05:06:14 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.10.03 05:06:03 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011.10.24 02:57:28 | 000,000,386 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Verbindung.lnk
[2011.10.24 00:53:24 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\War Rock.lnk
[2011.10.24 00:31:21 | 000,001,156 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.10.24 00:31:21 | 000,001,122 | ---- | C] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2011.10.23 02:57:11 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011.10.23 02:41:44 | 000,007,597 | ---- | C] () -- C:\Users\Drahnier016\AppData\Local\Resmon.ResmonCfg
[2011.10.22 23:36:26 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.10.22 20:27:51 | 000,001,227 | ---- | C] () -- C:\Users\Drahnier016\Desktop\TeamSpeak 3 Client.lnk
[2011.10.21 23:21:14 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\VLC Player.lnk
[2011.10.21 21:59:17 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\NCMedia2.dll
[2011.10.21 21:43:52 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\PropertyGrid.ocx
[2011.10.21 21:43:52 | 000,208,500 | ---- | C] () -- C:\Windows\SysWow64\ReyXpBasics.tlb
[2011.10.21 21:43:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ControlSubX.ocx
[2011.10.21 21:37:54 | 000,001,122 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
[2011.10.21 21:37:54 | 000,001,076 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Prism.lnk
[2011.10.21 08:29:40 | 000,001,401 | ---- | C] () -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.10.21 08:29:35 | 000,001,435 | ---- | C] () -- C:\Users\Drahnier016\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.10.21 07:15:08 | 2146,836,479 | -HS- | C] () -- C:\hiberfil.sys
[2011.10.21 07:09:40 | 000,022,960 | ---- | C] () -- C:\Windows\SysNative\emptyregdb.dat
[2011.10.21 06:57:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.10.21 06:57:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2011.10.21 06:24:55 | 000,002,544 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.10.21 06:24:55 | 000,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.10.21 04:37:54 | 000,758,018 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.10.21 04:37:54 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.10.20 22:38:56 | 000,002,062 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.10.20 22:29:20 | 083,538,448 | ---- | C] () -- C:\Users\Drahnier016\Documents\avira_free_antivirus_de1200855.exe
[2011.10.20 21:42:30 | 000,000,201 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Forsaken World .url
[2011.10.20 20:48:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2011.10.20 15:54:21 | 000,001,174 | ---- | C] () -- C:\Users\Drahnier016\Documents\DivX Converter.lnk
[2011.10.19 09:08:14 | 000,001,617 | ---- | C] () -- C:\Users\Drahnier016\Desktop\DivX Movies.lnk
[2011.10.19 09:06:22 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.19 09:06:21 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.18 02:30:58 | 000,001,478 | ---- | C] () -- C:\Users\Drahnier016\Desktop\JDownloader.lnk
[2011.10.17 21:46:37 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011.10.17 21:45:06 | 000,000,994 | ---- | C] () -- C:\Users\Public\Desktop\Rappelz.lnk
[2011.10.17 17:33:33 | 000,005,719 | ---- | C] () -- C:\Users\Drahnier016\Desktop\League of Legends.lnk
[2011.10.16 23:13:20 | 000,001,805 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Virtual Clone.lnk
[2011.10.16 19:47:51 | 000,000,022 | ---- | C] () -- C:\Windows\tpcsd
[2011.10.16 18:22:55 | 001,702,136 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Tropico3.exe
[2011.10.16 06:07:19 | 000,001,137 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Mall Tycoon 3.lnk
[2011.10.15 23:24:37 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\BitComet.lnk
[2011.10.15 22:53:19 | 000,001,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
[2011.10.15 22:53:18 | 000,001,941 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
[2011.10.15 22:53:18 | 000,001,920 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
[2011.10.15 03:56:50 | 000,551,424 | ---- | C] () -- C:\Windows\TheMatrix.scr
[2011.10.15 03:53:08 | 000,000,386 | ---- | C] () -- C:\Windows\tasks\WpsUpdateTask_Drahnier016.job
[2011.10.15 03:53:06 | 000,001,400 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Kingsoft Writer.lnk
[2011.10.15 03:53:06 | 000,001,400 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Kingsoft Presentation.lnk
[2011.10.15 03:53:06 | 000,001,379 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Kingsoft Spreadsheets.lnk
[2011.10.15 02:50:55 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\WinRAR.lnk
[2011.10.14 21:16:05 | 000,001,345 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Media Center.lnk
[2011.10.14 16:39:13 | 000,000,178 | ---- | C] () -- C:\Users\Drahnier016\Desktop\Fallout New Vegas.url
[2011.10.14 15:46:57 | 000,007,383 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2011.10.14 15:43:24 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.14 15:41:10 | 000,001,837 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.10.14 15:41:10 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.08.03 03:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[color=#E56717]========== Custom Scans ==========[/color]


[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2011.10.21 07:43:40 | 000,000,000 | -H-D | M] -- C:\$INPLACE.~TR
[2010.11.21 04:51:03 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.10.21 07:11:06 | 000,000,000 | -H-D | M] -- C:\$WINDOWS.~Q
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.14 15:27:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.16 22:50:22 | 000,000,000 | ---D | M] -- C:\Downloads
[2011.10.14 15:46:12 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.23 02:57:09 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.24 06:19:34 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.24 15:29:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.14 15:27:32 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.21 08:29:09 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.24 15:30:57 | 000,000,000 | ---D | M] -- C:\Steam
[2011.10.24 15:46:08 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.21 07:06:42 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.21 14:13:46 | 000,000,000 | ---D | M] -- C:\WebCD
[2011.10.24 15:31:41 | 000,000,000 | ---D | M] -- C:\Windows
[2011.10.23 21:54:01 | 000,000,000 | ---D | M] -- C:\_OTL

[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]

[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]


[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

< End of report >
Seitenanfang Seitenende
24.10.2011, 18:53
...neu hier

Beiträge: 8
#7 OTL Extras logfile created on: 24.10.2011 15:45:07 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Drahnier016\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

8.00 Gb Total Physical Memory | 6.25 Gb Available Physical Memory | 78.09% Memory free
16.00 Gb Paging File | 14.06 Gb Available in Paging File | 87.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.66 Gb Total Space | 303.81 Gb Free Space | 65.24% Space Free | Partition Type: NTFS

Computer Name: DRAHNIER016-PC | User Name: Drahnier016 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]


[color=#E56717]========== File Associations ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[color=#E56717]========== Shell Spawning ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[color=#E56717]========== Firewall Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[color=#E56717]========== Authorized Applications List ==========[/color]


[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{64555D45-1F57-BF1D-1A5E-BFD4C8C0ADB4}" = ATI Catalyst Install Manager
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.23.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"WinRAR archiver" = WinRAR 4.01 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{23FBECC1-FA31-472A-83FB-27520B81EC3A}_is1" = TheMatrix Screen Saver version 1.14
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java(TM) 6 Update 29
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90877318-0BD0-4BDE-BFC0-C4BB12DAC86A}_is1" = Rappelz
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BitComet" = BitComet 1.29
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"Freez FLV to AVI/MPEG/WMV Converter v1.6_is1" = Freez FLV to AVI/MPEG/WMV Converter
"GamersFirst LIVE!" = GamersFirst LIVE!
"GamersFirst War Rock" = War Rock
"Hunted The Demons Forge_is1" = Hunted The Demons Forge
"Kingsoft Office" = Kingsoft Office 2012 (8.1.0.2942)
"Mall Tycoon 3" = Mall Tycoon 3
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 11.51.1087" = Opera 11.51
"Opera 11.52.1100" = Opera 11.52
"Prism" = Prism Videodatei-Konverter
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior
"Steam App 22380" = Fallout: New Vegas
"Steam App 36620" = Forsaken World
"Tropico3" = Tropico 3 1.00
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.11

[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 23.10.2011 07:11:04 | Computer Name = Drahnier016-PC | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2011 14:21:17 | Computer Name = Drahnier016-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Drahnier016\Desktop\SoftonicDownloader_fuer_ip-changer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 23.10.2011 14:22:17 | Computer Name = Drahnier016-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Drahnier016\Desktop\SoftonicDownloader_fuer_ip-changer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 23.10.2011 14:22:19 | Computer Name = Drahnier016-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Drahnier016\Desktop\SoftonicDownloader_fuer_ip-changer.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 23.10.2011 14:23:27 | Computer Name = Drahnier016-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IPInfoGrab.exe, Version: 1.0.2.1,
Zeitstempel: 0x3b675a9f Name des fehlerhaften Moduls: IPInfoGrab.exe, Version: 1.0.2.1,
Zeitstempel: 0x3b675a9f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00001d20 ID des fehlerhaften
Prozesses: 0x2f4 Startzeit der fehlerhaften Anwendung: 0x01cc91b0d9150cef Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Plustech Inc\IP Changer 2.0\IPInfoGrab.exe
Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Plustech Inc\IP Changer 2.0\IPInfoGrab.exe
Berichtskennung:
194a57a7-fda4-11e0-bed4-6c626dd9c7e3

Error - 23.10.2011 15:51:59 | Computer Name = Drahnier016-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.31.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 69c Startzeit:
01cc91bd2bade954 Endzeit: 8 Anwendungspfad: C:\Users\Drahnier016\Desktop\OTL.exe Berichts-ID:
7682a0af-fdb0-11e0-bed4-6c626dd9c7e3

Error - 23.10.2011 15:56:47 | Computer Name = Drahnier016-PC | Source = WinMgmt | ID = 10
Description =

Error - 23.10.2011 19:11:48 | Computer Name = Drahnier016-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error - 23.10.2011 23:41:55 | Computer Name = Drahnier016-PC | Source = WinMgmt | ID = 10
Description =

Error - 24.10.2011 09:30:55 | Computer Name = Drahnier016-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 23.10.2011 08:47:58 | Computer Name = Drahnier016-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error - 23.10.2011 15:14:32 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.

Error - 23.10.2011 15:15:02 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056

Error - 23.10.2011 15:15:29 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.

Error - 23.10.2011 15:15:59 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056

Error - 23.10.2011 15:16:53 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
3 Mal passiert.

Error - 23.10.2011 15:36:33 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
4 Mal passiert.

Error - 23.10.2011 15:54:01 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.

Error - 23.10.2011 23:43:05 | Computer Name = Drahnier016-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error - 24.10.2011 00:48:15 | Computer Name = Drahnier016-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Windows Internet Explorer 9 für Windows 7 für
x64-basierte Systeme


< End of report >



Und Jetzt?
Seitenanfang Seitenende
24.10.2011, 20:47
Moderator

Beiträge: 5694
#8 Schritt 1

Fixen mit OTL

• Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die Textbox.

Code

:OTL
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll File not found
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
:Commands
[purity]
[emptytemp]
• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Schritt 2

Entfernung von Searchqu aus dem Internet Explorer:

1. Öffnen Sie den IE, gehen Sie auf Extras – Add-Ons verwalten.
2. Wählen Sie Symbolleisten und Erweiterungen, deinstallieren Sie alles, was mit Searchqu in Verbindung steht, aus der Liste: Searchqu Toolbar, UrlHelper Class etc.
3. Wählen Sie Suchanbieter – google und machen Sie diese zu Ihrem Standard-Suchanbieter, wählen Sie Web Suche, klicken Sie auf Vorschläge deaktivieren.
4. Gehen Sie auf Extras – Internetoptionen, wählen Sie den Kartereiter Allgemein und klicken Sie auf Standardseite oder geben Sie Ihre eigene Webseite, google.com oder eine andere, statt searchqu.com, ein. Klicken Sie dann auf OK, um die Änderungen zu speichern.

Entfernung von Searchqu aus Mozilla Firefox:

1. Öffnen Sie Mozilla Firefox, gehen Sie auf Extras – Add-Ons.

2. Wählen Sie Erweiterungen – Searchqu Toolbar und klicken Sie auf Deinstallieren.
3. Gehen Sie auf Extras – Optionen, setzen Sie die Startseite zurück oder ändern Sie sie auf google.com, indem Sie Searchqu ersetzen, im Karteireiter Allgemein.
Seitenanfang Seitenende
25.10.2011, 02:04
...neu hier

Beiträge: 8
#9 Gut habe jetzt alle Schritte bis auf Firefox... da ich das Programm Firefox bereits deinstal. habe ist das weiter schlimm? Wenn nicht würde ich noch gerne wissen ob damit der virus entfernt ist.
In diesem Fall bedanke ich mich sehr herzlich bei Ihnen.

o und hir noch das OTL Textdok.:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Drahnier016
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 170062 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 6651822 bytes
->Flash cache emptied: 470 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 280 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 7.00 mb


OTL by OldTimer - Version 3.2.31.0 log created on 10252011_014944

Files\Folders moved on Reboot...
C:\Users\Drahnier016\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Seitenanfang Seitenende
25.10.2011, 02:14
...neu hier

Beiträge: 8
#10 Etwas beunruhigt mich bislang immer noch.
Wenn ich in den taskmanager gehe finde ich in den Prozessen 3 davon die wie ich glaube noch zu searchtq... gehören und wenn ich versuche diese prozesse bzw die Prozessstruktur zu beenden tun sie das auch , gehen aber nach n paar sec. wieder auf.
Die Prozesse lauten wie folgt:
SearchFilterHost.exe
SerchIndexer.exe
und
SerchProtocolHost.exe

Sind diese Prozesse mit dem Virus verbunden oder kann ich diese getrost ignorieren?

Mit freundlichen Grüßen
Drahnier016
Seitenanfang Seitenende
25.10.2011, 10:25
Member
Avatar Xeper

Beiträge: 5291
#11

Zitat

Die Prozesse lauten wie folgt:
SearchFilterHost.exe
SerchIndexer.exe
und
SerchProtocolHost.exe
Zu Windows gehören die jedenfalls nicht, wird schon irgendwas damit zu tuen haben.
__________
E-Mail: therion at ninth-art dot de
IRC: megatherion @ Freenode
Seitenanfang Seitenende
25.10.2011, 15:15
Moderator
Avatar hevtig

Beiträge: 2312
#12 Ich meine, die Dateien gehören zu der Windwos Desktop Suche...
Natürlich nur, wenn die richtig geschrieben sind.... ;)
__________
Woher soll ich wissen was ich denke, bevor ich höre was ich sage??
Sag NEIN zu HD+/CI+ - boykottiert die Etablierung von HD+/CI+!
Seitenanfang Seitenende
25.10.2011, 16:20
Member
Avatar Xeper

Beiträge: 5291
#13

Zitat

HeVTiG postete
Ich meine, die Dateien gehören zu der Windwos Desktop Suche...
Natürlich nur, wenn die richtig geschrieben sind.... ;)
Hmm okay, noch nie gesehen - aber dann liege ich wohl falsch.
__________
E-Mail: therion at ninth-art dot de
IRC: megatherion @ Freenode
Seitenanfang Seitenende
25.10.2011, 17:07
...neu hier

Beiträge: 8
#14 Die Prozesse sind richtig geschrieben.
Würde gerne wissen was Swisstreasure dazu sagt.
Seitenanfang Seitenende
25.10.2011, 20:38
Moderator

Beiträge: 5694
#15 Diese sind exakt so geschrieben?

Zitat

SerchIndexer.exe
SerchProtocolHost.exe
Und wie sieht es aus mit der Startseite?
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren: