Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Google Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.01.2011, 15:09   #1
Sebastian19
 
Google Virus - Standard

Google Virus



Ja Hallo, Ich habe folgendes Problem: wenn ich google gehe und nach etwas suche ist noch alles normal, ich bekomme meine ergebnisse und sobald ich auf etwas drauf drücke ladet mein PC ca. 15 sekunden, und dann komme ich auf irgendeine seite, und danach kommt: "Diese Website könnte ihren PC beschädigen!"..... aber wenn ich jetzt den link kopiere und oben in der adress-zeile eingebe komme ich dort hin ich denke das ist Adware aber meine ganzen Antiviren Programme finden nichts mehr
Hier meine Programme:

•Avast 0 Viren
•Maleware´s AntiMaleware 1 Virus (den Virus werde ich nicht los(SearchSettings.exe))
•Advanced SystemCare Pro(ist so wieso mist also findet das eh nichts -,-)

Bitte Um Hilfe

Mfg Sebastian

Alt 20.01.2011, 15:33   #2
markusg
/// Malware-holic
 
Google Virus - Standard

Google Virus



Systemscan mit OTL
download otl:
http://filepony.de/download-otl/

Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
4. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
5. Klicke "Scan"
6. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
beide posten.
__________________

__________________

Alt 20.01.2011, 16:50   #3
Sebastian19
 
Google Virus - Standard

Google Virus



ahhh das ist viel zu lang(der Text der Dateien) was soll ich da machen?

Edit: Sorry hab was vergessen um zustellen
__________________

Alt 20.01.2011, 17:02   #4
markusg
/// Malware-holic
 
Google Virus - Standard

Google Virus



na wie wäre es mit aufteilen, oder als dateien anhängen?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.01.2011, 17:17   #5
Sebastian19
 
Google Virus - Standard

Google Virus



Extras.Txt:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 20.01.2011 16:51:59 - Run 1
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\andrea\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
768,00 Mb Total Physical Memory | 131,00 Mb Available Physical Memory | 17,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 40,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 216,33 Gb Free Space | 72,60% Space Free | Partition Type: NTFS
 
Computer Name: ANDREA-PC | User Name: andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1" = Manic Digger
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{37491A3D-B2A6-402D-898E-5C4EF3984C29}" = Adobe Flash Media Live Encoder 3.1
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{4552377D-5CCC-4104-987E-1998AB20C21A}" = XSplit
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B8BA496-E201-4246-9A8B-687B49145F53}" = IObit Toolbar v4.1
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB122CF9-6B45-4CE1-A337-A49F2C6E311F}" = N.E.O.Online
"{CC084EC0-5F74-4A17-8635-3ED61D501643}_is1" = Flyff
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files 
"{D639D7B1-6A00-4B47-BB62-3A9AEB4B1928}" = KarosOnline_ijji
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AutoItv3" = AutoIt v3.3.6.1
"avast5" = avast! Free Antivirus
"CamStudio" = CamStudio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"CyberGhost VPN_is1" = CyberGhost VPN
"Dyyno Broadcaster" = Dyyno Broadcaster
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.10
"Game Booster_is1" = Game Booster
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MTA:SA" = MTA:SA v1.0.4
"Neffy" = Neffy 1,3,29,0
"Picasa 3" = Picasa 3
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"Steam App 15130" = Beyond Good & Evil
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 2630" = Call of Duty 2
"Steam App 4850" = Cossacks: Back to War
"Steam App 630" = Alien Swarm
"Steam App 8850" = BioShock 2
"Synthesia" = Synthesia (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"V.M.C." = V.M.C. 2.20
"VH Screen Capture Driver_is1" = VH Screen Capture Driver 1.5.0
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 17.01.2011 14:30:17 | Computer Name = andrea-PC | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
 IVssWriterCallback interface.  hr = 0x80070005, Access is denied.  .  This is often
 caused by incorrect security settings in either the writer or requestor process.


Operation:

   Gathering Writer Data  Context:    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer    Writer Instance ID: {b40797b9-d393-4174-ac49-9822706ab6ee}
 
Error - 17.01.2011 15:41:12 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
 0x4d27c1b0  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x00074b0e  Faulting process id: 0x1100  Faulting application
 start time: 0x01cbb67e40432d59  Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
 module path: unknown  Report Id: bcf0a039-2271-11e0-b48d-001921eb64f2
 
Error - 18.01.2011 07:08:05 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
 0x4d27c1b0  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x0007191b  Faulting process id: 0x132c  Faulting application
 start time: 0x01cbb6f67421b030  Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
 module path: unknown  Report Id: 38b45ac0-22f3-11e0-8367-001921eb64f2
 
Error - 18.01.2011 07:50:48 | Computer Name = andrea-PC | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
 IVssWriterCallback interface.  hr = 0x80070005, Access is denied.  .  This is often
 caused by incorrect security settings in either the writer or requestor process.


Operation:

   Gathering Writer Data  Context:    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer    Writer Instance ID: {d05c23db-0bcb-4f88-876d-bf5e42ffda45}
 
Error - 18.01.2011 12:25:31 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
 0x4d27c1b0  Faulting module name: chrome.dll, version: 8.0.552.237, time stamp: 0x4d27c173
Exception
 code: 0x80000003  Fault offset: 0x000d069a  Faulting process id: 0x8f8  Faulting application
 start time: 0x01cbb72a0e47efc0  Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
 module path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\8.0.552.237\chrome.dll
Report
 Id: 90dade00-231f-11e0-8367-001921eb64f2
 
Error - 18.01.2011 16:19:58 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
 0x4d27c1b0  Faulting module name: chrome.dll, version: 8.0.552.237, time stamp: 0x4d27c173
Exception
 code: 0xc0000005  Fault offset: 0x00016731  Faulting process id: 0x1a8  Faulting application
 start time: 0x01cbb7455a5a4960  Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
 module path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\8.0.552.237\chrome.dll
Report
 Id: 51411630-2340-11e0-9946-001921eb64f2
 
Error - 18.01.2011 19:16:14 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common 
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
 Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3.  The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 of attribute "version" in element "assemblyIdentity" is invalid.
 
Error - 18.01.2011 19:16:51 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Z8Games\crossfire\Aegis64.exe".
Dependent
 Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 18.01.2011 19:18:15 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Microsoft
 Visual Studio 10.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe".  Dependent Assembly
 Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
 could not be found.  Please use sxstrace.exe for detailed diagnosis.
 
Error - 19.01.2011 09:49:16 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
 0x4d27c1b0  Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
 code: 0xc0000005  Fault offset: 0x00174b0e  Faulting process id: 0x778  Faulting application
 start time: 0x01cbb7d79164e7c0  Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
 module path: unknown  Report Id: e7c5320c-23d2-11e0-8800-001921eb64f2
 
[ System Events ]
Error - 18.01.2011 17:37:55 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 18.01.2011 17:38:00 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 18.01.2011 17:41:39 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
 the following error:   %%2
 
Error - 19.01.2011 08:37:03 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 19.01.2011 08:37:09 | Computer Name = andrea-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 13:35:05 on ?19.?01.?2011 was unexpected.
 
Error - 19.01.2011 08:37:06 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 19.01.2011 08:40:29 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
 the following error:   %%2
 
Error - 19.01.2011 10:08:31 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 19.01.2011 10:18:48 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
 
Error - 19.01.2011 10:22:26 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
 the following error:   %%2
 
 
< End of report >
         
--- --- ---

OLT.txtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 20.01.2011 16:51:59 - Run 1
OTL by OldTimer - Version 3.2.20.2     Folder = C:\Users\andrea\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
768,00 Mb Total Physical Memory | 131,00 Mb Available Physical Memory | 17,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 40,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 216,33 Gb Free Space | 72,60% Space Free | Partition Type: NTFS
 
Computer Name: ANDREA-PC | User Name: andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\andrea\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe ()
PRC - C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\andrea\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (gusvc) --  File not found
SRV - (gupdate) Google Update Service (gupdate) --  File not found
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dyyno Launcher) -- C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe ()
SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (VCAM_WDM03) -- C:\Windows\System32\drivers\VCAM_WDM03.sys (e2eSoft)
DRV - (VCAM_WDM02) -- C:\Windows\System32\drivers\VCAM_WDM02.sys (e2eSoft)
DRV - (VCam_WDM01) -- C:\Windows\System32\drivers\VCam_WDM01.sys (e2eSoft)
DRV - (VCam_WDM) -- C:\Windows\System32\drivers\VCam_WDM.sys (e2eSoft)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (xnacc) -- C:\Windows\System32\drivers\xnacc.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (tandpl) -- C:\Windows\System32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\Windows\System32\drivers\enodpl.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2851647
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 19 3B 43 3D A4 CB 01  [binary data]
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q="
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.25 15:55:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.28 05:11:57 | 000,000,000 | ---D | M]
 
[2010.12.25 15:22:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrea\AppData\Roaming\mozilla\Extensions
[2011.01.20 16:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions
[2011.01.16 11:59:39 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010.12.25 17:24:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.25 16:59:46 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.01.16 11:59:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.01.16 13:00:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010.12.25 16:59:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\engine@conduit.com
[2010.12.25 16:59:46 | 000,000,931 | ---- | M] () -- C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\0dlze9cv.default\searchplugins\conduit.xml
[2010.12.28 05:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.12.28 05:12:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.12.25 20:32:21 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2010.12.25 20:32:22 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2010.12.28 05:11:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.28 01:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.01.04 19:08:26 | 000,000,857 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1				activate.adobe.com
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -  File not found
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -  File not found
O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -  File not found
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  File not found
O3 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [Google Quick Search Box]  File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [Dyyno Launcher] C:\Program Files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe ()
O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts)
O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.01.20 16:23:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dyyno Broadcaster
[2011.01.20 15:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2011.01.18 16:44:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011.01.18 12:48:10 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft
[2011.01.17 23:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 3
[2011.01.17 23:16:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\IObit
[2011.01.17 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PunkBuster
[2011.01.17 19:50:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Activision
[2011.01.17 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Malwarebytes
[2011.01.17 15:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.01.17 15:14:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.01.17 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.01.17 15:14:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.01.17 15:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.01.16 10:48:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Cross Fire
[2011.01.16 10:47:57 | 000,000,000 | ---D | C] -- C:\CFLog
[2011.01.16 10:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
[2011.01.16 10:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games
[2011.01.16 10:02:44 | 506,802,211 | ---- | C] (Z8Games.com                                                 ) -- C:\Users\andrea\Desktop\CrossFire_Setup_v1056_xfire.exe
[2011.01.16 09:35:11 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2011.01.16 09:35:10 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2011.01.16 09:35:10 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2011.01.16 09:35:10 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2011.01.16 09:35:10 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2011.01.16 09:35:10 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2011.01.16 09:35:10 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2011.01.16 09:35:10 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll
[2011.01.16 09:35:10 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll
[2011.01.16 09:35:09 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2011.01.16 09:35:09 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd
[2011.01.15 18:14:14 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe
[2011.01.15 18:14:13 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1914.dll
[2011.01.15 18:14:13 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll
[2011.01.15 18:14:11 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2011.01.15 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2011.01.15 15:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2011.01.14 22:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
[2011.01.14 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\AutoIt3
[2011.01.14 13:04:35 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011.01.14 13:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
[2011.01.14 13:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Activision
[2011.01.14 12:16:21 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\COD2
[2011.01.13 21:35:11 | 000,000,000 | ---D | C] -- C:\PacSteamT
[2011.01.13 21:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PacSteamT
[2011.01.13 21:07:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thraex Software
[2011.01.13 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.01.13 19:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam
[2011.01.13 19:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.01.13 19:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2011.01.13 12:14:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\E0000FA15A9056FC
[2011.01.13 12:14:58 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\E0000A365ABA5443
[2011.01.12 20:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2011.01.12 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\My Games
[2011.01.12 00:43:13 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
[2011.01.12 00:43:04 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.01.12 00:43:03 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.01.12 00:43:01 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.01.12 00:43:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.01.12 00:43:00 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011.01.12 00:43:00 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.01.12 00:42:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2011.01.12 00:42:58 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.01.12 00:42:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.01.12 00:42:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.01.12 00:42:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.01.12 00:42:55 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2011.01.12 00:42:55 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2011.01.12 00:42:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.01.12 00:42:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.01.11 13:43:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Synthesia
[2011.01.11 13:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia
[2011.01.11 13:43:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Synthesia Music
[2011.01.11 13:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Synthesia
[2011.01.10 20:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2011.01.10 20:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2011.01.10 13:39:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\ManicDiggerLogs
[2011.01.10 13:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manic Digger
[2011.01.10 13:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Manic Digger
[2011.01.09 17:49:31 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\INVedit
[2011.01.09 17:02:45 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Nes
[2011.01.08 15:04:41 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\skypePM
[2011.01.08 14:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.01.08 14:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2011.01.08 14:53:10 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.01.08 14:53:09 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Skype
[2011.01.07 23:05:53 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Hive Cluster
[2011.01.07 23:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Super Meat Boy
[2011.01.07 23:01:39 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Meat Boy
[2011.01.06 21:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis
[2011.01.06 20:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D
[2011.01.06 20:01:11 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys
[2011.01.06 20:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
[2011.01.06 18:49:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\WB Games
[2011.01.06 18:47:18 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\My ISO Files
[2011.01.05 19:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gpotato
[2011.01.05 19:41:58 | 926,086,584 | ---- | C] (Gala-Net                                                    ) -- C:\Users\andrea\Desktop\Flyff_US_20101130.exe
[2011.01.05 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PMB Files
[2011.01.05 19:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011.01.05 19:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks
[2011.01.05 17:59:18 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\MTA San Andreas
[2011.01.05 17:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas
[2011.01.05 17:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\MTA San Andreas
[2011.01.05 17:21:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Samp server
[2011.01.04 22:33:21 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.01.04 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor
[2011.01.04 20:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor
[2011.01.04 20:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Memory Editor
[2011.01.04 19:09:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Adobe
[2011.01.04 19:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2011.01.04 19:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2011.01.04 18:56:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Adobe CS4
[2011.01.04 15:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.6.1
[2011.01.04 15:56:57 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2011.01.04 15:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2011.01.03 21:48:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\GameTuts
[2011.01.03 21:20:05 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\GameTuts
[2011.01.03 21:19:29 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Modio
[2011.01.02 17:37:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\.minecraft
[2011.01.02 17:36:31 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Minecraft
[2011.01.02 07:37:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2011.01.02 07:36:32 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2011.01.02 07:36:32 | 001,723,536 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2011.01.02 07:36:32 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2011.01.02 07:36:32 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2011.01.02 07:36:32 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2011.01.02 07:36:32 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2011.01.02 07:36:31 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2011.01.02 07:36:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2011.01.02 07:36:29 | 003,317,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2011.01.02 07:36:29 | 001,976,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2011.01.02 07:36:29 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2011.01.02 07:36:29 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2011.01.02 07:36:29 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2011.01.02 07:36:28 | 003,790,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2011.01.02 07:36:28 | 000,469,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2011.01.02 07:36:27 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2011.01.02 07:36:27 | 001,705,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2011.01.02 07:36:27 | 001,439,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2011.01.02 07:36:27 | 000,553,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2011.01.02 07:36:27 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2011.01.02 07:36:27 | 000,341,848 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2011.01.02 07:36:27 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2011.01.02 07:36:27 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2011.01.02 07:36:27 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2011.01.02 07:36:27 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2011.01.02 07:36:27 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2011.01.02 07:36:27 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2011.01.02 07:36:27 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2011.01.02 07:36:27 | 000,096,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2011.01.02 07:36:27 | 000,081,240 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2011.01.02 07:36:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2011.01.02 07:36:27 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2011.01.02 07:36:27 | 000,061,784 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2011.01.02 07:36:25 | 001,558,944 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2011.01.02 07:36:25 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2011.01.02 07:36:25 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2011.01.02 07:36:25 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2011.01.02 07:36:25 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2011.01.02 07:36:25 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2011.01.02 07:36:25 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2011.01.02 07:36:25 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2011.01.02 07:36:25 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2011.01.02 07:36:25 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2011.01.02 07:36:25 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2011.01.02 07:36:25 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2011.01.02 07:36:25 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2011.01.02 07:36:24 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2011.01.02 07:36:24 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2011.01.02 07:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.01.02 07:36:16 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2011.01.02 07:36:16 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2011.01.02 06:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2011.01.02 06:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\SplitMediaLabs
[2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Mail Compressor
[2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voice Mail Compressor
[2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Voice Mail Compressor
[2011.01.02 01:41:24 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Dyyno
[2011.01.02 01:35:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Dyyno
[2011.01.02 01:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Dyyno
[2011.01.02 00:35:37 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM03.sys
[2011.01.02 00:35:37 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM.sys
[2011.01.02 00:35:36 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM02.sys
[2011.01.02 00:35:36 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM01.sys
[2011.01.02 00:04:53 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Soft32 Downloads
[2011.01.01 23:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\VHLabs
[2011.01.01 23:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hmelyoff Labs
[2011.01.01 23:52:42 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\GetRightToGo
[2011.01.01 23:52:42 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Downloads
[2011.01.01 23:35:10 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\ManyCam
[2011.01.01 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam
[2011.01.01 06:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
[2011.01.01 06:08:15 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.01.01 06:01:27 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Moded und unmod GTASA
[2011.01.01 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\GTA mods
[2011.01.01 04:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player
[2011.01.01 04:10:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2011.01.01 04:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ
[2010.12.31 03:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[2010.12.31 03:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games
[2010.12.30 07:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Risk
[2010.12.29 07:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flyff
[2010.12.29 07:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\gPotato.eu
[2010.12.29 07:17:00 | 048,748,876 | ---- | C] (Gala Networks Europe Limited                                ) -- C:\Users\andrea\Flyff_Eu_DE_Setup_v16_Full.exe
[2010.12.29 07:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy
[2010.12.29 06:20:20 | 003,595,660 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des
[2010.12.29 06:19:47 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys
[2010.12.29 06:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010.12.29 05:07:09 | 000,000,000 | ---D | C] -- C:\ijji
[2010.12.29 02:10:03 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Portal2
[2010.12.29 00:29:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer
[2010.12.29 00:29:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2010.12.29 00:29:19 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2010.12.29 00:29:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2010.12.29 00:29:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2010.12.29 00:29:16 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2010.12.29 00:29:16 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2010.12.29 00:29:16 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2010.12.29 00:29:16 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2010.12.29 00:29:15 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.12.29 00:29:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.12.29 00:29:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.12.29 00:29:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.12.29 00:29:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2010.12.29 00:29:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.12.29 00:29:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2010.12.29 00:29:10 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2010.12.29 00:29:09 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.12.29 00:29:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.12.29 00:29:09 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2010.12.29 00:29:08 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.12.29 00:29:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.12.29 00:29:07 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.12.29 00:29:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.12.29 00:29:06 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.12.29 00:29:06 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.12.29 00:29:06 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.12.29 00:29:05 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.12.29 00:29:05 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.12.29 00:29:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.12.29 00:29:04 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2010.12.29 00:29:04 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2010.12.29 00:29:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010.12.29 00:29:03 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2010.12.29 00:29:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010.12.29 00:29:03 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2010.12.29 00:29:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.12.29 00:29:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2010.12.29 00:29:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.12.29 00:29:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.12.29 00:29:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2010.12.29 00:29:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2010.12.29 00:28:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2010.12.29 00:28:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2010.12.29 00:28:58 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2010.12.29 00:28:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2010.12.29 00:28:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2010.12.29 00:28:57 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2010.12.29 00:28:56 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2010.12.29 00:28:56 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2010.12.29 00:28:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2010.12.29 00:28:56 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2010.12.29 00:28:55 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2010.12.29 00:28:54 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2010.12.29 00:28:53 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2010.12.29 00:28:53 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2010.12.29 00:28:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2010.12.29 00:28:52 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2010.12.29 00:28:52 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2010.12.29 00:28:52 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2010.12.29 00:28:51 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll
[2010.12.29 00:28:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll
[2010.12.29 00:28:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2010.12.29 00:28:50 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010.12.29 00:28:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010.12.29 00:28:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010.12.29 00:28:49 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010.12.29 00:28:49 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010.12.29 00:28:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010.12.29 00:28:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010.12.29 00:28:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010.12.29 00:28:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010.12.29 00:28:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010.12.29 00:28:46 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.12.29 00:28:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010.12.29 00:28:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010.12.29 00:28:45 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010.12.29 00:28:45 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010.12.29 00:28:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010.12.29 00:28:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010.12.29 00:28:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010.12.29 00:28:43 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010.12.29 00:28:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010.12.29 00:28:40 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.12.29 00:28:39 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010.12.29 00:28:39 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010.12.29 00:28:38 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010.12.29 00:28:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.12.29 00:28:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010.12.29 00:28:33 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2010.12.29 00:25:19 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\PCSX2
[2010.12.29 00:25:03 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PCSX2
[2010.12.29 00:23:42 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2010.12.29 00:23:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2010.12.29 00:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\PCSX2 0.9.7
[2010.12.28 07:59:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\MeinSpore-Kreationen
[2010.12.28 07:58:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\SPORE
[2010.12.28 07:58:40 | 000,000,000 | RH-D | C] -- C:\Users\andrea\AppData\Roaming\SecuROM
[2010.12.28 07:47:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010.12.28 07:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2010.12.28 07:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.12.28 07:45:29 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Downloaded Installations
[2010.12.28 07:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2010.12.28 07:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2010.12.28 06:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.12.28 06:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2010.12.28 06:43:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.12.28 06:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2010.12.28 05:52:14 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
[2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2010.12.28 05:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.12.28 05:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.12.28 05:11:57 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.12.28 05:11:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.28 05:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.28 05:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.28 05:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010.12.27 23:03:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Publish Providers
[2010.12.27 22:59:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\WinRAR
[2010.12.27 22:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2010.12.27 22:59:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2010.12.27 22:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.12.27 22:44:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Vegas Movie Studio HD Platinum 10.0 Projekte
[2010.12.27 22:44:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Sony
[2010.12.27 21:24:35 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
[2010.12.27 21:24:19 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
[2010.12.27 21:23:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RsFx
[2010.12.27 21:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
[2010.12.27 21:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010.12.27 21:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
[2010.12.27 21:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010.12.27 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2010.12.27 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010.12.27 21:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions
[2010.12.27 21:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK
[2010.12.27 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.12.27 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ASP.NET
[2010.12.27 21:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010.12.27 21:11:19 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Visual Studio 2008
[2010.12.27 21:10:05 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Visual Studio 2010
[2010.12.27 21:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer
[2010.12.27 21:04:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033
[2010.12.27 21:04:26 | 000,000,000 | ---D | C] -- C:\Windows\symbols
[2010.12.27 21:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft F#
[2010.12.27 21:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop
[2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
[2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules
[2010.12.27 21:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0
[2010.12.27 20:58:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.12.27 19:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2010.12.27 19:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony
[2010.12.27 19:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2010.12.27 19:19:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Sony
[2010.12.27 15:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ijji
[2010.12.27 15:34:01 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe
[2010.12.27 15:34:01 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe
[2010.12.27 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\REACTOR
[2010.12.26 12:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010.12.26 11:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOMG
[2010.12.26 11:20:43 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2010.12.26 00:12:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\Searches
[2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2010.12.26 00:03:55 | 000,000,000 | -H-D | C] -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.12.26 00:03:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Identities
[2010.12.26 00:03:45 | 000,000,000 | R--D | C] -- C:\Users\andrea\Contacts
[2010.12.26 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\VirtualStore
[2010.12.26 00:03:35 | 000,000,000 | --SD | C] -- C:\Users\andrea\AppData\Roaming\Microsoft
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Videos
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Saved Games
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Pictures
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Music
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Links
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Favorites
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Downloads
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Documents
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Desktop
[2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\Temporary Internet Files
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Templates
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Start Menu
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\SendTo
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Recent
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\PrintHood
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\NetHood
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Videos
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Pictures
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Music
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\My Documents
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Local Settings
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\History
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Cookies
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Application Data
[2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\Application Data
[2010.12.26 00:03:35 | 000,000,000 | -H-D | C] -- C:\Users\andrea\AppData
[2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Temp
[2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Microsoft
[2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Media Center Programs
[2010.12.26 00:03:20 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.12.25 23:56:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.12.25 21:25:49 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\gerhard
[2010.12.25 20:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.12.25 20:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.12.25 20:34:35 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010.12.25 20:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2010.12.25 20:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010.12.25 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010.12.25 17:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio
[2010.12.25 17:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio
[2010.12.25 17:24:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.25 17:23:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\DVDVideoSoft
[2010.12.25 17:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2010.12.25 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.12.25 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.12.25 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ
[2010.12.25 17:17:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\VirtualDJ
[2010.12.25 17:12:37 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2010.12.25 17:12:34 | 000,000,000 | ---D | C] -- C:\Fraps
[2010.12.25 16:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2010.12.25 16:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine
[2010.12.25 16:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentBar_DE
[2010.12.25 16:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.12.25 16:59:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\uTorrent
[2010.12.25 15:37:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Adobe
[2010.12.25 15:37:25 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.12.25 15:37:25 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.12.25 15:37:25 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.12.25 15:35:33 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.12.25 15:33:07 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010.12.25 15:33:06 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.25 15:33:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.25 15:32:54 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010.12.25 15:32:51 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010.12.25 15:32:51 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010.12.25 15:32:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010.12.25 15:32:51 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2010.12.25 15:32:40 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.12.25 15:32:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.12.25 15:32:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.12.25 15:32:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.12.25 15:32:39 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.12.25 15:32:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.12.25 15:32:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.12.25 15:32:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.25 15:32:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.25 15:32:32 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.25 15:32:32 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.25 15:32:32 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.25 15:32:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.25 15:32:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.25 15:32:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.25 15:32:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.25 15:32:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.25 15:32:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.12.25 15:32:26 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.12.25 15:32:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.12.25 15:32:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.25 15:32:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2010.12.25 15:32:14 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010.12.25 15:31:35 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.25 15:26:51 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Diagnostics
[2010.12.25 15:21:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Mozilla
[2010.12.25 15:21:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Mozilla
[2010.12.25 15:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2010.12.25 15:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010.12.25 15:20:19 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.12.25 15:18:28 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Google
[2010.12.25 15:16:29 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2010.12.25 15:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2010.12.25 15:16:28 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2010.12.25 15:16:28 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2010.12.25 15:16:27 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2010.12.25 15:16:26 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2010.12.25 15:15:57 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.12.25 15:15:56 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2010.12.25 15:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.12.25 15:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.12.25 15:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.12.25 15:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010.12.25 15:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010.12.25 15:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.12.25 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2010.12.25 15:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2010.12.25 15:13:03 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.12.25 15:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2010.12.25 15:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
[2010.12.25 15:12:54 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Eigene Google Gadgets
[2010.12.25 15:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater
[2010.12.25 15:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater
[2010.12.25 15:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010.12.25 15:06:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Macromedia
[2010.12.25 15:06:58 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Adobe
[2010.12.25 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Google
[2010.12.25 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Deployment
[2010.12.25 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Apps
[2010.12.25 15:01:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.12.25 14:58:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.12.25 14:58:10 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.01.20 16:56:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.01.20 16:23:22 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.01.20 16:23:22 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.01.20 16:23:16 | 000,001,115 | ---- | M] () -- C:\Users\andrea\Desktop\Dyyno Broadcaster.lnk
[2011.01.20 16:11:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job
[2011.01.20 06:11:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job
[2011.01.19 16:22:46 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2011.01.19 15:27:31 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.01.19 15:27:31 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.01.19 15:18:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.01.19 15:08:36 | 603,627,520 | -HS- | M] () -- C:\hiberfil.sys
[2011.01.18 17:36:27 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.01.18 16:44:54 | 000,002,318 | ---- | M] () -- C:\Users\andrea\Desktop\Google Chrome.lnk
[2011.01.18 12:48:19 | 000,001,197 | ---- | M] () -- C:\Users\andrea\Desktop\DVDVideoSoft Free Studio.lnk
[2011.01.18 09:14:17 | 000,138,464 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.17 23:16:26 | 000,001,203 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2011.01.17 23:16:26 | 000,000,136 | ---- | M] () -- C:\Users\andrea\Desktop\IObit Freeware.url
[2011.01.17 23:16:25 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2011.01.17 15:14:28 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.16 10:28:29 | 000,001,094 | ---- | M] () -- C:\Users\andrea\Desktop\CrossFire.lnk
[2011.01.16 10:07:13 | 506,802,211 | ---- | M] (Z8Games.com                                                 ) -- C:\Users\andrea\Desktop\CrossFire_Setup_v1056_xfire.exe
[2011.01.15 12:57:52 | 000,082,436 | ---- | M] () -- C:\Users\andrea\Documents\Minecraft intro(project).aep
[2011.01.15 12:57:21 | 466,587,628 | ---- | M] () -- C:\Users\andrea\Documents\Minecraft intro.avi
[2011.01.15 12:35:02 | 000,037,427 | ---- | M] () -- C:\Users\andrea\Desktop\minecraft.jpg
[2011.01.14 23:52:42 | 000,000,326 | ---- | M] () -- C:\Users\andrea\SciTE.session
[2011.01.14 23:52:30 | 000,317,553 | ---- | M] () -- C:\Users\andrea\Desktop\CSS Spray bot.exe
[2011.01.14 23:52:28 | 000,001,112 | ---- | M] () -- C:\Users\andrea\Desktop\CSS Spray bot.au3
[2011.01.14 23:32:52 | 000,001,295 | ---- | M] () -- C:\Users\andrea\Desktop\FD - Shortcut.lnk
[2011.01.14 13:04:30 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
[2011.01.14 13:04:30 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
[2011.01.14 13:04:28 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini
[2011.01.13 19:58:33 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.01.13 19:35:53 | 000,079,872 | ---- | M] () -- C:\Users\andrea\AppData\Roaming\chrtmp
[2011.01.13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.01.13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.01.12 17:43:11 | 000,712,620 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.12 17:43:11 | 000,142,840 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.11 13:43:21 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Play Synthesia.lnk
[2011.01.08 15:04:54 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011.01.08 13:31:59 | 000,174,003 | ---- | M] () -- C:\Users\andrea\Documents\Intro.aep
[2011.01.08 13:15:39 | 000,074,243 | ---- | M] () -- C:\Users\andrea\Desktop\189.jpg
[2011.01.08 11:43:32 | 003,632,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.01.07 23:04:17 | 000,001,027 | ---- | M] () -- C:\Users\andrea\Desktop\Super Meat Boy.lnk
[2011.01.06 21:56:32 | 000,000,552 | ---- | M] () -- C:\Windows\eReg.dat
[2011.01.06 21:46:45 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.01.06 21:46:45 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.01.06 20:01:13 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk
[2011.01.05 19:51:40 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Flyff.lnk
[2011.01.05 19:51:39 | 000,000,842 | ---- | M] () -- C:\Users\andrea\Desktop\Flyff.lnk
[2011.01.05 19:45:09 | 926,086,584 | ---- | M] (Gala-Net                                                    ) -- C:\Users\andrea\Desktop\Flyff_US_20101130.exe
[2011.01.05 17:59:15 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas.lnk
[2011.01.04 20:28:50 | 000,001,047 | ---- | M] () -- C:\Users\andrea\Desktop\Quick Memory Editor.lnk
[2011.01.04 19:29:06 | 000,001,277 | ---- | M] () -- C:\Users\andrea\Desktop\Adobe After Effects CS4.lnk
[2011.01.04 18:52:42 | 000,014,584 | ---- | M] () -- C:\Users\andrea\Documents\TEST INTO.veg
[2011.01.04 15:56:59 | 000,000,953 | ---- | M] () -- C:\Users\andrea\Desktop\Cheat Engine.lnk
[2011.01.02 05:40:25 | 000,014,608 | ---- | M] () -- C:\Users\andrea\Documents\TEST INTO.veg.bak
[2011.01.02 05:17:59 | 000,002,712 | ---- | M] () -- C:\Users\andrea\Documents\Vegas Pro registrieren.htm
[2011.01.02 01:54:09 | 000,001,081 | ---- | M] () -- C:\Users\andrea\Desktop\Voice Mail Compressor.lnk
[2011.01.02 00:38:06 | 000,003,584 | ---- | M] () -- C:\Users\andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.01 23:01:10 | 000,001,126 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.1.lnk
[2011.01.01 23:01:10 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.1.lnk
[2011.01.01 06:08:15 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll
[2011.01.01 04:54:50 | 006,097,576 | ---- | M] () -- C:\Users\andrea\1280x1024.psd
[2011.01.01 04:10:13 | 000,000,997 | ---- | M] () -- C:\Users\andrea\Desktop\Virtual DJ Pro.lnk
[2010.12.31 03:20:28 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010.12.29 07:24:28 | 048,748,876 | ---- | M] (Gala Networks Europe Limited                                ) -- C:\Users\andrea\Flyff_Eu_DE_Setup_v16_Full.exe
[2010.12.29 05:07:09 | 000,000,150 | ---- | M] () -- C:\Users\Public\Desktop\Karos Online.url
[2010.12.28 07:46:59 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.12.28 07:46:09 | 000,001,220 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.12.28 05:46:06 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2010.12.28 05:11:41 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.28 05:11:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.28 05:11:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.28 05:11:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.12.27 19:25:35 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Movie Studio HD Platinum 10.0.lnk
[2010.12.27 15:34:31 | 000,000,171 | ---- | M] () -- C:\Users\Public\Desktop\ijji.url
[2010.12.27 15:34:30 | 000,001,875 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.12.27 15:34:30 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk
[2010.12.26 00:04:36 | 000,001,407 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.12.26 00:03:40 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2010.12.25 20:32:12 | 000,001,066 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010.12.25 20:32:12 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010.12.25 20:32:12 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010.12.25 17:42:18 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.12.25 17:23:52 | 000,001,356 | ---- | M] () -- C:\Users\andrea\Desktop\Free YouTube to MP3 Converter.lnk
[2010.12.25 17:12:37 | 000,000,562 | ---- | M] () -- C:\Users\andrea\Desktop\Fraps.lnk
[2010.12.25 16:59:41 | 000,000,937 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010.12.25 16:59:41 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.12.25 15:24:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.25 15:21:45 | 000,001,909 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.12.25 15:21:45 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.25 15:15:16 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.12.25 15:14:22 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.12.25 15:01:13 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.12.24 01:43:04 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM03.sys
[2010.12.24 01:43:00 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM02.sys
[2010.12.24 01:42:54 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM01.sys
[2010.12.24 01:42:50 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.01.20 16:23:15 | 000,001,115 | ---- | C] () -- C:\Users\andrea\Desktop\Dyyno Broadcaster.lnk
[2011.01.18 16:44:54 | 000,002,318 | ---- | C] () -- C:\Users\andrea\Desktop\Google Chrome.lnk
[2011.01.17 23:16:46 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2011.01.17 23:16:26 | 000,001,203 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk
[2011.01.17 23:16:26 | 000,000,136 | ---- | C] () -- C:\Users\andrea\Desktop\IObit Freeware.url
[2011.01.17 23:16:25 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2011.01.17 19:56:54 | 000,138,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.17 19:56:47 | 000,111,928 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2011.01.17 19:56:23 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2011.01.17 15:14:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.01.16 10:28:29 | 000,001,094 | ---- | C] () -- C:\Users\andrea\Desktop\CrossFire.lnk
[2011.01.15 18:14:14 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2011.01.15 15:15:44 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys
[2011.01.15 15:15:44 | 000,006,659 | ---- | C] () -- C:\Windows\System32\TANDPL.VXD
[2011.01.15 15:15:44 | 000,006,532 | ---- | C] () -- C:\Windows\System32\ENODPL.VXD
[2011.01.15 15:15:44 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys
[2011.01.15 12:57:49 | 000,082,436 | ---- | C] () -- C:\Users\andrea\Documents\Minecraft intro(project).aep
[2011.01.15 12:54:56 | 466,587,628 | ---- | C] () -- C:\Users\andrea\Documents\Minecraft intro.avi
[2011.01.15 12:35:10 | 000,037,427 | ---- | C] () -- C:\Users\andrea\Desktop\minecraft.jpg
[2011.01.15 00:01:11 | 000,001,283 | ---- | C] () -- C:\Settings.ini
[2011.01.14 23:32:52 | 000,001,295 | ---- | C] () -- C:\Users\andrea\Desktop\FD - Shortcut.lnk
[2011.01.14 23:05:46 | 000,317,553 | ---- | C] () -- C:\Users\andrea\Desktop\CSS Spray bot.exe
[2011.01.14 22:55:42 | 000,000,326 | ---- | C] () -- C:\Users\andrea\SciTE.session
[2011.01.14 22:55:40 | 000,001,112 | ---- | C] () -- C:\Users\andrea\Desktop\CSS Spray bot.au3
[2011.01.14 13:04:30 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk
[2011.01.14 13:04:30 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk
[2011.01.14 13:04:28 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2011.01.13 19:54:07 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.01.13 19:33:23 | 000,079,872 | ---- | C] () -- C:\Users\andrea\AppData\Roaming\chrtmp
[2011.01.11 13:43:21 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Play Synthesia.lnk
[2011.01.08 15:04:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.08 13:31:58 | 000,174,003 | ---- | C] () -- C:\Users\andrea\Documents\Intro.aep
[2011.01.08 13:15:46 | 000,074,243 | ---- | C] () -- C:\Users\andrea\Desktop\189.jpg
[2011.01.07 23:01:39 | 000,001,027 | ---- | C] () -- C:\Users\andrea\Desktop\Super Meat Boy.lnk
[2011.01.06 21:38:34 | 000,000,552 | ---- | C] () -- C:\Windows\eReg.dat
[2011.01.06 20:01:13 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk
[2011.01.05 17:59:15 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas.lnk
[2011.01.04 20:28:50 | 000,001,047 | ---- | C] () -- C:\Users\andrea\Desktop\Quick Memory Editor.lnk
[2011.01.04 19:29:06 | 000,001,277 | ---- | C] () -- C:\Users\andrea\Desktop\Adobe After Effects CS4.lnk
[2011.01.04 15:56:59 | 000,000,953 | ---- | C] () -- C:\Users\andrea\Desktop\Cheat Engine.lnk
[2011.01.04 15:56:57 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2011.01.02 05:40:25 | 000,014,608 | ---- | C] () -- C:\Users\andrea\Documents\TEST INTO.veg.bak
[2011.01.02 05:40:25 | 000,014,584 | ---- | C] () -- C:\Users\andrea\Documents\TEST INTO.veg
[2011.01.02 05:17:59 | 000,002,712 | ---- | C] () -- C:\Users\andrea\Documents\Vegas Pro registrieren.htm
[2011.01.02 01:54:09 | 000,001,081 | ---- | C] () -- C:\Users\andrea\Desktop\Voice Mail Compressor.lnk
[2011.01.02 00:38:06 | 000,003,584 | ---- | C] () -- C:\Users\andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.01 23:01:10 | 000,001,126 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.1.lnk
[2011.01.01 23:01:10 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.1.lnk
[2011.01.01 04:55:22 | 014,400,056 | ---- | C] () -- C:\Users\andrea\1280x1024.bmp
[2011.01.01 04:54:44 | 006,097,576 | ---- | C] () -- C:\Users\andrea\1280x1024.psd
[2011.01.01 04:10:13 | 000,000,997 | ---- | C] () -- C:\Users\andrea\Desktop\Virtual DJ Pro.lnk
[2010.12.31 03:20:28 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk
[2010.12.29 07:38:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Flyff.lnk
[2010.12.29 07:38:22 | 000,000,842 | ---- | C] () -- C:\Users\andrea\Desktop\Flyff.lnk
[2010.12.29 06:19:46 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd
[2010.12.29 05:07:09 | 000,000,150 | ---- | C] () -- C:\Users\Public\Desktop\Karos Online.url
[2010.12.28 07:46:59 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.12.28 07:46:09 | 000,001,220 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg
[2010.12.28 05:36:54 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk
[2010.12.27 19:25:35 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Movie Studio HD Platinum 10.0.lnk
[2010.12.27 15:34:31 | 000,000,171 | ---- | C] () -- C:\Users\Public\Desktop\ijji.url
[2010.12.27 15:34:30 | 000,001,875 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.12.27 15:34:30 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk
[2010.12.26 00:04:36 | 000,001,407 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.12.26 00:03:40 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk
[2010.12.26 00:03:35 | 000,000,290 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.12.26 00:03:35 | 000,000,272 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.12.25 20:32:12 | 000,001,066 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk
[2010.12.25 20:32:12 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk
[2010.12.25 20:32:12 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk
[2010.12.25 17:42:18 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk
[2010.12.25 17:23:59 | 000,001,197 | ---- | C] () -- C:\Users\andrea\Desktop\DVDVideoSoft Free Studio.lnk
[2010.12.25 17:23:52 | 000,001,356 | ---- | C] () -- C:\Users\andrea\Desktop\Free YouTube to MP3 Converter.lnk
[2010.12.25 17:12:37 | 000,000,562 | ---- | C] () -- C:\Users\andrea\Desktop\Fraps.lnk
[2010.12.25 16:59:41 | 000,000,937 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
[2010.12.25 16:59:41 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.12.25 15:25:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2010.12.25 15:25:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2010.12.25 15:24:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.25 15:21:45 | 000,001,909 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.12.25 15:21:45 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.12.25 15:15:16 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.12.25 15:14:22 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.12.25 15:13:17 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.25 15:13:16 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.25 15:12:32 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job
[2010.12.25 15:06:19 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job
[2010.12.25 15:06:18 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job
[2010.12.25 14:58:10 | 603,627,520 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.29 21:15:21 | 000,000,792 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.07.14 00:24:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\nt.dll
 
========== LOP Check ==========
 
[2011.01.18 18:05:34 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\.minecraft
[2011.01.18 12:48:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft
[2010.12.25 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.20 16:22:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Dyyno
[2011.01.03 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GameTuts
[2011.01.02 00:05:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GetRightToGo
[2011.01.07 23:05:53 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Hive Cluster
[2011.01.18 12:49:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\IObit
[2011.01.01 23:35:19 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\ManyCam
[2010.12.27 23:03:17 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Publish Providers
[2011.01.02 05:17:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Sony
[2010.12.28 07:59:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\SPORE
[2011.01.11 13:56:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Synthesia
[2011.01.19 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\uTorrent
[2011.01.06 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WB Games
[2011.01.19 16:22:46 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2009.07.14 05:53:46 | 000,006,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.01.18 18:05:34 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\.minecraft
[2011.01.04 19:09:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Adobe
[2011.01.18 12:48:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft
[2010.12.25 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.20 16:22:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Dyyno
[2011.01.03 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GameTuts
[2011.01.02 00:05:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GetRightToGo
[2010.12.25 15:18:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Google
[2011.01.07 23:05:53 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Hive Cluster
[2010.12.26 00:03:47 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Identities
[2011.01.18 12:49:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\IObit
[2010.12.25 15:06:59 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Macromedia
[2011.01.17 15:15:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Malwarebytes
[2011.01.01 23:35:19 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\ManyCam
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Media Center Programs
[2011.01.14 22:50:17 | 000,000,000 | --SD | M] -- C:\Users\andrea\AppData\Roaming\Microsoft
[2010.12.25 15:22:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Mozilla
[2010.12.27 23:03:17 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Publish Providers
[2010.12.28 07:58:40 | 000,000,000 | RH-D | M] -- C:\Users\andrea\AppData\Roaming\SecuROM
[2011.01.19 16:22:26 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Skype
[2011.01.19 13:37:46 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\skypePM
[2011.01.02 05:17:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Sony
[2010.12.28 07:59:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\SPORE
[2011.01.11 13:56:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Synthesia
[2011.01.19 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\uTorrent
[2011.01.06 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WB Games
[2010.12.27 22:59:26 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.12.29 00:13:03 | 000,012,862 | R--- | M] () -- C:\Users\andrea\AppData\Roaming\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=5E02BA9F23426353B819C7DA126FF7AF -- C:\Windows\explorer.exe
[2010.08.29 21:03:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2010.08.29 21:03:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.08.29 21:05:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2010.08.29 21:05:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2010.08.29 21:05:58 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 02:16:17 | 000,003,584 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\nt.dll

< End of report >
         
--- --- ---


Alt 20.01.2011, 17:21   #6
markusg
/// Malware-holic
 
Google Virus - Standard

Google Virus



bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________
--> Google Virus

Alt 21.01.2011, 08:34   #7
Sebastian19
 
Google Virus - Standard

Google Virus



Hier der Log(ComboFix):

Combofix Logfile:
Code:
ATTFilter
ComboFix 11-01-20.02 - andrea 21.01.2011   8:12.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.43.1033.18.768.229 [GMT 1:00]
ausgeführt von:: c:\users\andrea\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\CFLog
c:\cflog\CrashLog_20110116.txt
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\andrea\AppData\Roaming\chrtmp
c:\users\andrea\AppData\Roaming\Dyyno
c:\users\andrea\AppData\Roaming\Dyyno\dgcsrv.xml
c:\users\andrea\AppData\Roaming\Dyyno\dyyno.xml
c:\windows\system32\nt.dll

----- BITS: Eventuell infizierte Webseiten -----

hxxp://apnmedia.ask.com
Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert 
Kopie von - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!winsxs!x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1!explorer.exe wurde wiederhergestellt 

Infizierte Kopie von c:\windows\System32\wininit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe wurde wiederhergestellt 

Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert 
Kopie von - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!winsxs!x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1!explorer.exe wurde wiederhergestellt
.
(((((((((((((((((((((((   Dateien erstellt von 2010-12-21 bis 2011-01-21  ))))))))))))))))))))))))))))))
.

2011-01-21 07:25 . 2011-01-21 07:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-01-20 20:20 . 2011-01-20 20:22	--------	d-----w-	c:\program files\Image-Line
2011-01-20 20:08 . 2006-06-20 08:56	225280	----a-w-	c:\windows\system32\rewire.dll
2011-01-20 20:08 . 2009-08-02 20:09	1554944	----a-w-	c:\windows\system32\vorbis.acm
2011-01-20 20:07 . 2011-01-20 20:22	--------	d-----w-	c:\program files\Vstplugins
2011-01-20 20:07 . 2011-01-20 20:07	--------	d-----w-	c:\program files\Outsim
2011-01-18 12:30 . 2010-11-16 20:01	6273872	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE836B5A-FFC1-4C9D-8DD1-CCFD59D17267}\mpengine.dll
2011-01-17 18:56 . 2011-01-18 08:14	138464	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2011-01-17 18:56 . 2011-01-18 08:14	111928	----a-w-	c:\windows\system32\PnkBstrB.exe
2011-01-17 18:56 . 2011-01-17 18:56	66872	----a-w-	c:\windows\system32\PnkBstrA.exe
2011-01-17 14:14 . 2010-12-20 17:09	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-17 14:14 . 2011-01-17 14:14	--------	d-----w-	c:\programdata\Malwarebytes
2011-01-17 14:14 . 2011-01-17 14:14	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2011-01-17 14:14 . 2010-12-20 17:08	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-01-16 09:24 . 2011-01-16 09:24	--------	d-----w-	c:\program files\Z8Games
2011-01-16 08:35 . 2010-10-22 06:23	57960	----a-w-	c:\windows\system32\OpenCL.dll
2011-01-16 08:35 . 2010-10-22 06:23	888424	----a-w-	c:\windows\system32\nvdispco322050.dll
2011-01-15 14:15 . 2003-04-18 23:39	6659	----a-w-	c:\windows\system32\TANDPL.VXD
2011-01-15 14:15 . 2003-04-18 23:32	4736	----a-w-	c:\windows\system32\drivers\tandpl.sys
2011-01-15 14:15 . 2003-03-02 16:44	7552	----a-w-	c:\windows\system32\drivers\enodpl.sys
2011-01-15 14:15 . 2001-08-31 14:16	6532	----a-w-	c:\windows\system32\ENODPL.VXD
2011-01-14 21:49 . 2011-01-14 22:32	--------	d-----w-	c:\program files\AutoIt3
2011-01-14 12:04 . 2011-01-18 21:37	--------	d-sh--w-	c:\windows\ftpcache
2011-01-14 12:02 . 2011-01-18 15:42	--------	d-----w-	c:\program files\Activision
2011-01-13 20:35 . 2011-01-19 13:42	--------	d-----w-	C:\PacSteamT
2011-01-13 20:07 . 2011-01-13 20:07	--------	d-----w-	c:\program files\Common Files\Thraex Software
2011-01-13 18:04 . 2011-01-18 08:32	--------	d-----w-	c:\program files\Common Files\Steam
2011-01-13 18:04 . 2011-01-21 07:27	--------	d-----w-	c:\program files\Steam
2011-01-12 19:29 . 2011-01-12 19:29	--------	d-----w-	c:\program files\MSXML 4.0
2011-01-11 23:43 . 2010-10-16 04:34	573440	----a-w-	c:\windows\system32\odbc32.dll
2011-01-11 23:43 . 2010-10-16 04:33	372736	----a-w-	c:\program files\Common Files\System\ado\msadox.dll
2011-01-11 23:43 . 2010-10-16 04:33	352256	----a-w-	c:\program files\Common Files\System\ado\msadomd.dll
2011-01-11 23:43 . 2010-10-16 04:33	987136	----a-w-	c:\program files\Common Files\System\ado\msado15.dll
2011-01-11 23:43 . 2010-10-16 04:33	208896	----a-w-	c:\program files\Common Files\System\msadc\msadco.dll
2011-01-11 23:43 . 2010-11-02 04:35	1170944	----a-w-	c:\windows\system32\d3d10warp.dll
2011-01-11 23:43 . 2010-11-02 04:35	739840	----a-w-	c:\windows\system32\d2d1.dll
2011-01-11 23:43 . 2010-11-02 04:35	1074176	----a-w-	c:\windows\system32\DWrite.dll
2011-01-11 23:43 . 2010-11-02 04:41	442880	----a-w-	c:\windows\system32\XpsPrint.dll
2011-01-11 23:43 . 2010-11-02 04:36	801792	----a-w-	c:\windows\system32\FntCache.dll
2011-01-11 23:43 . 2010-05-23 10:11	3181568	----a-w-	c:\windows\system32\mf.dll
2011-01-11 23:42 . 2010-11-02 04:46	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2011-01-11 23:42 . 2010-11-02 04:41	283648	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2011-01-11 23:42 . 2010-05-23 10:15	1619456	----a-w-	c:\windows\system32\WMVDECOD.DLL
2011-01-11 23:42 . 2010-11-02 04:35	218624	----a-w-	c:\windows\system32\d3d10_1core.dll
2011-01-11 23:42 . 2010-11-02 04:23	107520	----a-w-	c:\windows\system32\cdd.dll
2011-01-11 23:42 . 2010-05-23 10:11	196608	----a-w-	c:\windows\system32\mfreadwrite.dll
2011-01-11 23:42 . 2010-11-02 04:41	135168	----a-w-	c:\windows\system32\XpsRasterService.dll
2011-01-11 23:42 . 2010-11-02 02:37	211968	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2011-01-11 23:42 . 2010-06-26 05:14	1495040	----a-w-	c:\windows\system32\ExplorerFrame.dll
2011-01-11 23:42 . 2010-11-02 04:35	161792	----a-w-	c:\windows\system32\d3d10_1.dll
2011-01-11 12:42 . 2011-01-11 12:43	--------	d-----w-	c:\program files\Synthesia
2011-01-10 19:52 . 2011-01-10 19:52	--------	d-----w-	c:\programdata\Trymedia
2011-01-10 19:48 . 2011-01-10 19:48	--------	d-----w-	c:\programdata\InstallShield
2011-01-10 12:38 . 2011-01-10 12:41	--------	d-----w-	c:\program files\Manic Digger
2011-01-08 13:53 . 2011-01-08 13:53	--------	d-----w-	c:\program files\Common Files\Skype
2011-01-08 13:53 . 2011-01-08 13:53	--------	d-----r-	c:\program files\Skype
2011-01-07 22:03 . 2011-01-17 15:12	--------	d-----w-	c:\program files\Super Meat Boy
2011-01-06 20:56 . 2011-01-06 20:56	--------	d-----w-	c:\program files\Maxis
2011-01-06 19:01 . 2010-02-26 00:51	25216	----a-w-	c:\windows\system32\drivers\tap0901.sys
2011-01-06 19:01 . 2011-01-06 19:01	--------	d-----w-	c:\program files\S.A.D
2011-01-05 18:45 . 2011-01-05 18:45	--------	d-----w-	c:\program files\Gpotato
2011-01-05 18:41 . 2011-01-05 18:41	--------	d-----w-	c:\programdata\PMB Files
2011-01-05 18:41 . 2011-01-05 18:41	--------	d-----w-	c:\program files\Pando Networks
2011-01-05 16:58 . 2011-01-05 16:59	--------	d-----w-	c:\program files\MTA San Andreas
2011-01-04 19:28 . 2011-01-04 19:43	--------	d-----w-	c:\program files\Quick Memory Editor
2011-01-04 18:08 . 2011-01-04 18:08	--------	d-----w-	c:\programdata\FLEXnet
2011-01-04 18:03 . 2011-01-04 18:03	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2011-01-04 14:56 . 2009-11-03 22:07	679936	----a-w-	c:\windows\system32\D3DX81ab.dll
2011-01-04 14:56 . 2009-11-03 22:07	1970176	----a-w-	c:\windows\system32\d3dx9.dll
2011-01-04 14:56 . 2011-01-09 16:45	--------	d-----w-	c:\program files\Cheat Engine
2011-01-02 06:37 . 2011-01-02 06:37	--------	d-----w-	c:\windows\system32\RTCOM
2011-01-02 05:37 . 2011-01-02 05:37	--------	d-----w-	c:\programdata\SplitMediaLabs
2011-01-02 00:54 . 2011-01-02 00:54	--------	d-----w-	c:\program files\Voice Mail Compressor
2011-01-02 00:35 . 2011-01-20 15:22	--------	d-----w-	c:\program files\Dyyno
2011-01-01 23:35 . 2010-12-24 00:43	106208	----a-w-	c:\windows\system32\drivers\VCAM_WDM03.sys
2011-01-01 23:35 . 2010-12-24 00:42	106208	----a-w-	c:\windows\system32\drivers\VCam_WDM.sys
2011-01-01 23:35 . 2010-12-24 00:43	106208	----a-w-	c:\windows\system32\drivers\VCAM_WDM02.sys
2011-01-01 23:35 . 2010-12-24 00:42	106208	----a-w-	c:\windows\system32\drivers\VCam_WDM01.sys
2011-01-01 22:56 . 2011-01-01 22:56	--------	d-----w-	c:\program files\VHLabs
2011-01-01 22:35 . 2011-01-02 06:53	--------	d-----w-	c:\program files\ManyCam
2011-01-01 05:08 . 2011-01-01 05:08	98304	----a-w-	c:\windows\system32\CmdLineExt.dll
2011-01-01 03:37 . 2011-01-01 03:37	--------	d-----w-	c:\program files\Adobe Media Player
2011-01-01 03:10 . 2011-01-01 03:10	--------	d-----w-	c:\program files\VirtualDJ
2010-12-31 02:20 . 2010-12-31 02:20	--------	d-----w-	c:\program files\Rockstar Games
2010-12-30 06:19 . 2010-12-30 06:19	--------	d-----w-	c:\program files\Risk
2010-12-29 06:31 . 2010-12-29 06:31	--------	d-----w-	c:\program files\gPotato.eu
2010-12-29 06:16 . 2010-12-29 06:16	--------	d-----w-	c:\program files\Neffy
2010-12-29 05:20 . 2010-01-19 19:59	3595660	----a-w-	c:\windows\system32\GameMon.des
2010-12-29 05:19 . 2004-12-30 03:43	4682	----a-w-	c:\windows\system32\npptNT2.sys
2010-12-29 05:19 . 2003-07-15 12:17	5174	----a-w-	c:\windows\system32\nppt9x.vxd
2010-12-29 05:19 . 2010-12-29 05:19	--------	d-----w-	c:\program files\Common Files\INCA Shared
2010-12-29 04:07 . 2010-12-29 04:07	--------	d-----w-	C:\ijji
2010-12-28 23:28 . 2008-05-30 22:18	238088	----a-w-	c:\windows\system32\xactengine3_1.dll
2010-12-28 23:23 . 2010-12-28 23:27	--------	d--h--w-	c:\windows\msdownld.tmp
2010-12-28 23:20 . 2010-12-28 23:39	--------	d-----w-	c:\program files\PCSX2 0.9.7
2010-12-28 06:46 . 2010-12-28 06:46	--------	d-----w-	c:\programdata\Electronic Arts
2010-12-28 06:46 . 2010-12-28 06:46	1220	----a-w-	c:\windows\system32\ealregsnapshot1.reg
2010-12-28 06:33 . 2010-12-28 06:46	--------	d-----w-	c:\program files\Electronic Arts
2010-12-28 05:52 . 2010-12-29 22:10	--------	d-----w-	c:\programdata\regid.1986-12.com.adobe
2010-12-28 05:43 . 2010-12-28 05:43	--------	d-----w-	c:\windows\system32\Macromed
2010-12-28 05:42 . 2010-12-28 05:42	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2010-12-28 04:36 . 2010-12-28 22:23	--------	d-----w-	c:\program files\Warcraft III
2010-12-28 04:36 . 2010-12-28 04:46	--------	d-----w-	c:\program files\Common Files\Blizzard Entertainment
2010-12-28 04:12 . 2010-12-28 04:12	--------	d-----w-	c:\program files\Common Files\Java
2010-12-28 04:11 . 2010-12-28 04:11	472808	----a-w-	c:\windows\system32\deployJava1.dll
2010-12-28 04:11 . 2010-12-28 04:11	--------	d-----w-	c:\program files\Java
2010-12-27 20:24 . 2009-07-23 03:08	50200	----a-w-	c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2010-12-27 20:24 . 2009-07-23 03:08	79896	----a-w-	c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2010-12-27 20:23 . 2010-12-27 20:23	--------	d-----w-	c:\windows\system32\RsFx
2010-12-27 20:17 . 2010-12-27 20:23	--------	d-----w-	c:\program files\Microsoft SQL Server
2010-12-27 20:17 . 2010-12-27 20:17	--------	d-----w-	c:\program files\Microsoft Sync Framework
2010-12-27 20:17 . 2010-12-27 20:17	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2010-12-27 20:17 . 2010-12-27 20:17	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2010-12-27 20:16 . 2010-12-27 20:16	--------	d-----w-	c:\programdata\PreEmptive Solutions
2010-12-27 20:12 . 2010-12-27 20:12	--------	d-----w-	c:\program files\Microsoft ASP.NET
2010-12-27 20:12 . 2010-12-27 20:12	--------	d-----w-	c:\program files\IIS
2010-12-27 20:11 . 2010-12-27 20:31	2377696	----a-w-	c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2010-12-27 20:04 . 2010-12-27 20:22	--------	d-----w-	c:\windows\system32\1033
2010-12-27 20:04 . 2010-12-27 20:04	--------	d-----w-	c:\windows\symbols
2010-12-27 20:04 . 2010-12-27 20:07	--------	d-----w-	c:\program files\Microsoft F#
2010-12-27 20:04 . 2010-12-27 20:05	--------	d-----w-	c:\program files\HTML Help Workshop
2010-12-27 20:04 . 2010-12-27 20:17	--------	d-----w-	c:\program files\Microsoft SDKs
2010-12-27 20:04 . 2010-12-27 20:16	--------	d-----w-	c:\program files\Microsoft Visual Studio 10.0
2010-12-27 20:04 . 2010-12-27 20:06	--------	d-----w-	c:\program files\Common Files\Merge Modules
2010-12-27 20:04 . 2010-12-27 20:04	--------	d-----w-	c:\program files\Microsoft Help Viewer

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-25 14:12 . 2010-12-25 14:55	119808	----a-w-	c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 20:51	3911776	----a-w-	c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
2010-12-09 20:51	3911776	----a-w-	c:\program files\uTorrentBar_DE\tbuTor.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]

[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-12-25 136176]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-25 396152]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-21 2752512]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-13 1242448]
"Dyyno Launcher"="c:\program files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2010-09-11 2151776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-12-25 30192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2010-12-14 2412680]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-12-25 30192]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-01-19 3595660]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VCam_WDM;e2eSoft VCam;c:\windows\system32\DRIVERS\VCam_WDM.sys [2010-12-24 106208]
R3 VCam_WDM01;e2eSoft VCam 01;c:\windows\system32\DRIVERS\VCam_WDM01.sys [2010-12-24 106208]
R3 VCAM_WDM02;e2eSoft VCam 02;c:\windows\system32\DRIVERS\VCAM_WDM02.sys [2010-12-24 106208]
R3 VCAM_WDM03;e2eSoft VCam 03;c:\windows\system32\DRIVERS\VCAM_WDM03.sys [2010-12-24 106208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1343400]
R3 XDva379;XDva379;c:\windows\system32\XDva379.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Dyyno Launcher;Dyyno Service;c:\program files\Dyyno\Dyyno Broadcaster\launcherd.exe [2010-09-11 415072]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]

.
Inhalt des "geplante Tasks" Ordners

2011-01-21 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-01-17 15:19]

2011-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job
- c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 14:06]

2011-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job
- c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 14:06]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2851647
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - c:\users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\0dlze9cv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: uTorrentBar_DE Community Toolbar: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - %profile%\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -

HKLM-Run-Google Quick Search Box - c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
AddRemove-Google Updater - c:\program files\Google\Google Updater\GoogleUpdater.exe
AddRemove-Picasa 3 - c:\program files\Google\Picasa3\Uninstall.exe
AddRemove-Steam App 220 - c:\pacsteamt\steam.exe
AddRemove-Steam App 240 - c:\pacsteamt\steam.exe
AddRemove-Steam App 4850 - c:\pacsteamt\steam.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\Software\SecuROM\License information*]
"datasecu"=hex:bb,0d,61,6c,8e,df,67,11,2d,7a,51,c6,8a,a1,10,b2,30,c4,61,8e,63,
   34,23,73,ac,46,92,6a,8d,d5,a3,ca,5c,5a,03,fb,bc,5a,58,b3,2e,dc,1c,f4,ac,be,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\IObit\Game Booster\GameBox.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-21  08:32:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-01-21 07:32

Vor Suchlauf: 229.748.568.064 bytes free
Nach Suchlauf: 229.648.949.248 bytes free

- - End Of File - - 17B22D94356C140275DB3F2C4AB545B6
         
--- --- ---


Scheint zu Funktionieren google funktioniert wieder^^

Geändert von Sebastian19 (21.01.2011 um 09:30 Uhr)

Alt 21.01.2011, 13:40   #8
markusg
/// Malware-holic
 
Google Virus - Standard

Google Virus



ich dachte das wäre der plan :d
öffne computer c: dann qoobox, rechtsklick auf quarantain, mit winrar oder zip packen, datei hochladen.
http://www.trojaner-board.de/54791-a...ner-board.html
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Google Virus
adware, antiviren, beschädigen, drücke, eingebe, ergebnisse, folge, folgendes, google, google virus, ladet, link, nichts, problem, programme, seite, sekunden, sobald, suche, systemcare, virus, website



Ähnliche Themen: Google Virus


  1. Google-Virus
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (3)
  2. Google Redirect Virus bzw. Google Hijack + PC Langsam
    Plagegeister aller Art und deren Bekämpfung - 10.07.2012 (2)
  3. Google virus
    Log-Analyse und Auswertung - 15.06.2011 (0)
  4. Google Virus ?
    Log-Analyse und Auswertung - 14.05.2011 (34)
  5. Weiterleitung zu Epoclick, Gomeo, google analytics, google websites, google anderer länder
    Plagegeister aller Art und deren Bekämpfung - 10.05.2011 (6)
  6. Google Virus
    Plagegeister aller Art und deren Bekämpfung - 12.04.2011 (44)
  7. ,,Google Virus" Problem bei google suche und PC extrem langsam
    Log-Analyse und Auswertung - 20.10.2010 (17)
  8. google virus
    Log-Analyse und Auswertung - 04.07.2010 (2)
  9. Virus - Google
    Log-Analyse und Auswertung - 04.03.2010 (8)
  10. google-virus
    Plagegeister aller Art und deren Bekämpfung - 01.02.2010 (1)
  11. Google-Virus
    Plagegeister aller Art und deren Bekämpfung - 22.12.2009 (1)
  12. Google Virus
    Plagegeister aller Art und deren Bekämpfung - 26.01.2009 (0)
  13. Google Virus
    Log-Analyse und Auswertung - 05.01.2009 (2)
  14. Google Virus
    Plagegeister aller Art und deren Bekämpfung - 07.10.2008 (13)
  15. Google Virus im IE
    Log-Analyse und Auswertung - 11.07.2007 (6)
  16. Google Virus
    Plagegeister aller Art und deren Bekämpfung - 18.01.2007 (2)
  17. Google-Virus
    Plagegeister aller Art und deren Bekämpfung - 23.02.2005 (8)

Zum Thema Google Virus - Ja Hallo, Ich habe folgendes Problem: wenn ich google gehe und nach etwas suche ist noch alles normal, ich bekomme meine ergebnisse und sobald ich auf etwas drauf drücke ladet - Google Virus...
Archiv
Du betrachtest: Google Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.