| Fragstuff | 28.02.2012 02:03 |
GEMA 100 € Virus - brauche nun ein Script..Vielen Dank!
Huhu...habe auch den GEMA Virus....habe OTLPE CD schon gebrannt und durchlaufen lassen....habe selber mir die OTL Log schon angesehen und "da wo ich denke wo Fehler sind" schon rot fett kursiv unterstrichen markiert.
Ich hoffe auf ein Skript was mir hilft....Vielen Dank
Neuer Edit: Habe diese Datei "in Rot" Per Hand gelöscht...nun kam auch die GEMA Sperrung nciht mehr...dafür geht aber zur Zeit kein msconfig oder der task manager.!..........
Neuer Edit: So habe auch schon was gefunden....und zwar habe ich ein Programm das heisst autoruns von sysinternals...hier hat er mir aufgezeigt das in der registry der taskmanager der regedit und msconfig der autorun auf disabled im ordner autoruns disabled (siehe HLM/SOFTWARE/Microsoft/Windows NT/CurrentVerison/Image File Execution Options/ Autorunsdisabled) gesetzt wurde...habe die werte gelöscht und msconfig taskmanager und regedit laufen wieder :) :) :) Vielleicht hilft euch das ja auch weiter :)
Gruß
Fragstuff
[QUOTE]OTl Log:OTL Logfile: Code:
OTL logfile created on: 2/28/2012 1:22:47 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 78.13 Gb Total Space | 45.94 Gb Free Space | 58.80% Space Free | Partition Type: NTFS
Drive D: | 53.71 Gb Total Space | 10.60 Gb Free Space | 19.74% Space Free | Partition Type: NTFS
Drive E: | 54.46 Gb Total Space | 16.87 Gb Free Space | 30.98% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
========== Win32 Services (SafeList) ==========
SRV - [2012/02/07 07:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/03/16 05:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/02/10 06:02:28 | 000,385,240 | R--- | M] (cFos Software GmbH) [Auto] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)
SRV - [2008/04/13 23:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 23:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/13 23:42:24 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/01/31 11:29:34 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011/05/12 21:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/12 21:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/05/12 21:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/10/20 08:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010/05/10 04:44:42 | 000,025,912 | ---- | M] (Your Corporation) [Kernel | On_Demand] -- C:\Program Files\MSI\Live Update 5\msibios32_100507.sys -- (MSI_MSIBIOS_010507)
DRV - [2009/03/18 11:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/02/10 06:02:34 | 000,787,672 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cfosspeed.sys -- (cFosSpeed)
DRV - [2006/11/16 01:34:00 | 004,225,920 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/08/22 08:36:58 | 000,035,712 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atl01_xp.sys -- (AtcL001)
DRV - [2004/08/13 11:56:00 | 000,005,810 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Fragstuff_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Fragstuff_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Fragstuff\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: E:\Program Files\Mozilla Firefox\components [2012/02/04 17:10:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: E:\Program Files\Mozilla Firefox\plugins [2012/01/08 18:11:41 | 000,000,000 | ---D | M]
[2011/11/22 19:19:27 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fragstuff\Application Data\Mozilla\Extensions
[2011/11/22 18:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Fragstuff\Application Data\Mozilla\Firefox\Profiles\kdf2pprs.default\extensions
[2012/01/08 18:11:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/11/22 19:22:51 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/02/04 17:10:00 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/22 19:22:51 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/01/08 18:11:38 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/01/08 18:11:38 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2006/01/12 20:55:32 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [WinSys2] C:\WINDOWS\system32\WinSys2.exe ()
O4 - HKU\.DEFAULT..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (dgelwin )
O4 - HKU\Fragstuff_ON_C..\Run: [Steam] File not found
O4 - HKU\LocalService_ON_C..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (dgelwin )
O4 - HKU\NetworkService_ON_C..\Run: [msnsc] C:\WINDOWS\system32\msnsc.exe (dgelwin )
O4 - HKU\.DEFAULT..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [nlsf] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation)
F3 - HKU\Fragstuff_ON_C WinNT: Load - (E:\DOCUME~1\FRAGST~1\LOCALS~1\Temp\0D68D5C02006E772A4AC.exe) - File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 59250 = E:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\msdubmn.com (The cURL library)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Fragstuff_ON_C\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\Fragstuff_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (E:\WINDOWS\system32\7D0A839E2006E772D922.exe) - File not found
O20 - Winlogon\Notify\Antiwpa: DllName - antiwpa.dll - C:\WINDOWS\System32\antiwpa.dll ()
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll ()
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/27 17:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Local Settings
[2012/02/27 17:43:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\kodak
[2012/02/27 10:23:35 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Fragstuff\Recent
[2012/02/27 07:15:36 | 000,000,000 | ---D | C] -- C:\löschen
[2012/02/26 19:16:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\BigHugeEngine
[2012/02/26 18:52:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\My Documents\Remedy
[2012/02/26 18:52:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\SKIDROW
[2012/02/26 15:38:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EA Games
[2012/02/26 15:06:04 | 000,000,000 | ---D | C] -- C:\Externe Festplatte BAckup
[2012/02/26 14:40:42 | 000,000,000 | ---D | C] -- C:\Games
[2012/02/26 09:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\Google
[2012/02/26 09:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012/02/26 07:10:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2012/02/26 05:50:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\BigHugeEngine
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\speechengines
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\outlook express
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\msn gaming zone
[2012/02/26 05:47:46 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2012/02/26 05:13:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/02/25 20:59:09 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2012/02/25 20:59:09 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2012/02/25 20:59:08 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/02/25 20:59:08 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll
[2012/02/25 20:58:55 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\irbus.sys
[2012/02/25 20:58:54 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2012/02/25 20:58:44 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2012/02/25 20:58:44 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2012/02/25 20:58:44 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2012/02/25 20:58:44 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2012/02/25 20:58:44 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2012/02/25 20:58:44 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2012/02/25 20:58:44 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2012/02/25 20:58:44 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2012/02/25 20:58:44 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2012/02/25 20:58:43 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2012/02/25 20:58:43 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2012/02/25 20:58:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2012/02/25 20:58:43 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2012/02/25 20:58:42 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2012/02/25 20:58:42 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2012/02/25 20:58:42 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2012/02/25 20:58:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2012/02/25 20:58:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2012/02/25 20:58:42 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2012/02/25 20:58:42 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2012/02/25 20:58:41 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2012/02/25 20:58:41 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2012/02/25 20:58:41 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2012/02/25 20:58:41 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2012/02/25 20:58:41 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2012/02/25 20:58:41 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2012/02/25 20:58:41 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2012/02/25 20:58:40 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2012/02/25 20:58:40 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2012/02/25 20:58:39 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2012/02/25 20:58:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2012/02/25 20:58:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2012/02/25 20:58:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2012/02/25 20:58:37 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2012/02/25 20:58:37 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2012/02/25 20:58:37 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2012/02/25 20:58:37 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2012/02/25 20:58:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2012/02/25 20:58:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2012/02/25 20:58:36 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2012/02/25 20:58:36 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2012/02/25 20:58:36 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2012/02/25 20:58:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2012/02/25 20:58:36 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2012/02/25 20:58:35 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2012/02/25 20:58:35 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2012/02/25 20:58:34 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2012/02/25 20:58:34 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2012/02/25 20:58:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2012/02/25 20:58:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2012/02/25 20:58:34 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2012/02/25 20:58:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2012/02/25 20:58:33 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2012/02/25 20:58:33 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2012/02/25 20:58:33 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2012/02/25 20:58:33 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2012/02/25 20:58:33 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2012/02/25 20:58:33 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2012/02/25 20:58:33 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2012/02/25 20:58:32 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2012/02/25 20:58:32 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2012/02/25 20:58:30 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2012/02/25 20:58:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2012/02/25 20:58:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012/02/25 20:58:22 | 000,000,000 | ---D | C] -- C:\Program Files\msn
[2012/02/25 20:58:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2012/02/25 20:58:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012/02/25 20:53:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012/02/25 20:51:14 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2012/02/25 20:51:14 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2012/02/25 20:51:14 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2012/02/25 20:51:14 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2012/02/25 20:51:14 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2012/02/25 20:51:14 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2012/02/25 20:51:13 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2012/02/25 20:51:13 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2012/02/25 20:51:13 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2012/02/25 20:51:13 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2012/02/25 20:51:13 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2012/02/25 20:51:13 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2012/02/25 20:51:12 | 000,701,440 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2012/02/25 20:51:12 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2012/02/25 20:51:12 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2012/02/25 20:51:12 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2012/02/25 20:51:12 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2012/02/25 20:51:12 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2012/02/25 20:51:12 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2012/02/25 20:51:12 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2012/02/25 20:51:12 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2012/02/25 20:51:12 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2012/02/25 20:51:12 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2012/02/25 20:51:11 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2012/02/25 20:51:11 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2012/02/25 20:51:11 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2012/02/25 20:51:11 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2012/02/25 20:51:11 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2012/02/25 20:51:11 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2012/02/25 20:51:11 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2012/02/25 20:51:11 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2012/02/25 20:51:11 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2012/02/25 20:51:11 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2012/02/25 20:51:10 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2012/02/25 20:51:10 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2012/02/25 20:51:10 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2012/02/25 20:51:08 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2012/02/25 20:51:08 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2012/02/25 20:51:08 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2012/02/25 20:51:08 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2012/02/25 20:51:08 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2012/02/25 20:51:08 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2012/02/25 20:51:08 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2012/02/25 20:51:08 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2012/02/25 20:51:07 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2012/02/25 20:51:07 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2012/02/25 20:51:07 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2012/02/25 20:51:07 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2012/02/25 20:51:07 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2012/02/25 20:51:07 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2012/02/25 20:51:06 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2012/02/25 20:51:06 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2012/02/25 20:51:06 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2012/02/25 20:51:05 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2012/02/25 20:51:05 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2012/02/25 20:51:05 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2012/02/25 20:51:05 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2012/02/25 20:50:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012/02/25 20:43:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012/02/24 19:57:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\Basilisk Games
[2012/02/24 19:57:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Eschalon Book II
[2012/02/21 16:53:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\RotMG.Production
[2012/02/18 05:53:06 | 000,000,000 | ---D | C] -- C:\Program Files\AIDA32 - Enterprise System Information
[2012/02/18 05:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIDA32 - Enterprise System Information
[2012/02/16 06:51:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\.Nitrous
[2012/02/16 06:47:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Desktop\Minecraft Mod
[2012/02/15 18:09:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\AirMouse
[2012/02/15 18:08:17 | 000,000,000 | ---D | C] -- C:\Program Files\Air Mouse
[2012/02/15 18:08:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Air Mouse
[2012/02/15 18:07:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\Downloaded Installations
[2012/02/14 08:19:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Desktop\Mazes
[2012/02/13 10:31:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\gtk-2.0
[2012/02/13 10:19:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\.thumbnails
[2012/02/13 10:18:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\.gimp-2.6
[2012/02/13 10:18:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\My Documents\gegl-0.0
[2012/02/13 10:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP-2.0
[2012/02/12 13:48:29 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\WINDOWS\System32\hamachi.sys
[2012/02/12 13:48:26 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012/02/12 13:48:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2012/02/12 13:48:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\LogMeIn Hamachi
[2012/02/12 13:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
[2012/02/12 13:40:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Desktop\Minecraft Bukkit Server 1.1
[2012/02/12 13:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Desktop\Strassennamen
[2012/01/31 11:44:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\Skyrim
[2012/01/31 11:40:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Razor 1911
[2012/01/31 11:29:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
[2012/01/31 11:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012/01/30 17:32:59 | 000,000,000 | -H-D | C] -- C:\Program Files\Common Files\EAInstaller
[2012/01/30 17:12:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\Origin
[2012/01/30 17:12:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Fragstuff\Application Data\Origin
[2012/01/30 17:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Origin
[2012/01/30 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Origin
[2012/01/30 17:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2012/01/30 17:11:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012/01/30 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Origin
[2012/01/29 17:26:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Fragstuff\*.tmp files -> C:\Documents and Settings\Fragstuff\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/27 18:28:44 | 000,544,810 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/02/27 18:28:44 | 000,101,404 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/02/27 18:24:33 | 000,183,009 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/02/27 18:24:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/27 17:50:03 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/02/27 17:34:42 | 000,000,876 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Syndicate.lnk
[2012/02/27 17:34:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EA Games
[2012/02/27 17:30:17 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/02/27 16:30:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1482476501-2147137731-1003UA.job
[2012/02/27 07:30:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1482476501-2147137731-1003Core.job
[2012/02/26 15:38:31 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Kingdoms of Amalur Reckoning.lnk
[2012/02/26 15:22:20 | 000,034,304 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/26 12:12:26 | 000,000,741 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/26 05:47:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/26 05:13:24 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/02/26 05:12:45 | 000,134,872 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/02/25 21:05:03 | 000,001,437 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Desktop\shutdown.exe.lnk
[2012/02/25 20:59:25 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2012/02/25 20:50:45 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/02/24 19:57:26 | 000,000,457 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Eschalon Book II.lnk
[2012/02/24 19:57:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Eschalon Book II
[2012/02/24 18:26:14 | 000,000,503 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Desktop\Unepic.lnk
[2012/02/24 07:19:44 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Desktop\Minecraft Server starten.bat.lnk
[2012/02/23 13:44:58 | 001,440,054 | ---- | M] () -- C:\WINDOWS\System32\winsh324
[2012/02/18 05:53:06 | 000,000,779 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Desktop\AIDA32.lnk
[2012/02/18 05:53:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\AIDA32 - Enterprise System Information
[2012/02/16 18:32:29 | 000,000,772 | ---- | M] () -- C:\Documents and Settings\Fragstuff\Desktop\Shortcut to .minecraft.lnk
[2012/02/16 18:11:55 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/02/16 06:02:52 | 000,000,000 | R--D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2012/02/15 18:08:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Air Mouse
[2012/02/13 10:31:42 | 000,001,471 | ---- | M] () -- C:\Documents and Settings\Fragstuff\.recently-used.xbel
[2012/02/12 13:48:26 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
[2012/02/12 13:48:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\LogMeIn Hamachi
[2012/02/02 08:37:28 | 001,440,054 | ---- | M] () -- C:\WINDOWS\System32\winsh323
[2012/02/02 07:01:48 | 001,440,054 | ---- | M] () -- C:\WINDOWS\System32\winsh320
[2012/02/02 06:56:54 | 001,440,054 | ---- | M] () -- C:\WINDOWS\System32\winsh321
[2012/02/02 06:54:18 | 001,440,054 | ---- | M] () -- C:\WINDOWS\System32\winsh322
[2012/01/31 11:40:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Razor 1911
[2012/01/31 11:29:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
[2012/01/31 11:29:34 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys
[2012/01/30 17:11:58 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2012/01/30 17:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Origin
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Fragstuff\*.tmp files -> C:\Documents and Settings\Fragstuff\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/27 17:44:02 | 001,440,054 | ---- | C] () -- C:\WINDOWS\System32\winsh324
[2012/02/27 17:44:02 | 001,440,054 | ---- | C] () -- C:\WINDOWS\System32\winsh323
[2012/02/27 17:44:02 | 001,440,054 | ---- | C] () -- C:\WINDOWS\System32\winsh322
[2012/02/27 17:44:02 | 001,440,054 | ---- | C] () -- C:\WINDOWS\System32\winsh321
[2012/02/27 17:44:02 | 001,440,054 | ---- | C] () -- C:\WINDOWS\System32\winsh320
[2012/02/27 17:34:42 | 000,000,876 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Syndicate.lnk
[2012/02/26 15:38:31 | 000,001,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Kingdoms of Amalur Reckoning.lnk
[2012/02/26 12:12:26 | 000,000,741 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/25 20:51:11 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012/02/25 20:51:10 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012/02/25 20:51:08 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012/02/25 20:46:12 | 000,001,437 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Desktop\shutdown.exe.lnk
[2012/02/24 19:57:26 | 000,000,457 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Eschalon Book II.lnk
[2012/02/24 18:26:14 | 000,000,503 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Desktop\Unepic.lnk
[2012/02/24 07:19:44 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Desktop\Minecraft Server starten.bat.lnk
[2012/02/18 05:53:06 | 000,000,779 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Desktop\AIDA32.lnk
[2012/02/16 18:32:28 | 000,000,772 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Desktop\Shortcut to .minecraft.lnk
[2012/02/13 10:31:42 | 000,001,471 | ---- | C] () -- C:\Documents and Settings\Fragstuff\.recently-used.xbel
[2012/02/12 13:47:29 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\LogMeIn Hamachi.lnk
[2012/01/30 17:11:58 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Origin.lnk
[2012/01/06 08:40:23 | 000,003,039 | ---- | C] () -- C:\Documents and Settings\Fragstuff\.TransferManager.db
[2011/12/26 15:25:25 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2011/11/30 21:41:06 | 000,099,802 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-839522115-1482476501-2147137731-1003-0.dat
[2011/11/30 21:41:03 | 000,099,802 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/11/30 19:00:52 | 000,458,072 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/11/25 10:07:03 | 000,034,304 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/23 06:41:14 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\antiwpa.dll
[2011/11/22 20:36:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\msicpl.ini
[2011/11/22 20:34:43 | 000,005,656 | ---- | C] () -- C:\Documents and Settings\Fragstuff\Utility.xml
[2011/11/22 19:46:50 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/11/22 19:19:36 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/11/22 19:12:38 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/11/22 19:12:38 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/11/22 19:12:30 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/11/22 19:12:29 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/11/22 19:12:28 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/11/22 18:57:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/11/22 18:52:43 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/11/22 18:47:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/11/22 18:46:41 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2011/11/22 18:46:39 | 000,002,293 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2011/11/22 18:42:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/22 18:34:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/22 18:30:05 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2011/11/22 18:29:56 | 000,134,872 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/10 16:18:00 | 000,239,496 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll
[2008/10/21 23:29:06 | 000,173,550 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2008/06/20 09:31:38 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\HookShield.dll
[2008/06/20 09:29:20 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\HookMAp.dll
[2008/05/03 05:16:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/03 05:16:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/03 05:16:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/03 05:16:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/03 05:16:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/03 05:16:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/03 05:16:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/05/03 05:16:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/05/03 05:16:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008/01/18 02:51:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\WinSys2.exe
[2006/08/14 05:31:06 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\Auxiliary.dll
[2006/07/12 23:00:04 | 000,131,072 | ---- | C] () -- C:\WINDOWS\System32\smdll.dll
[2006/01/12 21:05:28 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/01/12 21:02:21 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/01/12 21:01:02 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/01/12 20:59:43 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/01/12 20:55:02 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2006/01/12 20:54:15 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\VCdControlTool.exe
[2006/01/12 20:52:59 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\CopyToSendTo.dll
[2006/01/12 20:52:17 | 000,745,472 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2006/01/12 20:50:12 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2006/01/12 20:44:46 | 000,080,003 | ---- | C] () -- C:\WINDOWS\System32\GSpot25.dat
[2006/01/12 20:44:08 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/01/12 20:40:44 | 001,163,264 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2006/01/12 20:40:28 | 001,040,384 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2006/01/12 20:39:44 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/01/12 20:39:43 | 000,101,404 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/01/12 20:39:41 | 000,544,810 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/01/12 20:39:41 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/01/12 20:39:33 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\vorbisfile.dll
[2006/01/12 20:38:40 | 000,394,240 | ---- | C] () -- C:\WINDOWS\System32\HMTCD.dll
[2006/01/12 20:35:46 | 000,008,636 | ---- | C] () -- C:\WINDOWS\modifyPE.exe
[2006/01/12 20:33:47 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2006/01/12 20:33:47 | 000,000,609 | ---- | C] () -- C:\WINDOWS\System32\OEMinfo.ini
[2006/01/12 20:30:44 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\cmdow.exe
[2006/01/12 20:23:56 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/01/12 20:15:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/01/12 20:15:31 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\cabarc.exe
[2006/01/12 20:14:52 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003/01/07 10:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2011/11/22 21:08:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/01/30 17:11:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2011/11/22 19:00:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
[2012/01/30 17:12:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Origin
[2011/12/17 06:15:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/27 07:30:00 | 000,000,992 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1482476501-2147137731-1003Core.job
[2012/02/27 16:30:01 | 000,001,014 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1482476501-2147137731-1003UA.job
========== Purity Check ==========
< End of report >
--- --- --- |
