| |
| |||||||
Log-Analyse und Auswertung: PC gesperrt - Online Cyber PoliceWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
11.09.2012, 15:22
| #1 |
 |  PC gesperrt - Online Cyber Police Du hast den Punkt, weshalb ich das mit dem formatieren schrieb, gut getroffen. Ich hatte mir gestern noch einiges angesehen und dadurch festgestellt, das es viele User gibt, die weit schlimmer betroffen sind als ich und du hier viel Arbeit reinsteckst. Somit könntest du mich eher los sein und jemanden anders schneller helfen. Kommen wir aber mal wieder zu dem eigentlich Grund zurück. Ich habe deinen Ratschlag befolgt und das Tool ohne das Script gestartet. Dies hat nun ohne Fehler funktioniert. Frage zu diesen beiden Punkten: • Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast. poste beide logs Welchen Ordner meinst du? Ich habe nur die eine OTL.txt Datei. Hier der Text der otl.txt Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 9/11/2012 6:54:25 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 102.21 Gb Total Space | 20.91 Gb Free Space | 20.46% Space Free | Partition Type: NTFS
Drive D: | 121.36 Gb Total Space | 32.23 Gb Free Space | 26.56% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/07/03 10:41:12 | 000,168,864 | ---- | M] () [Auto] -- C:\Program Files\Common Files\WireHelpSvc.exe -- (WireHelpSvc)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/09/22 12:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/09/15 13:19:08 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/07 21:09:10 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/09/07 11:06:08 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/22 10:01:23 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/09 16:49:44 | 000,076,888 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/25 04:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012/07/25 04:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/06/28 23:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/06/28 11:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/06/15 22:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto] -- C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ccSvcHst.exe -- (N360)
SRV - [2012/06/05 09:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/17 05:08:58 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2012/05/17 04:30:21 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/05/17 04:30:03 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/01/18 00:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010/10/22 08:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/09/29 22:22:04 | 000,294,912 | ---- | M] (Creative Technology Ltd) [Auto] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2010/06/24 02:19:52 | 000,109,056 | R--- | M] () [Auto] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010/03/25 09:39:22 | 000,490,280 | ---- | M] (Nero AG) [Auto] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/05 05:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2010/01/12 19:24:20 | 000,217,088 | ---- | M] () [On_Demand] -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe -- (PS3 Media Server)
SRV - [2009/12/15 12:40:00 | 000,122,880 | ---- | M] (AMD) [Auto] -- C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe -- (AMD_RAIDXpert)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/07/05 22:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0603000.00E\SRTSPX64.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012/07/05 22:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\Windows\System32\Drivers\N360x64\0603000.00E\SRTSP64.SYS -- (SRTSP)
DRV:64bit: - [2012/07/03 10:41:04 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto] -- C:\Windows\System32\drivers\ESLWireACD.sys -- (ESLWireAC)
DRV:64bit: - [2012/06/25 14:56:29 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/06/07 00:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0603000.00E\ccSetx64.sys -- (ccSet_N360)
DRV:64bit: - [2012/05/21 21:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\Windows\System32\drivers\N360x64\0603000.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/05/21 09:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/08 12:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/12/06 05:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\DRHMSR64.sys -- (DRHMSR64)
DRV:64bit: - [2011/11/28 08:20:28 | 000,025,528 | ---- | M] (Turtle Entertainment GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ESLvnic.sys -- (ESLvnic1)
DRV:64bit: - [2011/11/16 15:38:00 | 000,405,624 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\N360x64\0603000.00E\SYMNETS.SYS -- (SymNetS)
DRV:64bit: - [2011/11/16 15:17:50 | 000,190,072 | R--- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\system32\drivers\N360x64\0603000.00E\Ironx64.SYS -- (SymIRON)
DRV:64bit: - [2011/11/03 12:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto] -- C:\Windows\System32\drivers\DRHARD64.sys -- (DRHARD64)
DRV:64bit: - [2011/09/02 17:29:54 | 000,019,936 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2011/09/02 17:29:52 | 000,013,280 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/08/15 18:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\Windows\System32\drivers\N360x64\0603000.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/29 08:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 08:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/06/10 01:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/11 16:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:64bit: - [2011/04/11 16:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:64bit: - [2010/11/25 02:49:02 | 001,678,936 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ha20x22k.sys -- (ha20x22k)
DRV:64bit: - [2010/11/25 02:48:49 | 001,629,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010/11/25 02:48:38 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010/11/25 02:48:27 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010/11/25 02:48:16 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010/11/25 02:48:05 | 000,179,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010/11/25 02:47:54 | 000,700,504 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010/11/25 02:47:43 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010/11/25 02:47:32 | 001,494,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTEXFIFX.SYS -- (CTEXFIFX.SYS)
DRV:64bit: - [2010/11/25 02:47:32 | 001,494,104 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010/11/25 02:46:42 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTHWIUT.SYS -- (CTHWIUT.SYS)
DRV:64bit: - [2010/11/25 02:46:42 | 000,095,320 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010/11/25 02:46:31 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CT20XUT.SYS -- (CT20XUT.SYS)
DRV:64bit: - [2010/11/25 02:46:31 | 000,230,488 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/01 04:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/04/27 04:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/04/27 04:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.2)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.2)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtVlan60.sys -- (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2)
DRV:64bit: - [2009/11/23 21:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 21:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/09/15 13:17:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/09/15 13:17:48 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/07/16 04:52:46 | 006,379,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam Pro 9000(UVC)
DRV:64bit: - [2009/07/16 04:51:14 | 000,327,320 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/07/15 23:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/04/29 11:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2012/09/10 02:00:49 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120909.008\ex64.sys -- (NAVEX15)
DRV - [2012/09/10 02:00:49 | 000,125,600 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20120909.008\eng64.sys -- (NAVENG)
DRV - [2012/08/31 20:27:23 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120907.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/08/31 18:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120905.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/08/09 06:01:51 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/09 05:01:37 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/12/06 05:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\DRHMSR64.sys -- (DRHMSR64)
DRV - [2011/11/03 12:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\DRHARD64.sys -- (DRHARD64)
DRV - [2011/07/29 08:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 08:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\stormy_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Upgrade to Google Chrome
IE - HKU\stormy_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\stormy_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\stormy_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Upgrade to Google Chrome
IE - HKU\stormy_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Upgrade to Google Chrome
IE - HKU\stormy_ON_C\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
IE - HKU\stormy_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_265.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Arbeitsprogramme\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/10 05:31:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/26 17:42:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012/06/25 14:56:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012/09/10 18:00:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/07 11:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/09/07 11:06:07 | 000,000,000 | ---D | M]
[2012/09/07 11:06:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/07 11:06:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/09/07 11:06:08 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/04 19:48:06 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/30 10:18:30 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/04 19:48:06 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/04 19:48:06 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/04 19:48:06 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/04 19:48:06 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.3.0.14\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [QFan Help] C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Six Engine] C:\Program Files (x86)\ASUS\EPU\EPU.exe (
ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\stormy_ON_C..\Run: [aryvxrsdvjpryez] C:\ProgramData\aryvxrsd.exe ()
O4 - HKU\stormy_ON_C..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKU\stormy_ON_C..\Run: [Steam] D:\Spiele\steam.exe (Valve Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [mctadmin] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - stormy_ON_C\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15:64bit: - stormy_ON_C\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15:64bit: - stormy_ON_C\..Trusted Domains: soe.com ([]* in Trusted sites)
O15:64bit: - stormy_ON_C\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/09/10 18:33:41 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/09/10 10:40:12 | 000,000,000 | ---D | C] -- C:\ProgramData\jcmvfwixvewglas
[2012/09/07 11:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/01 22:01:50 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/09/01 22:01:50 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/09/01 22:01:50 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/01 22:01:47 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/01 22:01:47 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/01 22:01:47 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge-64.dll
[2012/09/01 22:01:45 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/08/26 04:26:59 | 000,000,000 | ---D | C] -- C:\Users\stormy\Desktop\Handyfotos Nathy
[2012/08/26 04:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2012/08/26 04:20:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2012/08/22 22:43:09 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/08/22 22:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/08/22 22:42:53 | 006,193,000 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012/08/22 22:42:53 | 003,266,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc64.dll
[2012/08/22 22:42:53 | 002,557,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2012/08/22 22:42:53 | 000,118,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012/08/22 22:42:53 | 000,063,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012/08/22 22:42:45 | 000,060,776 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012/08/22 22:42:45 | 000,052,584 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/08/22 22:42:42 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/08/22 22:42:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/08/22 22:42:20 | 001,472,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco64.dll
[2012/08/22 22:42:20 | 001,468,264 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco6420103.dll
[2012/08/22 22:42:20 | 000,188,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda64v.sys
[2012/08/22 22:42:20 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap64.dll
[2012/08/22 03:52:19 | 000,000,000 | ---D | C] -- C:\Users\stormy\Desktop\whats app
[2012/08/22 03:39:44 | 000,000,000 | ---D | C] -- C:\Users\stormy\AppData\Local\fontconfig
[2012/08/22 03:39:20 | 000,000,000 | ---D | C] -- C:\Users\stormy\AppData\Local\gegl-0.2
[2012/08/22 03:36:35 | 000,227,720 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/08/22 03:36:35 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/08/22 03:36:35 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/08/22 03:36:28 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/08/22 03:35:01 | 000,000,000 | ---D | C] -- C:\Users\stormy\AppData\Local\Secunia PSI
[2012/08/22 03:34:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/08/21 10:19:57 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmled.dll
[2012/08/21 10:19:57 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/21 10:19:56 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/08/21 10:19:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/08/21 10:19:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/21 10:19:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/21 10:19:56 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/08/21 10:19:56 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/21 10:19:55 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/08/21 10:19:55 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9.dll
[2012/08/21 10:19:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/08/21 10:19:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/21 10:19:55 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/21 10:19:54 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/08/21 10:19:11 | 000,000,000 | ---D | C] -- C:\Users\stormy\AppData\Roaming\YaTQA
[2012/08/21 10:19:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YaTQA
[2012/08/21 10:08:46 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32spl.dll
[2012/08/21 10:08:46 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012/08/21 10:08:45 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\localspl.dll
[2012/08/21 10:08:45 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/21 10:08:45 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
[2012/08/21 10:08:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/21 10:08:45 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012/08/21 10:08:45 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/05/17 04:34:05 | 000,014,336 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2012/05/17 04:34:05 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2012/01/06 23:27:24 | 013,844,000 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/09/10 18:00:14 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/10 18:00:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/10 18:00:04 | 2146,832,383 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/10 12:58:07 | 000,654,006 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/09/10 12:58:07 | 000,615,888 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/10 12:58:07 | 000,129,878 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/09/10 12:58:07 | 000,106,268 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/10 11:10:27 | 000,062,848 | ---- | M] () -- C:\Windows\System32\BMXStateBkp-{00000005-00000000-00000000-00001102-0000000B-00621102}.rfx
[2012/09/10 11:10:27 | 000,062,848 | ---- | M] () -- C:\Windows\System32\BMXState-{00000005-00000000-00000000-00001102-0000000B-00621102}.rfx
[2012/09/10 11:10:27 | 000,000,900 | ---- | M] () -- C:\Windows\System32\DVCState-{00000005-00000000-00000000-00001102-0000000B-00621102}.rfx
[2012/09/10 11:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/10 10:54:29 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 10:54:29 | 000,017,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 10:40:12 | 000,000,051 | ---- | M] () -- C:\ProgramData\imoqwjgatndpebe
[2012/09/10 10:39:49 | 000,054,272 | ---- | M] () -- C:\ProgramData\aryvxrsd.exe
[2012/09/10 10:31:16 | 000,000,440 | ---- | M] () -- C:\Users\stormy\Desktop\fun cup ofm.rtf
[2012/09/10 10:15:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/09 12:08:33 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/09 12:08:33 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/09/09 11:30:49 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/08 10:45:14 | 000,154,911 | ---- | M] () -- C:\Users\stormy\Desktop\bezahlung_rapid.jpg
[2012/09/08 10:28:23 | 000,000,946 | ---- | M] () -- C:\Users\stormy\Desktop\kündigung vodafone.rtf
[2012/09/08 10:12:56 | 000,001,188 | ---- | M] () -- C:\Users\stormy\Desktop\Kündigung Unity Hardware.rtf
[2012/09/08 10:05:18 | 000,002,450 | ---- | M] () -- C:\Users\stormy\Desktop\Rückerstattung Unity.rtf
[2012/09/08 09:30:51 | 000,001,296 | ---- | M] () -- C:\Users\stormy\Desktop\Kündigung ergo.rtf
[2012/09/01 22:02:27 | 000,002,441 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/01 22:01:45 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012/09/01 22:01:45 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012/09/01 22:01:45 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012/09/01 22:01:45 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012/09/01 22:01:45 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012/09/01 22:01:45 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge-64.dll
[2012/08/30 20:55:02 | 000,001,069 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firstload.lnk
[2012/08/29 13:16:53 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/08/27 02:28:14 | 001,778,956 | ---- | M] () -- C:\Windows\System32\drivers\N360x64\0603000.00E\Cat.DB
[2012/08/22 10:01:23 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/22 10:01:23 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 03:36:41 | 000,000,892 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/08/22 03:34:19 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/08/22 03:34:19 | 000,001,073 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/08/22 03:34:19 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/08/21 15:57:34 | 000,001,710 | ---- | M] () -- C:\Users\stormy\Desktop\zugang vserver_ts.rtf
[2012/08/21 15:14:04 | 004,858,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/21 15:14:02 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012/08/21 10:19:07 | 000,000,979 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
[2012/08/21 10:10:39 | 000,008,942 | ---- | M] () -- C:\Windows\System32\drivers\N360x64\0603000.00E\VT20120731.038
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/10 10:40:12 | 000,054,272 | ---- | C] () -- C:\ProgramData\aryvxrsd.exe
[2012/09/10 10:40:07 | 000,000,051 | ---- | C] () -- C:\ProgramData\imoqwjgatndpebe
[2012/09/10 10:31:04 | 000,000,440 | ---- | C] () -- C:\Users\stormy\Desktop\fun cup ofm.rtf
[2012/09/08 10:45:14 | 000,154,911 | ---- | C] () -- C:\Users\stormy\Desktop\bezahlung_rapid.jpg
[2012/09/08 10:25:33 | 000,000,946 | ---- | C] () -- C:\Users\stormy\Desktop\kündigung vodafone.rtf
[2012/09/08 09:52:54 | 000,002,450 | ---- | C] () -- C:\Users\stormy\Desktop\Rückerstattung Unity.rtf
[2012/09/08 09:14:46 | 000,001,188 | ---- | C] () -- C:\Users\stormy\Desktop\Kündigung Unity Hardware.rtf
[2012/09/08 09:02:19 | 000,001,296 | ---- | C] () -- C:\Users\stormy\Desktop\Kündigung ergo.rtf
[2012/08/22 22:42:53 | 002,667,062 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012/08/22 03:36:41 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/08/22 03:34:19 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/08/22 03:34:19 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/08/21 15:57:16 | 000,001,710 | ---- | C] () -- C:\Users\stormy\Desktop\zugang vserver_ts.rtf
[2012/08/21 10:19:07 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YaTQA.lnk
[2012/06/28 11:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/05/21 12:24:03 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp
[2012/05/17 04:34:51 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012/05/17 04:34:51 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012/05/17 04:34:05 | 000,388,163 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2012/05/17 04:34:05 | 000,052,464 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2012/05/17 04:34:05 | 000,015,165 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2012/05/17 04:34:05 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2012/05/17 04:34:05 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2012/05/17 04:34:05 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2012/05/17 04:34:05 | 000,000,235 | ---- | C] () -- C:\ProgramData\UDATHXD.ini
[2012/05/17 04:34:05 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2012/05/17 04:33:21 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2012/05/05 17:03:27 | 000,014,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\DRHMSR64.sys
[2012/05/02 22:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012/02/14 18:59:02 | 000,000,359 | ---- | C] () -- C:\Windows\CoDUO.INI
[2012/02/14 18:47:20 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2012/02/14 18:41:36 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/02/14 18:41:34 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/02/14 18:41:33 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012/01/29 20:46:30 | 000,000,000 | ---- | C] () -- C:\Users\stormy\AppData\Local\{4EBFCEC9-96EA-417C-931A-248EB464301D}
[2012/01/26 19:43:37 | 000,000,000 | ---- | C] () -- C:\Users\stormy\AppData\Local\{FD7C34B4-6840-4EF4-9526-91843B62286C}
[2012/01/18 00:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012/01/18 00:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012/01/18 00:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2012/01/10 05:26:10 | 000,241,149 | ---- | C] () -- C:\Windows\hpwins28.dat
[2012/01/07 13:08:19 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2012/01/07 11:25:33 | 002,469,760 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012/01/07 11:25:33 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012/01/07 11:25:33 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012/01/07 11:25:33 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012/01/07 11:25:33 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012/01/06 20:18:54 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2012/01/06 19:30:38 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2012/01/06 19:30:38 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2012/01/06 19:30:36 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2012/01/06 19:30:36 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2012/01/06 19:29:56 | 000,044,571 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2012/01/06 19:24:07 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2012/01/06 19:24:00 | 000,033,683 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009/12/15 12:41:00 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonClient.exe
[2009/12/15 12:40:00 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\WinMsgBalloonServer.exe
[2009/08/18 03:18:40 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/05 22:48:34 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/02 08:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2009/02/18 23:35:10 | 000,049,152 | R--- | C] () -- C:\Windows\DAOD.exe
========== LOP Check ==========
[2012/08/08 08:59:08 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Amazon
[2012/01/07 11:19:19 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Babylon
[2012/01/13 05:59:59 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/01/06 19:31:20 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\DeviceVm
[2012/08/30 09:54:19 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\FileZilla
[2012/09/08 20:49:40 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Firstload
[2012/08/29 13:17:47 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\HLSW
[2012/06/16 04:54:51 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\ICQ
[2012/01/06 20:47:34 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Leadertech
[2012/06/19 13:31:28 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Need for Speed World
[2012/01/12 16:49:48 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Notepad++
[2012/01/06 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\OpenCandy
[2012/01/12 16:43:40 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\OpenOffice.org
[2012/08/08 20:35:51 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Origin
[2012/01/24 10:11:02 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\pokerth
[2012/01/16 03:47:31 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/01/09 21:29:01 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\Trillian
[2012/08/29 13:21:39 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\TS3Client
[2012/06/11 07:47:04 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\ts3overlay
[2012/03/09 22:23:48 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\wargaming.net
[2012/08/21 10:20:27 | 000,000,000 | ---D | M] -- C:\Users\stormy\AppData\Roaming\YaTQA
[2012/01/06 19:17:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/12 05:51:50 | 000,000,000 | ---D | M] -- C:\ProgramData\ASUS OC Profiles
[2012/03/19 10:56:17 | 000,000,000 | ---D | M] -- C:\ProgramData\AVAST Software
[2012/01/07 11:19:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2012/01/06 19:31:20 | 000,000,000 | ---D | M] -- C:\ProgramData\DeviceVm
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2012/01/06 19:17:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2012/01/06 19:32:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Downloaded Installations
[2012/04/06 18:41:44 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2012/04/06 20:11:02 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2012/06/19 11:23:17 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2012/01/07 12:03:35 | 000,000,000 | ---D | M] -- C:\ProgramData\ESL Wire
[2012/01/07 09:29:36 | 000,000,000 | ---D | M] -- C:\ProgramData\explauncher
[2012/01/06 19:17:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/09/10 10:40:12 | 000,000,000 | ---D | M] -- C:\ProgramData\jcmvfwixvewglas
[2012/01/07 09:29:35 | 000,000,000 | ---D | M] -- C:\ProgramData\launcher
[2012/01/12 05:04:32 | 000,000,000 | ---D | M] -- C:\ProgramData\LightScribe
[2012/01/07 09:29:53 | 000,000,000 | ---D | M] -- C:\ProgramData\mergeparts
[2012/08/09 04:50:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2012/01/07 09:30:17 | 000,000,000 | ---D | M] -- C:\ProgramData\redistpart
[2012/01/13 07:56:30 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2012/01/06 19:17:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/05/15 09:54:32 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2012/01/06 20:05:03 | 000,000,000 | ---D | M] -- C:\ProgramData\Uniblue
[2012/01/06 19:17:59 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/08/27 07:52:30 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
| Themen zu PC gesperrt - Online Cyber Police |
| arten, automatische, automatischen, automatischen informationskontrolle, bildschirm, computer, cyber, daten, direkt, erhalte, firefox, forum, funktionier, gesperrt, google, hochgefahren, meldung, online, plagegeister aller art und deren bekämpfung, police, rechner, schlau, sekunden, starte, starten, system, versucht |
Hybrid-Darstellung
