| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Was machen gegen Trojan Generic ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.09.2010, 18:22
| #1 |
 |  Was machen gegen Trojan Generic ? Hallo Seid wenigen Tagen werde ich Scheinbar von Trjoanern Überfallen System ist win7 64bit Ultimate Zuerst hatte ich Avira Dann AVG Jetzt Avast Leider scheint keiner von diesen Scannern wirklich etwas zu bringen. Vielleicht auch Fehlalarm ? Bis jetzt sagte jeder Scanner das gleiche jedoch konnte keiner den Fehler beheben. Was sagt ihr dazu ? Habe jetzt auch einen Log von MalewareBytes hochgeladen Nachtrag Nachdem ich MalewareBytes und TFC ausgeführt habe , "scheint" das system Wieder Clean zu sein Das Bestätigt MalewareBytes und Avast Free Könnte es aber dennoch sein das sich irgendwo etwas versteckt hält ? |
|
12.09.2010, 20:43
| #2 |
  | Was machen gegen Trojan Generic ? Hi,
__________________64-Bit Systeme sind nicht einfach, da darunter fast keine Tools laufen... Wir können versuchen mit OLT der Sache etwas auf den Grund gehen zu können... OTL Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
Cureit: http://www.trojaner-board.de/59299-a...eb-cureit.html Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log. Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn. Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet. chris
__________________ |
|
12.09.2010, 21:09
| #3 |
| | Was machen gegen Trojan Generic ? Hier die OTL
__________________Code:
ATTFilter OTL logfile created on: 12.09.2010 21:59:07 - Run 1 OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\Bady\Desktop\MFTools 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free 16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 488,18 Gb Total Space | 319,06 Gb Free Space | 65,36% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BADY-PC Current User Name: Bady Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe () PRC - C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (ROCCAT) ========== Modules (SafeList) ========== MOD - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation) DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation) DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation) DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B FB B0 F5 5F 47 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: externalip@erik.morlin:0.9.9.6 FF - prefs.js..extensions.enabledItems: foxyproxy-basic@eric.h.jung:1.8 FF - prefs.js..extensions.enabledItems: googlesharing@extension.thoughtcrime.org:0.19 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.34 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.09 01:44:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.09 01:44:30 | 000,000,000 | ---D | M] [2010.08.29 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Extensions [2010.09.11 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions [2010.09.05 18:22:04 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2010.08.30 20:08:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.09.01 06:17:36 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.09.11 16:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\externalip@erik.morlin [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\foxyproxy-basic@eric.h.jung [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\chrome [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\components [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\defaults [2010.09.05 18:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.09.05 18:04:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.09.11 18:04:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell - "" = AutoRun O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.09.12 19:38:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Malwarebytes [2010.09.12 19:38:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.09.12 19:38:37 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.09.12 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\MFTools [2010.09.12 18:52:23 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2010.09.12 18:52:23 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2010.09.12 18:52:22 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2010.09.12 18:52:22 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2010.09.12 18:52:21 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2010.09.12 18:52:16 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2010.09.12 18:52:15 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010.09.12 02:13:55 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Egosoft [2010.09.12 00:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.09.12 00:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2010.09.11 23:34:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.09.11 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group [2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.09.11 16:23:42 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\QuickScan [2010.09.11 05:46:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.09.11 05:46:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.09.11 05:45:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.09.11 05:44:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.09.11 05:44:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.09.11 05:44:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.09.11 05:44:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.09.11 05:44:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.09.11 05:44:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.09.11 05:43:21 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.09.11 05:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.09.11 05:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.09.11 05:42:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010.09.11 05:42:08 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.09.11 05:42:08 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.09.11 05:42:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.09.11 05:42:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.09.11 05:41:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010.09.11 05:41:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll [2010.09.11 05:40:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2010.09.11 05:40:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010.09.11 05:40:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2010.09.11 05:40:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010.09.11 05:40:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2010.09.11 05:40:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2010.09.11 05:40:13 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2010.09.11 05:40:13 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2010.09.11 05:39:59 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.09.11 05:39:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.09.11 05:39:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2010.09.11 05:39:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2010.09.11 05:39:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.09.11 05:39:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2010.09.11 05:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EGOSOFT [2010.09.09 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\gtk-2.0 [2010.09.05 18:26:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Vuze Downloads [2010.09.05 18:24:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Vuze Downloads [2010.09.05 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Azureus [2010.09.05 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze [2010.09.05 18:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote [2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.09.05 18:04:24 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.09.05 18:04:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.09.05 18:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.09.05 04:39:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Cross Fire [2010.09.05 04:39:47 | 000,000,000 | ---D | C] -- C:\CFLog [2010.09.05 04:36:24 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\PunkBuster [2010.09.04 02:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune [2010.09.03 17:51:11 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\2K Games [2010.09.03 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\ElevatedDiagnostics [2010.09.03 17:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2010.09.03 01:26:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\NVIDIA [2010.09.03 01:25:09 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\BioWare [2010.09.02 18:45:55 | 003,583,592 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2010.09.02 18:44:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2010.09.02 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2010.09.02 18:03:57 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe [2010.09.02 18:03:57 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe [2010.09.02 18:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR [2010.09.02 17:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ijji [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\StarCraft II [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010.09.01 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\vlc [2010.09.01 00:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2010.09.01 00:11:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\LogMeIn Hamachi [2010.09.01 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XfireXO [2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2010.08.31 23:02:15 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Xfire [2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire [2010.08.31 23:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games [2010.08.31 21:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010.08.31 21:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010.08.31 21:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr [2010.08.31 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield [2010.08.31 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Diagnostics [2010.08.30 00:40:18 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2010.08.30 00:40:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2010.08.30 00:40:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010.08.30 00:40:18 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010.08.30 00:40:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2010.08.30 00:40:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2010.08.30 00:40:18 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010.08.30 00:40:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010.08.30 00:40:17 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2010.08.30 00:40:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2010.08.30 00:40:17 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2010.08.30 00:40:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2010.08.30 00:40:17 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2010.08.30 00:40:17 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2010.08.30 00:40:17 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2010.08.30 00:40:17 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2010.08.29 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\DivX [2010.08.29 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.08.29 22:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.08.29 22:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010.08.29 22:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010.08.29 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.08.29 21:36:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.08.29 19:00:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2010.08.29 19:00:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2010.08.29 19:00:29 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.08.29 19:00:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.08.29 19:00:29 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2010.08.29 19:00:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2010.08.29 19:00:29 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.08.29 19:00:29 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2010.08.29 19:00:29 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.08.29 19:00:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.08.29 19:00:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.08.29 19:00:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.08.29 19:00:28 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2010.08.29 19:00:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2010.08.29 19:00:28 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2010.08.29 19:00:28 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.08.29 19:00:28 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2010.08.29 19:00:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2010.08.29 19:00:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2010.08.29 19:00:28 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2010.08.29 19:00:28 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2010.08.29 19:00:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2010.08.29 19:00:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.08.29 19:00:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.08.29 19:00:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.08.29 19:00:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.08.29 19:00:27 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.08.29 19:00:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.08.29 19:00:27 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.08.29 19:00:27 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.08.29 19:00:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.08.29 19:00:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.08.29 19:00:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.08.29 19:00:27 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.08.29 19:00:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.08.29 19:00:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.08.29 19:00:27 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.08.29 19:00:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.08.29 19:00:26 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.08.29 19:00:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.08.29 19:00:26 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.08.29 19:00:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.08.29 19:00:26 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.08.29 19:00:26 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.08.29 19:00:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.08.29 19:00:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.08.29 19:00:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.08.29 19:00:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.08.29 19:00:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.08.29 19:00:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.08.29 19:00:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.08.29 19:00:26 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.08.29 19:00:26 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.08.29 19:00:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.08.29 19:00:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.08.29 19:00:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.08.29 19:00:26 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.08.29 19:00:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.08.29 19:00:25 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.08.29 19:00:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.08.29 19:00:25 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.08.29 19:00:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.08.29 19:00:25 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.08.29 19:00:25 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.08.29 19:00:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.08.29 19:00:25 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.08.29 19:00:25 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.08.29 19:00:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.08.29 19:00:25 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.08.29 19:00:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.08.29 19:00:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2010.08.29 19:00:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.08.29 19:00:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.08.29 19:00:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2010.08.29 19:00:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2010.08.29 19:00:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.08.29 19:00:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.08.29 19:00:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2010.08.29 19:00:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.08.29 19:00:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2010.08.29 19:00:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.08.29 19:00:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2010.08.29 19:00:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2010.08.29 19:00:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2010.08.29 19:00:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010.08.29 19:00:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2010.08.29 19:00:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010.08.29 19:00:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2010.08.29 19:00:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2010.08.29 19:00:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010.08.29 19:00:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2010.08.29 19:00:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010.08.29 19:00:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2010.08.29 19:00:22 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2010.08.29 19:00:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2010.08.29 19:00:22 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2010.08.29 19:00:22 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010.08.29 19:00:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2010.08.29 19:00:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2010.08.29 19:00:21 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2010.08.29 19:00:21 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2010.08.29 19:00:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2010.08.29 19:00:21 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010.08.29 19:00:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2010.08.29 19:00:21 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010.08.29 19:00:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2010.08.29 19:00:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010.08.29 19:00:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2010.08.29 19:00:20 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010.08.29 19:00:20 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010.08.29 19:00:20 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010.08.29 19:00:20 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010.08.29 19:00:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010.08.29 19:00:20 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010.08.29 19:00:20 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010.08.29 19:00:20 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010.08.29 19:00:19 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010.08.29 19:00:19 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010.08.29 19:00:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010.08.29 19:00:19 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010.08.29 19:00:19 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010.08.29 19:00:18 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010.08.29 19:00:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010.08.29 19:00:17 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010.08.29 19:00:17 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010.08.29 19:00:17 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010.08.29 19:00:17 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010.08.29 19:00:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010.08.29 19:00:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010.08.29 19:00:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010.08.29 19:00:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010.08.29 19:00:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2010.08.29 19:00:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010.08.29 19:00:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010.08.29 19:00:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010.08.29 19:00:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010.08.29 18:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision [2010.08.29 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\My Games [2010.08.29 18:35:31 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield Installation Information [2010.08.29 18:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3 (LG) [2010.08.29 18:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010.08.29 18:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010.08.29 18:33:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010.08.29 18:33:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010.08.29 18:33:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2010.08.29 18:33:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2010.08.29 18:33:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010.08.29 18:33:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010.08.29 18:33:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010.08.29 18:33:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010.08.29 18:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010.08.29 18:33:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2010.08.29 18:33:30 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010.08.29 18:33:30 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010.08.29 18:33:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010.08.29 18:33:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010.08.29 18:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2 [2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2010.08.29 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\Games [2010.08.29 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.08.29 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2010.08.29 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\ROCCAT [2010.08.29 15:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ROCCAT [2010.08.29 15:13:25 | 000,015,488 | ---- | C] (ROCCAT Ltd) -- C:\Windows\SysNative\drivers\Kone.sys [2010.08.29 15:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ROCCAT [2010.08.29 15:13:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\WinRAR [2010.08.29 15:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010.08.29 15:11:56 | 000,215,040 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.08.29 15:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010.08.29 15:11:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2010.08.29 14:54:53 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll [2010.08.29 14:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA [2010.08.29 14:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2010.08.29 14:53:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2010.08.29 14:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2010.08.29 14:47:42 | 000,000,000 | ---D | C] -- C:\Intel [2010.08.29 14:39:27 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\.purple [2010.08.29 14:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin [2010.08.29 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Mozilla [2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Mozilla [2010.08.29 12:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010.08.29 12:03:06 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll [2010.08.29 12:03:06 | 000,131,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2010.08.29 12:03:06 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2010.08.29 12:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.08.29 12:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2010.08.29 12:02:20 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.08.29 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.08.29 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010.08.29 12:01:59 | 007,002,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2010.08.29 12:01:59 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010.08.29 12:01:59 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe [2010.08.29 12:01:59 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2010.08.29 12:01:59 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.08.29 12:01:59 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010.08.29 12:01:57 | 019,114,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2010.08.29 12:01:57 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010.08.29 12:01:57 | 000,382,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2010.08.29 12:01:57 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010.08.29 12:01:55 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2010.08.29 12:01:55 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2010.08.29 12:01:55 | 003,089,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2010.08.29 12:01:55 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010.08.29 12:01:55 | 002,761,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2010.08.29 12:01:55 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010.08.29 12:01:54 | 014,513,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2010.08.29 12:01:54 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010.08.29 12:01:54 | 006,116,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2010.08.29 12:01:54 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010.08.29 12:01:54 | 002,037,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2010.08.29 12:01:54 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1922.dll [2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2010.08.29 12:01:50 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010.08.29 11:55:39 | 000,744,072 | ---- | C] (www.ext2fsd.com) -- C:\Windows\SysNative\drivers\ext2fsd.sys [2010.08.29 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ext2Fsd [2010.08.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Macromedia [2010.08.29 11:55:00 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Adobe [2010.08.29 11:54:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010.08.29 11:46:10 | 000,000,000 | R--D | C] -- C:\Users\Bady\Searches [2010.08.29 11:46:10 | 000,000,000 | -H-D | C] -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010.08.29 11:46:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Identities [2010.08.29 11:46:00 | 000,000,000 | R--D | C] -- C:\Users\Bady\Contacts [2010.08.29 11:45:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\VirtualStore [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Temporary Internet Files [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Templates [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Start Menu [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\SendTo [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Recent [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\PrintHood [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\NetHood [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Videos [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Pictures [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Music [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\My Documents [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Local Settings [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\History [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Cookies [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Application Data [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Application Data [2010.08.29 11:45:50 | 000,000,000 | --SD | C] -- C:\Users\Bady\AppData\Roaming\Microsoft [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Videos [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Saved Games [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Pictures [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Music [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Links [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Favorites [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Downloads [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\My Documents [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Desktop [2010.08.29 11:45:50 | 000,000,000 | -H-D | C] -- C:\Users\Bady\AppData [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Temp [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Microsoft [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Media Center Programs [2010.08.29 11:43:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.08.29 11:42:26 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.08.29 11:37:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.08.29 11:37:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2010.09.12 22:00:20 | 001,310,720 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT [2010.09.12 19:57:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.09.12 19:57:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.09.12 19:56:43 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.09.12 19:56:43 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.09.12 19:56:43 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.09.12 19:52:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.09.12 19:51:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.09.12 19:51:49 | 2140,422,143 | -HS- | M] () -- C:\hiberfil.sys [2010.09.12 19:50:36 | 003,178,685 | -H-- | M] () -- C:\Users\Bady\AppData\Local\IconCache.db [2010.09.12 19:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010.09.12 03:03:02 | 000,001,179 | ---- | M] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk [2010.09.11 23:34:17 | 2225,810,849 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At7.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At6.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At5.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At4.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At3.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At2.job [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At1.job [2010.09.11 05:53:03 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.09.11 05:37:35 | 000,041,648 | ---- | M] () -- C:\Windows\unins000.dat [2010.09.11 05:35:20 | 000,686,425 | ---- | M] () -- C:\Windows\unins000.exe [2010.09.09 20:24:25 | 000,007,185 | ---- | M] () -- C:\Users\Bady\PIC6DF4.tmp.jpg [2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.09.05 18:04:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.09.05 15:59:55 | 000,076,993 | ---- | M] () -- C:\Windows\SysWow64\wbers.dat.dmp [2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.05 04:35:19 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.05 04:35:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.04 02:49:36 | 000,000,930 | ---- | M] () -- C:\Users\Bady\Desktop\HD Tune.lnk [2010.09.03 17:33:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010.09.03 00:32:36 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\A.V.A.lnk [2010.09.02 18:22:06 | 000,000,000 | ---- | M] () -- C:\Windows\TMonitor64.INI [2010.09.02 18:04:57 | 000,001,933 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.09.01 18:22:15 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.09.01 00:11:40 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.08.31 23:22:29 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\America's Army 3.url [2010.08.31 23:02:15 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.08.31 23:01:53 | 000,001,140 | ---- | M] () -- C:\Users\Bady\Desktop\CrossFire.lnk [2010.08.31 21:51:18 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Dark Sector.lnk [2010.08.31 21:47:34 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.08.29 22:21:44 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url [2010.08.29 19:00:09 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.08.29 18:35:26 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.08.29 18:19:01 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk [2010.08.29 15:54:42 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.29 15:20:42 | 000,000,017 | ---- | M] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg [2010.08.29 14:55:32 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2010.08.29 14:46:40 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.08.29 14:46:39 | 000,215,040 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.08.29 14:39:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk [2010.08.29 12:33:34 | 000,001,967 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.08.29 12:33:34 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.08.29 11:52:53 | 000,001,441 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:51:08 | 000,065,536 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.08.29 11:49:43 | 000,057,560 | ---- | M] () -- C:\Users\Bady\AppData\Local\GDIPFONTCACHEV1.DAT [2010.08.29 11:45:51 | 000,000,020 | -HS- | M] () -- C:\Users\Bady\ntuser.ini [2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2010.09.12 18:52:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2010.09.12 03:03:02 | 000,001,179 | ---- | C] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk [2010.09.11 23:34:17 | 2225,810,849 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.09.11 18:04:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2010.09.11 05:35:26 | 000,686,425 | ---- | C] () -- C:\Windows\unins000.exe [2010.09.11 05:35:26 | 000,041,648 | ---- | C] () -- C:\Windows\unins000.dat [2010.09.09 20:24:25 | 000,007,185 | ---- | C] () -- C:\Users\Bady\PIC6DF4.tmp.jpg [2010.09.06 21:33:40 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At7.job [2010.09.06 21:26:57 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At6.job [2010.09.06 21:26:22 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At5.job [2010.09.06 21:23:52 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At4.job [2010.09.06 21:23:14 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At3.job [2010.09.06 21:22:25 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At2.job [2010.09.06 21:22:04 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At1.job [2010.09.06 21:20:25 | 000,020,102 | ---- | C] () -- C:\Program Files (x86)\Readme.txt [2010.09.06 21:20:25 | 000,010,960 | ---- | C] () -- C:\Program Files (x86)\EULA.txt [2010.09.06 21:20:25 | 000,000,361 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG [2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2010.09.05 15:59:55 | 000,076,993 | ---- | C] () -- C:\Windows\SysWow64\wbers.dat.dmp [2010.09.05 04:36:59 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.09.05 04:35:20 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.05 04:35:19 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.05 04:35:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.04 02:49:36 | 000,000,930 | ---- | C] () -- C:\Users\Bady\Desktop\HD Tune.lnk [2010.09.03 17:33:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010.09.02 18:44:53 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2010.09.02 18:44:39 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\A.V.A.lnk [2010.09.02 18:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI [2010.09.02 18:04:57 | 000,001,933 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.09.01 18:06:57 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.09.01 00:11:40 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.08.31 23:22:29 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\America's Army 3.url [2010.08.31 23:02:15 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.08.31 23:01:53 | 000,001,140 | ---- | C] () -- C:\Users\Bady\Desktop\CrossFire.lnk [2010.08.31 21:51:18 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Dark Sector.lnk [2010.08.31 21:47:34 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.08.29 22:21:44 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url [2010.08.29 19:00:09 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.08.29 18:35:26 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.08.29 18:19:01 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk [2010.08.29 15:52:28 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.29 15:20:42 | 000,000,017 | ---- | C] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg [2010.08.29 15:11:56 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.08.29 14:47:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.08.29 14:39:22 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk [2010.08.29 12:33:34 | 000,001,967 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.08.29 12:33:34 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.08.29 12:01:59 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2010.08.29 11:52:53 | 000,001,441 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.08.29 11:45:51 | 000,000,020 | -HS- | C] () -- C:\Users\Bady\ntuser.ini [2010.08.29 11:45:50 | 001,310,720 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT [2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:45:50 | 000,262,144 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG1 [2010.08.29 11:45:50 | 000,065,536 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.08.29 11:45:50 | 000,000,290 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010.08.29 11:45:50 | 000,000,272 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010.08.29 11:45:50 | 000,000,000 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG2 [2010.08.29 11:37:21 | 2140,422,143 | -HS- | C] () -- C:\hiberfil.sys [2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll Geändert von Bady (12.09.2010 um 21:19 Uhr) |
|
12.09.2010, 21:11
| #4 |
| | Was machen gegen Trojan Generic ? Und hier die Extras (hätte sie gerne zusammen eingefügt , aber da hat das Board rumgemault) OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.09.2010 21:59:07 - Run 1
OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\Bady\Desktop\MFTools
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 319,06 Gb Free Space | 65,36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BADY-PC
Current User Name: Bady
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"\" = C:\Windows\system\dwm.exe:*:Enabled:KL -- File not found
"\" = C:\Windows\system\dwm.exe:*:Enabled:KL -- File not found
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"Ext2Fsd_is1" = Ext2Fsd 0.48
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67666EBD-2283-4102-B79D-613C5536E554}" = Dark Sector
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Activision
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cross Fire_is1" = Cross Fire En
"DivX Setup.divx.com" = DivX-Setup
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Singularity(TM) 1.1 Patch
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"Security Task Manager" = Security Task Manager 1.7h
"StarCraft II" = StarCraft II
"Steam App 13140" = America's Army 3
"Steam App 22690" = Worms Reloaded Demo
"Steam App 33310" = R.U.S.E. Demo
"Steam App 50280" = Mafia II - Demo
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"X3-ReunionDemo49_is1" = X3 Reunion Spielbare DEMO v2.5
"X3TerranConflict_is1" = X3 Terran Conflict v2.7.1
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.09.2010 17:18:41 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
code: 0xc0000005 Fault offset: 0x000169f6 Faulting process id: 0x1dbc Faulting application
start time: 0x01cb51f6e035e369 Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
module path: C:\Windows\TEMP\Sw4.exe Report Id: 25f4cd83-bdea-11df-832c-002618fb9f64
Error - 11.09.2010 17:18:55 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_WPDBusEnum, version: 6.1.7600.16385,
time stamp: 0x4a5bc3c1 Faulting module name: wpdbusenum.dll_unloaded, version: 0.0.0.0,
time stamp: 0x4a5be12f Exception code: 0xc0000005 Fault offset: 0x000007fef4d73887
Faulting
process id: 0x538 Faulting application start time: 0x01cb51d1c090bbba Faulting application
path: C:\Windows\System32\svchost.exe Faulting module path: wpdbusenum.dll Report
Id: 2e8f61e4-bdea-11df-832c-002618fb9f64
Error - 11.09.2010 17:19:02 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
code: 0xc0000005 Fault offset: 0x000169f6 Faulting process id: 0x1310 Faulting application
start time: 0x01cb51f6edefbb0c Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
module path: C:\Windows\TEMP\Sw4.exe Report Id: 329ae72d-bdea-11df-832c-002618fb9f64
Error - 11.09.2010 17:19:25 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
code: 0xc0000005 Fault offset: 0x000169f6 Faulting process id: 0x1490 Faulting application
start time: 0x01cb51f6fba7bde9 Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
module path: C:\Windows\TEMP\Sw4.exe Report Id: 4053382b-bdea-11df-832c-002618fb9f64
Error - 11.09.2010 17:19:48 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
code: 0xc0000005 Fault offset: 0x000169f6 Faulting process id: 0x1168 Faulting application
start time: 0x01cb51f70960f94a Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
module path: C:\Windows\TEMP\Sw4.exe Report Id: 4e1489fa-bdea-11df-832c-002618fb9f64
Error - 11.09.2010 19:34:59 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw6.exe, version: 1.2.7.0, time stamp:
0x4c84e1b5 Faulting module name: Sw6.exe, version: 1.2.7.0, time stamp: 0x4c84e1b5
Exception
code: 0xc0000005 Fault offset: 0x0000f0a6 Faulting process id: 0x1a68 Faulting application
start time: 0x01cb5209f1682520 Faulting application path: C:\Windows\TEMP\Sw6.exe
Faulting
module path: C:\Windows\TEMP\Sw6.exe Report Id: 306e3a38-bdfd-11df-ae74-002618fb9f64
Error - 11.09.2010 21:39:21 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw6.exe, version: 1.2.7.0, time stamp:
0x4c84e1b5 Faulting module name: Sw6.exe, version: 1.2.7.0, time stamp: 0x4c84e1b5
Exception
code: 0xc0000005 Fault offset: 0x0000f0a6 Faulting process id: 0x10ac Faulting application
start time: 0x01cb521b51792070 Faulting application path: C:\Windows\TEMP\Sw6.exe
Faulting
module path: C:\Windows\TEMP\Sw6.exe Report Id: 9057844c-be0e-11df-ae74-002618fb9f64
Error - 11.09.2010 23:04:23 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16385,
time stamp: 0x4a5bc9bb Faulting module name: DUI70.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdf25 Exception code: 0xc0000005 Fault offset: 0x0000000000003945
Faulting
process id: 0x5c0 Faulting application start time: 0x01cb52271388a863 Faulting application
path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\system32\DUI70.dll
Report
Id: 7134319c-be1a-11df-a39a-002618fb9f64
Error - 12.09.2010 12:24:42 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
code: 0xc0000005 Fault offset: 0x000169f6 Faulting process id: 0x1a64 Faulting application
start time: 0x01cb5296f8dda7ff Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
module path: C:\Windows\TEMP\Sw4.exe Report Id: 3eb04173-be8a-11df-906f-002618fb9f64
Error - 12.09.2010 12:43:05 | Computer Name = Bady-PC | Source = MsiInstaller | ID = 10005
Description =
[ System Events ]
Error - 12.09.2010 12:12:01 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:02 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:02 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:07 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:16 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
Error - 12.09.2010 12:12:16 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
is 10.
< End of report >
|
|
13.09.2010, 07:06
| #5 |
| | Was machen gegen Trojan Generic ? Hi, poste noch wie angegeben den Report von Cureit... Fix für OTL:
 Code:
ATTFilter
:OTL
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At1.job
:reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0x00
:Commands
[emptytemp]
[Reboot]
chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
13.09.2010, 13:06
| #7 |
| | Was machen gegen Trojan Generic ? Hi, wenn möglich poste mit mal so einen Job aus dem Task-Folder von Windows (C:\Windows\tasks\At7.job), bevor Du die angegebenen Aktionen unternimmst... Fileuplod: File-Upload.net - Ihr kostenloser File Hoster!, hochladen und den Link (mit Löschlink) als "PrivateMail" an mich... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
13.09.2010, 18:04
| #8 |
| | Was machen gegen Trojan Generic ? Hast ne PN |
|
14.09.2010, 07:12
| #9 |
| | Was machen gegen Trojan Generic ? Hi, die Jobs mühen sich damit ab, Dir immer wieder über im Temp-Verzeichnis abgelegte Malware, neue aus dem Internet nachzuziehen... Prüfe auch ob sich weiter Jobs nach dem Muster AT*.job gebildet haben, die unbedingt ebenfalls löschen (Achtung: Hidden!) Unbedingt den OTL-Script laufen lassen und danach Cureit, die Logs posten... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
14.09.2010, 21:06
| #10 |
| | Was machen gegen Trojan Generic ? So habe OTL wie beschrieben laufen lassen Als Admin gestartet Codezeile eingefügt Alle Programme geschlossen Fix gedrückt Programm Rödelt Ein Pop Up taucht auf , das Windows nun neu gestartet wird. Nichts Passiert OTL zeigt nun Keine Rückmeldung Ich schließe also OTL nach längerer Wartezeit Der Pc Startet nun selber Neu. Ich starte Windows in den Abgesicherten Modus. Ich führe CureIT aus Cure IT sagt mir das keine Infektion vorliegt. Irgendwas stimmt da nicht ! |
|
15.09.2010, 07:28
| #11 |
| | Was machen gegen Trojan Generic ? Hi, erstelle noch mal ein OTL-Log und lasse auch MAM nochmal im Fullscan laufen... (Es ist sehr selten, dass sich OTL aufhängt...) chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
15.09.2010, 21:23
| #12 |
| | Was machen gegen Trojan Generic ? Also hier der OTL Log Code:
ATTFilter OTL logfile created on: 15.09.2010 21:54:21 - Run 2 OTL by OldTimer - Version 3.2.12.0 Folder = C:\Users\Bady\Desktop\MFTools 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 7,00 Gb Available Physical Memory | 83,00% Memory free 16,00 Gb Paging File | 15,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 488,18 Gb Total Space | 314,18 Gb Free Space | 64,36% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BADY-PC Current User Name: Bady Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Include 64bit Scans Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (ROCCAT) ========== Modules (SafeList) ========== MOD - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools) MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation) SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.) DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation) DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation) DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation) DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation) DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation) DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation) DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof () DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd) DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B FB B0 F5 5F 47 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2 FF - prefs.js..extensions.enabledItems: externalip@erik.morlin:0.9.9.6 FF - prefs.js..extensions.enabledItems: foxyproxy-basic@eric.h.jung:1.8.1 FF - prefs.js..extensions.enabledItems: googlesharing@extension.thoughtcrime.org:0.19 FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.38 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=" FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.09 01:44:30 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.09 01:44:30 | 000,000,000 | ---D | M] [2010.08.29 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Extensions [2010.09.15 00:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions [2010.09.05 18:22:04 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2010.08.30 20:08:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.09.01 06:17:36 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8} [2010.09.15 00:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\externalip@erik.morlin [2010.09.13 22:33:03 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\foxyproxy-basic@eric.h.jung [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\chrome [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\components [2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\defaults [2010.09.05 18:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions [2010.09.05 18:04:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml [2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2010.09.11 18:04:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA) O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O13 - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.09.14 18:29:35 | 000,000,000 | ---D | C] -- C:\Users\Bady\DoctorWeb [2010.09.14 17:39:58 | 000,000,000 | ---D | C] -- C:\_OTL [2010.09.14 17:39:34 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010.09.12 19:38:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Malwarebytes [2010.09.12 19:38:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys [2010.09.12 19:38:37 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.09.12 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\MFTools [2010.09.12 18:52:23 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2010.09.12 18:52:23 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2010.09.12 18:52:22 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2010.09.12 18:52:22 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2010.09.12 18:52:21 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2010.09.12 18:52:16 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2010.09.12 18:52:15 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010.09.12 02:13:55 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Egosoft [2010.09.12 00:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2010.09.12 00:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2010.09.11 23:34:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2010.09.11 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group [2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9 [2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG [2010.09.11 16:23:42 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\QuickScan [2010.09.11 05:46:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll [2010.09.11 05:46:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll [2010.09.11 05:45:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll [2010.09.11 05:44:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2010.09.11 05:44:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2010.09.11 05:44:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2010.09.11 05:44:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2010.09.11 05:44:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2010.09.11 05:44:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2010.09.11 05:43:21 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2010.09.11 05:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2010.09.11 05:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2010.09.11 05:42:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2010.09.11 05:42:08 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll [2010.09.11 05:42:08 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll [2010.09.11 05:42:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll [2010.09.11 05:42:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll [2010.09.11 05:41:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2010.09.11 05:41:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll [2010.09.11 05:40:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll [2010.09.11 05:40:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll [2010.09.11 05:40:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2010.09.11 05:40:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll [2010.09.11 05:40:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll [2010.09.11 05:40:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll [2010.09.11 05:40:13 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll [2010.09.11 05:40:13 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll [2010.09.11 05:39:59 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll [2010.09.11 05:39:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll [2010.09.11 05:39:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll [2010.09.11 05:39:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll [2010.09.11 05:39:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.09.11 05:39:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll [2010.09.11 05:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EGOSOFT [2010.09.09 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\gtk-2.0 [2010.09.05 18:26:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Vuze Downloads [2010.09.05 18:24:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Vuze Downloads [2010.09.05 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Azureus [2010.09.05 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze [2010.09.05 18:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote [2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2010.09.05 18:04:24 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.09.05 18:04:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.09.05 18:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2010.09.05 04:39:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Cross Fire [2010.09.05 04:39:47 | 000,000,000 | ---D | C] -- C:\CFLog [2010.09.05 04:36:24 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\PunkBuster [2010.09.04 02:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune [2010.09.03 17:51:11 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\2K Games [2010.09.03 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\ElevatedDiagnostics [2010.09.03 17:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories [2010.09.03 01:26:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\NVIDIA [2010.09.03 01:25:09 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\BioWare [2010.09.02 18:45:55 | 003,583,592 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des [2010.09.02 18:44:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys [2010.09.02 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2010.09.02 18:03:57 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe [2010.09.02 18:03:57 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe [2010.09.02 18:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR [2010.09.02 17:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ijji [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\StarCraft II [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment [2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment [2010.09.01 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\vlc [2010.09.01 00:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2010.09.01 00:11:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\LogMeIn Hamachi [2010.09.01 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XfireXO [2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit [2010.08.31 23:02:15 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Xfire [2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire [2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire [2010.08.31 23:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games [2010.08.31 21:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [2010.08.31 21:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2010.08.31 21:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr [2010.08.31 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield [2010.08.31 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Diagnostics [2010.08.30 00:40:18 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll [2010.08.30 00:40:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll [2010.08.30 00:40:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll [2010.08.30 00:40:18 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll [2010.08.30 00:40:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll [2010.08.30 00:40:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll [2010.08.30 00:40:18 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll [2010.08.30 00:40:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll [2010.08.30 00:40:17 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll [2010.08.30 00:40:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll [2010.08.30 00:40:17 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll [2010.08.30 00:40:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll [2010.08.30 00:40:17 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll [2010.08.30 00:40:17 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll [2010.08.30 00:40:17 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll [2010.08.30 00:40:17 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll [2010.08.29 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\DivX [2010.08.29 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine [2010.08.29 22:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2010.08.29 22:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared [2010.08.29 22:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2010.08.29 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2010.08.29 21:36:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.08.29 19:00:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll [2010.08.29 19:00:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll [2010.08.29 19:00:29 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll [2010.08.29 19:00:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll [2010.08.29 19:00:29 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll [2010.08.29 19:00:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll [2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll [2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll [2010.08.29 19:00:29 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll [2010.08.29 19:00:29 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll [2010.08.29 19:00:29 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll [2010.08.29 19:00:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll [2010.08.29 19:00:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll [2010.08.29 19:00:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll [2010.08.29 19:00:28 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll [2010.08.29 19:00:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll [2010.08.29 19:00:28 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll [2010.08.29 19:00:28 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll [2010.08.29 19:00:28 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll [2010.08.29 19:00:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll [2010.08.29 19:00:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll [2010.08.29 19:00:28 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll [2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll [2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll [2010.08.29 19:00:28 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll [2010.08.29 19:00:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll [2010.08.29 19:00:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll [2010.08.29 19:00:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll [2010.08.29 19:00:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll [2010.08.29 19:00:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll [2010.08.29 19:00:27 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll [2010.08.29 19:00:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll [2010.08.29 19:00:27 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll [2010.08.29 19:00:27 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll [2010.08.29 19:00:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll [2010.08.29 19:00:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll [2010.08.29 19:00:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll [2010.08.29 19:00:27 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll [2010.08.29 19:00:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll [2010.08.29 19:00:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll [2010.08.29 19:00:27 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll [2010.08.29 19:00:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll [2010.08.29 19:00:26 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll [2010.08.29 19:00:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll [2010.08.29 19:00:26 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll [2010.08.29 19:00:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll [2010.08.29 19:00:26 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll [2010.08.29 19:00:26 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll [2010.08.29 19:00:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll [2010.08.29 19:00:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll [2010.08.29 19:00:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll [2010.08.29 19:00:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll [2010.08.29 19:00:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll [2010.08.29 19:00:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll [2010.08.29 19:00:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll [2010.08.29 19:00:26 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll [2010.08.29 19:00:26 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll [2010.08.29 19:00:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll [2010.08.29 19:00:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll [2010.08.29 19:00:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll [2010.08.29 19:00:26 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll [2010.08.29 19:00:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll [2010.08.29 19:00:25 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll [2010.08.29 19:00:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll [2010.08.29 19:00:25 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll [2010.08.29 19:00:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll [2010.08.29 19:00:25 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll [2010.08.29 19:00:25 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll [2010.08.29 19:00:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll [2010.08.29 19:00:25 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll [2010.08.29 19:00:25 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll [2010.08.29 19:00:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll [2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll [2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll [2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll [2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll [2010.08.29 19:00:25 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll [2010.08.29 19:00:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll [2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll [2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll [2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll [2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll [2010.08.29 19:00:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll [2010.08.29 19:00:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll [2010.08.29 19:00:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll [2010.08.29 19:00:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll [2010.08.29 19:00:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll [2010.08.29 19:00:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll [2010.08.29 19:00:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll [2010.08.29 19:00:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll [2010.08.29 19:00:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll [2010.08.29 19:00:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll [2010.08.29 19:00:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll [2010.08.29 19:00:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll [2010.08.29 19:00:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll [2010.08.29 19:00:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll [2010.08.29 19:00:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll [2010.08.29 19:00:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll [2010.08.29 19:00:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll [2010.08.29 19:00:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll [2010.08.29 19:00:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll [2010.08.29 19:00:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll [2010.08.29 19:00:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll [2010.08.29 19:00:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll [2010.08.29 19:00:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll [2010.08.29 19:00:22 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll [2010.08.29 19:00:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll [2010.08.29 19:00:22 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll [2010.08.29 19:00:22 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll [2010.08.29 19:00:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll [2010.08.29 19:00:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll [2010.08.29 19:00:21 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll [2010.08.29 19:00:21 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll [2010.08.29 19:00:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll [2010.08.29 19:00:21 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll [2010.08.29 19:00:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll [2010.08.29 19:00:21 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll [2010.08.29 19:00:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll [2010.08.29 19:00:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll [2010.08.29 19:00:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll [2010.08.29 19:00:20 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll [2010.08.29 19:00:20 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll [2010.08.29 19:00:20 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll [2010.08.29 19:00:20 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll [2010.08.29 19:00:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll [2010.08.29 19:00:20 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll [2010.08.29 19:00:20 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll [2010.08.29 19:00:20 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll [2010.08.29 19:00:19 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll [2010.08.29 19:00:19 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll [2010.08.29 19:00:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll [2010.08.29 19:00:19 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll [2010.08.29 19:00:19 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll [2010.08.29 19:00:18 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll [2010.08.29 19:00:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll [2010.08.29 19:00:17 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll [2010.08.29 19:00:17 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll [2010.08.29 19:00:17 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll [2010.08.29 19:00:17 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll [2010.08.29 19:00:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll [2010.08.29 19:00:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll [2010.08.29 19:00:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll [2010.08.29 19:00:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll [2010.08.29 19:00:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll [2010.08.29 19:00:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll [2010.08.29 19:00:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll [2010.08.29 19:00:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll [2010.08.29 19:00:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll [2010.08.29 18:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision [2010.08.29 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\My Games [2010.08.29 18:35:31 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield Installation Information [2010.08.29 18:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3 (LG) [2010.08.29 18:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll [2010.08.29 18:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll [2010.08.29 18:33:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll [2010.08.29 18:33:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll [2010.08.29 18:33:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll [2010.08.29 18:33:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll [2010.08.29 18:33:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll [2010.08.29 18:33:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll [2010.08.29 18:33:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll [2010.08.29 18:33:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll [2010.08.29 18:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll [2010.08.29 18:33:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll [2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll [2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll [2010.08.29 18:33:30 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll [2010.08.29 18:33:30 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll [2010.08.29 18:33:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll [2010.08.29 18:33:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll [2010.08.29 18:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2 [2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare [2010.08.29 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\Games [2010.08.29 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam [2010.08.29 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam [2010.08.29 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\ROCCAT [2010.08.29 15:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ROCCAT [2010.08.29 15:13:25 | 000,015,488 | ---- | C] (ROCCAT Ltd) -- C:\Windows\SysNative\drivers\Kone.sys [2010.08.29 15:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ROCCAT [2010.08.29 15:13:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\WinRAR [2010.08.29 15:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010.08.29 15:11:56 | 000,215,040 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.08.29 15:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2010.08.29 15:11:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2010.08.29 14:54:53 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll [2010.08.29 14:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA [2010.08.29 14:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield [2010.08.29 14:53:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2010.08.29 14:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2010.08.29 14:47:42 | 000,000,000 | ---D | C] -- C:\Intel [2010.08.29 14:39:27 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\.purple [2010.08.29 14:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin [2010.08.29 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes [2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Mozilla [2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Mozilla [2010.08.29 12:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2010.08.29 12:03:06 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll [2010.08.29 12:03:06 | 000,131,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys [2010.08.29 12:03:06 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll [2010.08.29 12:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.08.29 12:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation [2010.08.29 12:02:20 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.08.29 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.08.29 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2010.08.29 12:01:59 | 007,002,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll [2010.08.29 12:01:59 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll [2010.08.29 12:01:59 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe [2010.08.29 12:01:59 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll [2010.08.29 12:01:59 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll [2010.08.29 12:01:59 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd [2010.08.29 12:01:57 | 019,114,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll [2010.08.29 12:01:57 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll [2010.08.29 12:01:57 | 000,382,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll [2010.08.29 12:01:57 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll [2010.08.29 12:01:55 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll [2010.08.29 12:01:55 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll [2010.08.29 12:01:55 | 003,089,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll [2010.08.29 12:01:55 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll [2010.08.29 12:01:55 | 002,761,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll [2010.08.29 12:01:55 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll [2010.08.29 12:01:54 | 014,513,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll [2010.08.29 12:01:54 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll [2010.08.29 12:01:54 | 006,116,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll [2010.08.29 12:01:54 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll [2010.08.29 12:01:54 | 002,037,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll [2010.08.29 12:01:54 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll [2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1922.dll [2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll [2010.08.29 12:01:50 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010.08.29 11:55:39 | 000,744,072 | ---- | C] (www.ext2fsd.com) -- C:\Windows\SysNative\drivers\ext2fsd.sys [2010.08.29 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ext2Fsd [2010.08.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Macromedia [2010.08.29 11:55:00 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Adobe [2010.08.29 11:54:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2010.08.29 11:46:10 | 000,000,000 | R--D | C] -- C:\Users\Bady\Searches [2010.08.29 11:46:10 | 000,000,000 | -H-D | C] -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010.08.29 11:46:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Identities [2010.08.29 11:46:00 | 000,000,000 | R--D | C] -- C:\Users\Bady\Contacts [2010.08.29 11:45:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\VirtualStore [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Temporary Internet Files [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Templates [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Start Menu [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\SendTo [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Recent [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\PrintHood [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\NetHood [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Videos [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Pictures [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Music [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\My Documents [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Local Settings [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\History [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Cookies [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Application Data [2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Application Data [2010.08.29 11:45:50 | 000,000,000 | --SD | C] -- C:\Users\Bady\AppData\Roaming\Microsoft [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Videos [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Saved Games [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Pictures [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Music [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Links [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Favorites [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Downloads [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\My Documents [2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Desktop [2010.08.29 11:45:50 | 000,000,000 | -H-D | C] -- C:\Users\Bady\AppData [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Temp [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Microsoft [2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Media Center Programs [2010.08.29 11:43:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.08.29 11:42:26 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.08.29 11:37:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.08.29 11:37:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2010.09.15 21:54:29 | 001,572,864 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT [2010.09.15 17:08:56 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.09.15 17:08:56 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.09.15 17:08:18 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2010.09.15 17:08:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2010.09.15 17:08:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2010.09.15 17:03:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2010.09.15 17:03:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.09.15 17:03:42 | 2140,422,143 | -HS- | M] () -- C:\hiberfil.sys [2010.09.15 01:52:58 | 001,449,351 | -H-- | M] () -- C:\Users\Bady\AppData\Local\IconCache.db [2010.09.13 18:59:42 | 000,000,432 | ---- | M] () -- C:\Users\Bady\Desktop\1234.zip [2010.09.12 19:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2010.09.12 03:03:02 | 000,001,179 | ---- | M] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk [2010.09.11 23:34:17 | 2225,810,849 | ---- | M] () -- C:\Windows\MEMORY.DMP [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Users\Bady\Desktop\At7.job [2010.09.11 05:53:03 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2010.09.11 05:37:35 | 000,041,648 | ---- | M] () -- C:\Windows\unins000.dat [2010.09.11 05:35:20 | 000,686,425 | ---- | M] () -- C:\Windows\unins000.exe [2010.09.09 20:24:25 | 000,007,185 | ---- | M] () -- C:\Users\Bady\PIC6DF4.tmp.jpg [2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk [2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll [2010.09.05 18:04:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe [2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe [2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe [2010.09.05 15:59:55 | 000,076,993 | ---- | M] () -- C:\Windows\SysWow64\wbers.dat.dmp [2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.05 04:35:19 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.05 04:35:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.04 02:49:36 | 000,000,930 | ---- | M] () -- C:\Users\Bady\Desktop\HD Tune.lnk [2010.09.03 17:33:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010.09.03 00:32:36 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\A.V.A.lnk [2010.09.02 18:22:06 | 000,000,000 | ---- | M] () -- C:\Windows\TMonitor64.INI [2010.09.02 18:04:57 | 000,001,933 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.09.01 18:22:15 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.09.01 00:11:40 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.08.31 23:22:29 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\America's Army 3.url [2010.08.31 23:02:15 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.08.31 23:01:53 | 000,001,140 | ---- | M] () -- C:\Users\Bady\Desktop\CrossFire.lnk [2010.08.31 21:51:18 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Dark Sector.lnk [2010.08.31 21:47:34 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.08.29 22:21:44 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url [2010.08.29 19:00:09 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.08.29 18:35:26 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.08.29 18:19:01 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk [2010.08.29 15:54:42 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.29 15:20:42 | 000,000,017 | ---- | M] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg [2010.08.29 14:55:32 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2010.08.29 14:46:40 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.08.29 14:46:39 | 000,215,040 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys [2010.08.29 14:39:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk [2010.08.29 12:33:34 | 000,001,967 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.08.29 12:33:34 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.08.29 11:52:53 | 000,001,441 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:51:08 | 000,065,536 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.08.29 11:49:43 | 000,057,560 | ---- | M] () -- C:\Users\Bady\AppData\Local\GDIPFONTCACHEV1.DAT [2010.08.29 11:45:51 | 000,000,020 | -HS- | M] () -- C:\Users\Bady\ntuser.ini [2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf ========== Files Created - No Company Name ========== [2010.09.13 18:59:42 | 000,000,432 | ---- | C] () -- C:\Users\Bady\Desktop\1234.zip [2010.09.13 18:58:57 | 000,000,378 | ---- | C] () -- C:\Users\Bady\Desktop\At7.job [2010.09.12 18:52:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2010.09.12 03:03:02 | 000,001,179 | ---- | C] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk [2010.09.11 23:34:17 | 2225,810,849 | ---- | C] () -- C:\Windows\MEMORY.DMP [2010.09.11 18:04:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2010.09.11 05:35:26 | 000,686,425 | ---- | C] () -- C:\Windows\unins000.exe [2010.09.11 05:35:26 | 000,041,648 | ---- | C] () -- C:\Windows\unins000.dat [2010.09.09 20:24:25 | 000,007,185 | ---- | C] () -- C:\Users\Bady\PIC6DF4.tmp.jpg [2010.09.06 21:20:25 | 000,020,102 | ---- | C] () -- C:\Program Files (x86)\Readme.txt [2010.09.06 21:20:25 | 000,010,960 | ---- | C] () -- C:\Program Files (x86)\EULA.txt [2010.09.06 21:20:25 | 000,000,361 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG [2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk [2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk [2010.09.05 15:59:55 | 000,076,993 | ---- | C] () -- C:\Windows\SysWow64\wbers.dat.dmp [2010.09.05 04:36:59 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr [2010.09.05 04:35:20 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2010.09.05 04:35:19 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2010.09.05 04:35:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2010.09.04 02:49:36 | 000,000,930 | ---- | C] () -- C:\Users\Bady\Desktop\HD Tune.lnk [2010.09.03 17:33:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf [2010.09.02 18:44:53 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd [2010.09.02 18:44:39 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\A.V.A.lnk [2010.09.02 18:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI [2010.09.02 18:04:57 | 000,001,933 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.09.01 18:06:57 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk [2010.09.01 00:11:40 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk [2010.08.31 23:22:29 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\America's Army 3.url [2010.08.31 23:02:15 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk [2010.08.31 23:01:53 | 000,001,140 | ---- | C] () -- C:\Users\Bady\Desktop\CrossFire.lnk [2010.08.31 21:51:18 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Dark Sector.lnk [2010.08.31 21:47:34 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.08.29 22:21:44 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url [2010.08.29 19:00:09 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk [2010.08.29 18:35:26 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk [2010.08.29 18:19:01 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk [2010.08.29 15:52:28 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.08.29 15:20:42 | 000,000,017 | ---- | C] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg [2010.08.29 15:11:56 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll [2010.08.29 14:47:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2010.08.29 14:39:22 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk [2010.08.29 12:33:34 | 000,001,967 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.08.29 12:33:34 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.08.29 12:01:59 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb [2010.08.29 11:52:53 | 000,001,441 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.08.29 11:45:51 | 000,000,020 | -HS- | C] () -- C:\Users\Bady\ntuser.ini [2010.08.29 11:45:50 | 001,572,864 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT [2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms [2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms [2010.08.29 11:45:50 | 000,262,144 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG1 [2010.08.29 11:45:50 | 000,065,536 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf [2010.08.29 11:45:50 | 000,000,290 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010.08.29 11:45:50 | 000,000,272 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010.08.29 11:45:50 | 000,000,000 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG2 [2010.08.29 11:37:21 | 2140,422,143 | -HS- | C] () -- C:\hiberfil.sys [2010.06.30 16:01:38 | 000,749,568 | ---- | C] () -- C:\Windows\SysWow64\spk.dll [2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll < End of report > Muss ich Cure IT in irgendeiner Form aktualisieren ? Oder einfach so wie ich es Hier aus dem Board gezogen hab laufen lassen. Denn wenn ich bei CureIT aktualisieren drücke Passiert nichts. So hier der Log von MAM Code:
ATTFilter Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4601
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
15.09.2010 22:21:22
mbam-log-2010-09-15 (22-21-22).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Durchsuchte Objekte: 240404
Laufzeit: 23 Minute(n), 31 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
|
|
16.09.2010, 06:52
| #13 |
| | Was machen gegen Trojan Generic ? Hi, die Datei hier ist die Du mir geschickt hattest? C:\Users\Bady\Desktop\At7.job Den dann bitte auch löschen... Was ich nicht so recht zuordnen kann ist das hier: C:\Windows\SysWow64\spk.dll, daher: Bitte folgende Files prüfen: Dateien Online überprüfen lassen:
Code:
ATTFilter C:\Windows\SysWow64\spk.dll
chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
17.09.2010, 23:15
| #14 |
| | Was machen gegen Trojan Generic ? 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: spk.dll Submission date: 2010-09-17 22:12:22 (UTC) Current status: queued (#2) queued (#2) analysing finished Result: 0/ 43 (0.0%) VT Community not reviewed Safety score: - Compact Antivirus Version Last Update Result AhnLab-V3 2010.09.18.00 2010.09.17 - AntiVir 8.2.4.52 2010.09.17 - Antiy-AVL 2.0.3.7 2010.09.17 - Authentium 5.2.0.5 2010.09.17 - Avast 4.8.1351.0 2010.09.17 - Avast5 5.0.594.0 2010.09.17 - AVG 9.0.0.851 2010.09.17 - BitDefender 7.2 2010.09.17 - CAT-QuickHeal 11.00 2010.09.17 - ClamAV 0.96.2.0-git 2010.09.17 - Comodo 6114 2010.09.17 - DrWeb 5.0.2.03300 2010.09.17 - Emsisoft 5.0.0.37 2010.09.17 - eSafe 7.0.17.0 2010.09.17 - eTrust-Vet 36.1.7862 2010.09.17 - F-Prot 4.6.1.107 2010.09.17 - F-Secure 9.0.15370.0 2010.09.17 - Fortinet 4.1.143.0 2010.09.17 - GData 21 2010.09.17 - Ikarus T3.1.1.88.0 2010.09.17 - Jiangmin 13.0.900 2010.09.17 - K7AntiVirus 9.63.2542 2010.09.17 - Kaspersky 7.0.0.125 2010.09.17 - McAfee 5.400.0.1158 2010.09.17 - McAfee-GW-Edition 2010.1C 2010.09.17 - Microsoft 1.6201 2010.09.17 - NOD32 5458 2010.09.17 - Norman 6.06.06 2010.09.17 - nProtect 2010-09-17.01 2010.09.17 - Panda 10.0.2.7 2010.09.17 - PCTools 7.0.3.5 2010.09.17 - Prevx 3.0 2010.09.18 - Rising 22.65.04.01 2010.09.17 - Sophos 4.57.0 2010.09.17 - Sunbelt 6889 2010.09.17 - SUPERAntiSpyware 4.40.0.1006 2010.09.17 - Symantec 20101.1.1.7 2010.09.17 - TheHacker 6.7.0.0.022 2010.09.17 - TrendMicro 9.120.0.1004 2010.09.17 - TrendMicro-HouseCall 9.120.0.1004 2010.09.17 - VBA32 3.12.14.0 2010.09.17 - ViRobot 2010.8.25.4006 2010.09.17 - VirusBuster 12.65.12.0 2010.09.17 - Additional information Show all MD5 : 9ebcf99da826644557695a3484dda1d4 SHA1 : cf5c64160293403146ce4e9f25d47dcd6e011b4f SHA256: 9f7cec60946ca79d63dbc299b77c1785bebc60a4e45ed62623fadd9dc2c77cf0 |
|
18.09.2010, 19:23
| #15 |
| | Was machen gegen Trojan Generic ? Hi, sauber, was macht der Rechner? Lass uns mal nach TDSS schauen.... TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Nach dem Start erscheint ein Fenster, dort dann "Start Scan". Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten... Prevx: Das Tool neigt zu Fehlalarmen und kann in der freien Version auch nichts löschen, ist aber sonst recht gut... (und läuft auch 64Bit-Plattformen) Prevx 3.0 for Home and Family Falls das Tool was findet, nicht das Log posten sondern einen Screenshot des dann angezeigten Fensters... chris
__________________ Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden ) |
|
| Themen zu Was machen gegen Trojan Generic ? |
| 64bit, avg, avira, bringe, fehlalarm, fehler, generic, konnte, scan, scanner, schei, tagen, trjoaner, troja, trojan, trojan generic, ultima, wenige, wenigen, win, win7, win7 64bit, wirklich |
Linear-Darstellung
