| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google VirusWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.01.2011, 15:09
| #1 |
| |  Google Virus Ja Hallo, Ich habe folgendes Problem: wenn ich google gehe und nach etwas suche ist noch alles normal, ich bekomme meine ergebnisse und sobald ich auf etwas drauf drücke ladet mein PC ca. 15 sekunden, und dann komme ich auf irgendeine seite, und danach kommt: "Diese Website könnte ihren PC beschädigen!"..... aber wenn ich jetzt den link kopiere und oben in der adress-zeile eingebe komme ich dort hin ich denke das ist Adware aber meine ganzen Antiviren Programme finden nichts mehr Hier meine Programme: •Avast 0 Viren •Maleware´s AntiMaleware 1 Virus (den Virus werde ich nicht los(SearchSettings.exe)) •Advanced SystemCare Pro(ist so wieso mist also findet das eh nichts -,-) Bitte Um Hilfe Mfg Sebastian |
|
20.01.2011, 15:33
| #2 |
| /// Malware-holic   | Google Virus Systemscan mit OTL
__________________download otl: http://filepony.de/download-otl/ Doppelklick auf die OTL.exe (user von Windows 7 und Vista: Rechtsklick als Administrator ausführen) 1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output 2. Hake an "scan all users" 3. Unter "Extra Registry wähle: "Use Safelist" "LOP Check" "Purity Check" 4. Kopiere in die Textbox: netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT 5. Klicke "Scan" 6. 2 reporte werden erstellt: OTL.Txt Extras.Txt beide posten.
__________________ |
|
20.01.2011, 16:50
| #3 |
| | Google Virus ahhh das ist viel zu lang(der Text der Dateien) was soll ich da machen?
__________________Edit: Sorry hab was vergessen um zustellen |
|
20.01.2011, 17:02
| #4 |
| /// Malware-holic | Google Virus na wie wäre es mit aufteilen, oder als dateien anhängen?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
20.01.2011, 17:17
| #5 |
| | Google Virus Extras.Txt:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 20.01.2011 16:51:59 - Run 1
OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\andrea\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
768,00 Mb Total Physical Memory | 131,00 Mb Available Physical Memory | 17,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 40,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 216,33 Gb Free Space | 72,60% Space Free | Partition Type: NTFS
Computer Name: ANDREA-PC | User Name: andrea | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{035400A4-29BD-3723-BEED-E2718A68CDE0}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DDCEC37-369C-484B-B16D-B4413FD42FB9}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{0E2B767B-EA6A-489B-BF83-8083FE1DB661}" = Pcsx2 0.9.6
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1" = Manic Digger
"{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{37491A3D-B2A6-402D-898E-5C4EF3984C29}" = Adobe Flash Media Live Encoder 3.1
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3BB19A2B-B9C5-3872-8FDF-3047CC9F9841}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{4552377D-5CCC-4104-987E-1998AB20C21A}" = XSplit
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{78C3657E-742C-40B1-9F53-E5A921D40F17}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{7B8BA496-E201-4246-9A8B-687B49145F53}" = IObit Toolbar v4.1
"{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1" = Flyff
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB122CF9-6B45-4CE1-A337-A49F2C6E311F}" = N.E.O.Online
"{CC084EC0-5F74-4A17-8635-3ED61D501643}_is1" = Flyff
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D639D7B1-6A00-4B47-BB62-3A9AEB4B1928}" = KarosOnline_ijji
"{D6B15AE6-B052-363E-B6BB-C4714CBA6509}" = Microsoft Visual Studio 2010 Professional - ENU
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9D1A2FD-56B2-4F21-B959-745FE43CAB8C}" = Vegas Pro 9.0
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E5AE9031-79A5-4627-9641-BEFA82819B08}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
"Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AutoItv3" = AutoIt v3.3.6.1
"avast5" = avast! Free Antivirus
"CamStudio" = CamStudio
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Cheat Engine 5.6.1_is1" = Cheat Engine 5.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Cross Fire_is1" = Cross Fire En
"CyberGhost VPN_is1" = CyberGhost VPN
"Dyyno Broadcaster" = Dyyno Broadcaster
"Fraps" = Fraps (remove only)
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.31
"Free YouTube Uploader_is1" = Free YouTube Uploader version 3.3.10
"Game Booster_is1" = Game Booster
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"InstallShield_{064DC64E-7A2F-4FDF-B598-E3C0747BBB9C}" = Call of Duty(R) - World at War(TM) 1.6 Patch
"InstallShield_{149464D9-B06F-4505-9968-FD1206F67AD3}" = Call of Duty(R) - World at War(TM) 1.3 Patch
"InstallShield_{2BF0AE92-C3BC-4112-9066-1546342B1FAE}" = Call of Duty(R) - World at War(TM) 1.2 Patch
"InstallShield_{9F01A67B-7D67-482F-9D4F-D5980A440FD4}" = Call of Duty(R) - World at War(TM) 1.4 Patch
"InstallShield_{AFAE2B15-89A0-4215-A030-F7B5B478886B}" = Call of Duty(R) - World at War(TM) 1.1 Patch
"InstallShield_{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}" = Call of Duty(R) - World at War(TM) 1.5 Patch
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty(R) 2
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Professional - ENU" = Microsoft Visual Studio 2010 Professional - ENU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MTA:SA" = MTA:SA v1.0.4
"Neffy" = Neffy 1,3,29,0
"Picasa 3" = Picasa 3
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"Steam App 15130" = Beyond Good & Evil
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 2630" = Call of Duty 2
"Steam App 4850" = Cossacks: Back to War
"Steam App 630" = Alien Swarm
"Steam App 8850" = BioShock 2
"Synthesia" = Synthesia (remove only)
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"uTorrentBar_DE Toolbar" = uTorrentBar_DE Toolbar
"V.M.C." = V.M.C. 2.20
"VH Screen Capture Driver_is1" = VH Screen Capture Driver 1.5.0
"Virtual DJ Pro Full - Atomix Productions" = Virtual DJ Pro Full - Atomix Productions
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17.01.2011 14:30:17 | Computer Name = andrea-PC | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often
caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer Writer Instance ID: {b40797b9-d393-4174-ac49-9822706ab6ee}
Error - 17.01.2011 15:41:12 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4d27c1b0 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00074b0e Faulting process id: 0x1100 Faulting application
start time: 0x01cbb67e40432d59 Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: bcf0a039-2271-11e0-b48d-001921eb64f2
Error - 18.01.2011 07:08:05 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4d27c1b0 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x0007191b Faulting process id: 0x132c Faulting application
start time: 0x01cbb6f67421b030 Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: 38b45ac0-22f3-11e0-8367-001921eb64f2
Error - 18.01.2011 07:50:48 | Computer Name = andrea-PC | Source = VSS | ID = 8194
Description = Volume Shadow Copy Service error: Unexpected error querying for the
IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often
caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer Writer Instance ID: {d05c23db-0bcb-4f88-876d-bf5e42ffda45}
Error - 18.01.2011 12:25:31 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4d27c1b0 Faulting module name: chrome.dll, version: 8.0.552.237, time stamp: 0x4d27c173
Exception
code: 0x80000003 Fault offset: 0x000d069a Faulting process id: 0x8f8 Faulting application
start time: 0x01cbb72a0e47efc0 Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\8.0.552.237\chrome.dll
Report
Id: 90dade00-231f-11e0-8367-001921eb64f2
Error - 18.01.2011 16:19:58 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4d27c1b0 Faulting module name: chrome.dll, version: 8.0.552.237, time stamp: 0x4d27c173
Exception
code: 0xc0000005 Fault offset: 0x00016731 Faulting process id: 0x1a8 Faulting application
start time: 0x01cbb7455a5a4960 Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\8.0.552.237\chrome.dll
Report
Id: 51411630-2340-11e0-9946-001921eb64f2
Error - 18.01.2011 19:16:14 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.
Error - 18.01.2011 19:16:51 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\Z8Games\crossfire\Aegis64.exe".
Dependent
Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 18.01.2011 19:18:15 | Computer Name = andrea-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Microsoft
Visual Studio 10.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe". Dependent Assembly
Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 19.01.2011 09:49:16 | Computer Name = andrea-PC | Source = Application Error | ID = 1000
Description = Faulting application name: chrome.exe, version: 0.0.0.0, time stamp:
0x4d27c1b0 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00174b0e Faulting process id: 0x778 Faulting application
start time: 0x01cbb7d79164e7c0 Faulting application path: C:\Users\andrea\AppData\Local\Google\Chrome\Application\chrome.exe
Faulting
module path: unknown Report Id: e7c5320c-23d2-11e0-8800-001921eb64f2
[ System Events ]
Error - 18.01.2011 17:37:55 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 18.01.2011 17:38:00 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 18.01.2011 17:41:39 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%2
Error - 19.01.2011 08:37:03 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 19.01.2011 08:37:09 | Computer Name = andrea-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 13:35:05 on ?19.?01.?2011 was unexpected.
Error - 19.01.2011 08:37:06 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 19.01.2011 08:40:29 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%2
Error - 19.01.2011 10:08:31 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 19.01.2011 10:18:48 | Computer Name = andrea-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 19.01.2011 10:22:26 | Computer Name = andrea-PC | Source = Service Control Manager | ID = 7000
Description = The Google Update Service (gupdate) service failed to start due to
the following error: %%2
< End of report >
OLT.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 20.01.2011 16:51:59 - Run 1 OTL by OldTimer - Version 3.2.20.2 Folder = C:\Users\andrea\Downloads Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 768,00 Mb Total Physical Memory | 131,00 Mb Available Physical Memory | 17,00% Memory free 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 40,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 297,99 Gb Total Space | 216,33 Gb Free Space | 72,60% Space Free | Partition Type: NTFS Computer Name: ANDREA-PC | User Name: andrea | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\andrea\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files\Mozilla Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) PRC - C:\Program Files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe () PRC - C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe () PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Users\andrea\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Program Files\Alwil Software\Avast5\snxhk.dll (AVAST Software) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (gusvc) -- File not found SRV - (gupdate) Google Update Service (gupdate) -- File not found SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software) SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (GoogleDesktopManager-051210-111108) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) SRV - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dyyno Launcher) -- C:\Program Files\Dyyno\Dyyno Broadcaster\launcherd.exe () SRV - (aspnet_state) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (VCAM_WDM03) -- C:\Windows\System32\drivers\VCAM_WDM03.sys (e2eSoft) DRV - (VCAM_WDM02) -- C:\Windows\System32\drivers\VCAM_WDM02.sys (e2eSoft) DRV - (VCam_WDM01) -- C:\Windows\System32\drivers\VCam_WDM01.sys (e2eSoft) DRV - (VCam_WDM) -- C:\Windows\System32\drivers\VCam_WDM.sys (e2eSoft) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (xnacc) -- C:\Windows\System32\drivers\xnacc.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation) DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (tandpl) -- C:\Windows\System32\drivers\tandpl.sys () DRV - (enodpl) -- C:\Windows\System32\drivers\enodpl.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2851647 IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 50 19 3B 43 3D A4 CB 01 [binary data] IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) IE - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13" FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.2.5.2 FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.1 FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q=" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\1.bin FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.12.25 15:55:26 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.28 05:11:57 | 000,000,000 | ---D | M] [2010.12.25 15:22:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrea\AppData\Roaming\mozilla\Extensions [2011.01.20 16:33:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions [2011.01.16 11:59:39 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2010.12.25 17:24:02 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.25 16:59:46 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2011.01.16 11:59:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2011.01.16 13:00:26 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010.12.25 16:59:46 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\andrea\AppData\Roaming\mozilla\Firefox\Profiles\0dlze9cv.default\extensions\engine@conduit.com [2010.12.25 16:59:46 | 000,000,931 | ---- | M] () -- C:\Users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\0dlze9cv.default\searchplugins\conduit.xml [2010.12.28 05:12:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2010.12.28 05:12:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2010.12.25 20:32:21 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2010.12.25 20:32:22 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF [2010.12.28 05:11:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2010.07.28 01:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll [2010.12.03 19:14:08 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.12.03 19:14:08 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml [2010.12.03 19:14:08 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.12.03 19:14:08 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.12.03 19:14:08 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.01.04 19:08:26 | 000,000,857 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - File not found O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - File not found O2 - BHO: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - File not found O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (uTorrentBar_DE Toolbar) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O3 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - File not found O3 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files\uTorrentBar_DE\tbuTor.dll (Conduit Ltd.) O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google) O4 - HKLM..\Run: [Google Quick Search Box] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [Dyyno Launcher] C:\Program Files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe () O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe (Electronic Arts) O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2285187412-2589335758-901124341-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.186.211.21 195.34.133.21 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2011.01.20 16:23:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dyyno Broadcaster [2011.01.20 15:18:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit [2011.01.18 16:44:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011.01.18 12:48:10 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft [2011.01.17 23:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 3 [2011.01.17 23:16:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\IObit [2011.01.17 19:51:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PunkBuster [2011.01.17 19:50:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Activision [2011.01.17 15:15:28 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Malwarebytes [2011.01.17 15:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011.01.17 15:14:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2011.01.17 15:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011.01.17 15:14:22 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2011.01.17 15:14:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2011.01.16 10:48:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Cross Fire [2011.01.16 10:47:57 | 000,000,000 | ---D | C] -- C:\CFLog [2011.01.16 10:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games [2011.01.16 10:24:38 | 000,000,000 | ---D | C] -- C:\Program Files\Z8Games [2011.01.16 10:02:44 | 506,802,211 | ---- | C] (Z8Games.com ) -- C:\Users\andrea\Desktop\CrossFire_Setup_v1056_xfire.exe [2011.01.16 09:35:11 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2011.01.16 09:35:10 | 014,899,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2011.01.16 09:35:10 | 010,084,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2011.01.16 09:35:10 | 010,023,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2011.01.16 09:35:10 | 004,837,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2011.01.16 09:35:10 | 002,912,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2011.01.16 09:35:10 | 002,666,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2011.01.16 09:35:10 | 000,888,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco322050.dll [2011.01.16 09:35:10 | 000,813,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322030.dll [2011.01.16 09:35:09 | 013,019,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2011.01.16 09:35:09 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2011.01.15 18:14:14 | 000,795,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpinst.exe [2011.01.15 18:14:13 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1914.dll [2011.01.15 18:14:13 | 000,227,944 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2011.01.15 18:14:11 | 001,719,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2011.01.15 16:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2011.01.15 15:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [2011.01.14 22:49:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3 [2011.01.14 22:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\AutoIt3 [2011.01.14 13:04:35 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache [2011.01.14 13:04:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision [2011.01.14 13:02:08 | 000,000,000 | ---D | C] -- C:\Program Files\Activision [2011.01.14 12:16:21 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\COD2 [2011.01.13 21:35:11 | 000,000,000 | ---D | C] -- C:\PacSteamT [2011.01.13 21:09:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PacSteamT [2011.01.13 21:07:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Thraex Software [2011.01.13 19:59:24 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam [2011.01.13 19:04:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2011.01.13 19:04:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [2011.01.13 19:04:44 | 000,000,000 | ---D | C] -- C:\Program Files\Steam [2011.01.13 12:14:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\E0000FA15A9056FC [2011.01.13 12:14:58 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\E0000A365ABA5443 [2011.01.12 20:29:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2011.01.12 18:29:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\My Games [2011.01.12 00:43:13 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll [2011.01.12 00:43:04 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2011.01.12 00:43:03 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2011.01.12 00:43:01 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2011.01.12 00:43:00 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll [2011.01.12 00:43:00 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll [2011.01.12 00:43:00 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2011.01.12 00:42:58 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL [2011.01.12 00:42:58 | 000,283,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2011.01.12 00:42:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2011.01.12 00:42:56 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll [2011.01.12 00:42:56 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2011.01.12 00:42:55 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll [2011.01.12 00:42:55 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys [2011.01.12 00:42:55 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll [2011.01.12 00:42:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2011.01.11 13:43:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Synthesia [2011.01.11 13:43:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia [2011.01.11 13:43:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Synthesia Music [2011.01.11 13:42:41 | 000,000,000 | ---D | C] -- C:\Program Files\Synthesia [2011.01.10 20:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia [2011.01.10 20:48:03 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield [2011.01.10 13:39:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\ManicDiggerLogs [2011.01.10 13:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manic Digger [2011.01.10 13:38:39 | 000,000,000 | ---D | C] -- C:\Program Files\Manic Digger [2011.01.09 17:49:31 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\INVedit [2011.01.09 17:02:45 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Nes [2011.01.08 15:04:41 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\skypePM [2011.01.08 14:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2011.01.08 14:53:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2011.01.08 14:53:10 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2011.01.08 14:53:09 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Skype [2011.01.07 23:05:53 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Hive Cluster [2011.01.07 23:03:57 | 000,000,000 | ---D | C] -- C:\Program Files\Super Meat Boy [2011.01.07 23:01:39 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Meat Boy [2011.01.06 21:56:23 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis [2011.01.06 20:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.A.D [2011.01.06 20:01:11 | 000,025,216 | ---- | C] (The OpenVPN Project) -- C:\Windows\System32\drivers\tap0901.sys [2011.01.06 20:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D [2011.01.06 18:49:32 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\WB Games [2011.01.06 18:47:18 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\My ISO Files [2011.01.05 19:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\Gpotato [2011.01.05 19:41:58 | 926,086,584 | ---- | C] (Gala-Net ) -- C:\Users\andrea\Desktop\Flyff_US_20101130.exe [2011.01.05 19:41:41 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PMB Files [2011.01.05 19:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files [2011.01.05 19:41:18 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks [2011.01.05 17:59:18 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\MTA San Andreas [2011.01.05 17:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas [2011.01.05 17:58:11 | 000,000,000 | ---D | C] -- C:\Program Files\MTA San Andreas [2011.01.05 17:21:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Samp server [2011.01.04 22:33:21 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2011.01.04 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2011.01.04 20:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Memory Editor [2011.01.04 20:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\Quick Memory Editor [2011.01.04 19:09:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Adobe [2011.01.04 19:08:54 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet [2011.01.04 19:03:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared [2011.01.04 18:56:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Adobe CS4 [2011.01.04 15:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 5.6.1 [2011.01.04 15:56:57 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll [2011.01.04 15:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine [2011.01.03 21:48:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\GameTuts [2011.01.03 21:20:05 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\GameTuts [2011.01.03 21:19:29 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Modio [2011.01.02 17:37:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\.minecraft [2011.01.02 17:36:31 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Minecraft [2011.01.02 07:37:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2011.01.02 07:36:32 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll [2011.01.02 07:36:32 | 001,723,536 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll [2011.01.02 07:36:32 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2011.01.02 07:36:32 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll [2011.01.02 07:36:32 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll [2011.01.02 07:36:32 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2011.01.02 07:36:31 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll [2011.01.02 07:36:30 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll [2011.01.02 07:36:29 | 003,317,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2011.01.02 07:36:29 | 001,976,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2011.01.02 07:36:29 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2011.01.02 07:36:29 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll [2011.01.02 07:36:29 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll [2011.01.02 07:36:28 | 003,790,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2011.01.02 07:36:28 | 000,469,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2011.01.02 07:36:27 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll [2011.01.02 07:36:27 | 001,705,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll [2011.01.02 07:36:27 | 001,439,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll [2011.01.02 07:36:27 | 000,553,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2011.01.02 07:36:27 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2011.01.02 07:36:27 | 000,341,848 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll [2011.01.02 07:36:27 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2011.01.02 07:36:27 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2011.01.02 07:36:27 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll [2011.01.02 07:36:27 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll [2011.01.02 07:36:27 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll [2011.01.02 07:36:27 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2011.01.02 07:36:27 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll [2011.01.02 07:36:27 | 000,096,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll [2011.01.02 07:36:27 | 000,081,240 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll [2011.01.02 07:36:27 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2011.01.02 07:36:27 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2011.01.02 07:36:27 | 000,061,784 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll [2011.01.02 07:36:25 | 001,558,944 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll [2011.01.02 07:36:25 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll [2011.01.02 07:36:25 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll [2011.01.02 07:36:25 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll [2011.01.02 07:36:25 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll [2011.01.02 07:36:25 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll [2011.01.02 07:36:25 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll [2011.01.02 07:36:25 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll [2011.01.02 07:36:25 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll [2011.01.02 07:36:25 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll [2011.01.02 07:36:25 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll [2011.01.02 07:36:25 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll [2011.01.02 07:36:25 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll [2011.01.02 07:36:24 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2011.01.02 07:36:24 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2011.01.02 07:36:24 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek [2011.01.02 07:36:16 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2011.01.02 07:36:16 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2011.01.02 06:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs [2011.01.02 06:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\SplitMediaLabs [2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Voice Mail Compressor [2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voice Mail Compressor [2011.01.02 01:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Voice Mail Compressor [2011.01.02 01:41:24 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Dyyno [2011.01.02 01:35:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Dyyno [2011.01.02 01:35:47 | 000,000,000 | ---D | C] -- C:\Program Files\Dyyno [2011.01.02 00:35:37 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM03.sys [2011.01.02 00:35:37 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM.sys [2011.01.02 00:35:36 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM02.sys [2011.01.02 00:35:36 | 000,106,208 | ---- | C] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM01.sys [2011.01.02 00:04:53 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Soft32 Downloads [2011.01.01 23:56:49 | 000,000,000 | ---D | C] -- C:\Program Files\VHLabs [2011.01.01 23:56:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hmelyoff Labs [2011.01.01 23:52:42 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\GetRightToGo [2011.01.01 23:52:42 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Downloads [2011.01.01 23:35:10 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\ManyCam [2011.01.01 23:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\ManyCam [2011.01.01 06:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer [2011.01.01 06:08:15 | 000,098,304 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2011.01.01 06:01:27 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Moded und unmod GTASA [2011.01.01 05:40:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\GTA mods [2011.01.01 04:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player [2011.01.01 04:10:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ [2011.01.01 04:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualDJ [2010.12.31 03:20:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2010.12.31 03:20:28 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2010.12.30 07:19:15 | 000,000,000 | ---D | C] -- C:\Program Files\Risk [2010.12.29 07:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flyff [2010.12.29 07:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\gPotato.eu [2010.12.29 07:17:00 | 048,748,876 | ---- | C] (Gala Networks Europe Limited ) -- C:\Users\andrea\Flyff_Eu_DE_Setup_v16_Full.exe [2010.12.29 07:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\Neffy [2010.12.29 06:20:20 | 003,595,660 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des [2010.12.29 06:19:47 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys [2010.12.29 06:19:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared [2010.12.29 05:07:09 | 000,000,000 | ---D | C] -- C:\ijji [2010.12.29 02:10:03 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\Portal2 [2010.12.29 00:29:30 | 000,000,000 | ---D | C] -- C:\Program Files\Bing Bar Installer [2010.12.29 00:29:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.12.29 00:29:19 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.12.29 00:29:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.12.29 00:29:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.12.29 00:29:16 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.12.29 00:29:16 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.12.29 00:29:16 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.12.29 00:29:16 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.12.29 00:29:15 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.12.29 00:29:15 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.12.29 00:29:15 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.12.29 00:29:15 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.12.29 00:29:14 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010.12.29 00:29:14 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.12.29 00:29:14 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010.12.29 00:29:10 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010.12.29 00:29:09 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.12.29 00:29:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.12.29 00:29:09 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010.12.29 00:29:08 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010.12.29 00:29:08 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010.12.29 00:29:07 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010.12.29 00:29:07 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.12.29 00:29:06 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010.12.29 00:29:06 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010.12.29 00:29:06 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010.12.29 00:29:05 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.12.29 00:29:05 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.12.29 00:29:04 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.12.29 00:29:04 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010.12.29 00:29:04 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010.12.29 00:29:03 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010.12.29 00:29:03 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010.12.29 00:29:03 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010.12.29 00:29:03 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010.12.29 00:29:02 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010.12.29 00:29:02 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010.12.29 00:29:01 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010.12.29 00:29:01 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010.12.29 00:29:00 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010.12.29 00:29:00 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010.12.29 00:28:59 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010.12.29 00:28:59 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010.12.29 00:28:58 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010.12.29 00:28:58 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010.12.29 00:28:58 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010.12.29 00:28:57 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010.12.29 00:28:56 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010.12.29 00:28:56 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010.12.29 00:28:56 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010.12.29 00:28:56 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010.12.29 00:28:55 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010.12.29 00:28:54 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010.12.29 00:28:53 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010.12.29 00:28:53 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010.12.29 00:28:53 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010.12.29 00:28:52 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010.12.29 00:28:52 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010.12.29 00:28:52 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010.12.29 00:28:51 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010.12.29 00:28:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010.12.29 00:28:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010.12.29 00:28:50 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010.12.29 00:28:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010.12.29 00:28:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010.12.29 00:28:49 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010.12.29 00:28:49 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010.12.29 00:28:48 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010.12.29 00:28:48 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010.12.29 00:28:48 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010.12.29 00:28:47 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010.12.29 00:28:47 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010.12.29 00:28:46 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.12.29 00:28:46 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010.12.29 00:28:45 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.12.29 00:28:45 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010.12.29 00:28:45 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010.12.29 00:28:44 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010.12.29 00:28:44 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010.12.29 00:28:44 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010.12.29 00:28:43 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010.12.29 00:28:43 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010.12.29 00:28:40 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010.12.29 00:28:39 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010.12.29 00:28:39 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010.12.29 00:28:38 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010.12.29 00:28:38 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010.12.29 00:28:37 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010.12.29 00:28:33 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010.12.29 00:25:19 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\PCSX2 [2010.12.29 00:25:03 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\PCSX2 [2010.12.29 00:23:42 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp [2010.12.29 00:23:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx [2010.12.29 00:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\PCSX2 0.9.7 [2010.12.28 07:59:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\MeinSpore-Kreationen [2010.12.28 07:58:50 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\SPORE [2010.12.28 07:58:40 | 000,000,000 | RH-D | C] -- C:\Users\andrea\AppData\Roaming\SecuROM [2010.12.28 07:47:37 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010.12.28 07:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts [2010.12.28 07:46:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2010.12.28 07:45:29 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Downloaded Installations [2010.12.28 07:45:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2010.12.28 07:33:41 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2010.12.28 06:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe [2010.12.28 06:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe [2010.12.28 06:43:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.12.28 06:42:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR [2010.12.28 05:52:14 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III [2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Warcraft III [2010.12.28 05:36:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment [2010.12.28 05:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.12.28 05:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010.12.28 05:11:57 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.12.28 05:11:57 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.28 05:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.28 05:11:57 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.28 05:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2010.12.27 23:03:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Publish Providers [2010.12.27 22:59:26 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\WinRAR [2010.12.27 22:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [2010.12.27 22:59:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [2010.12.27 22:58:57 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR [2010.12.27 22:44:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Vegas Movie Studio HD Platinum 10.0 Projekte [2010.12.27 22:44:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Sony [2010.12.27 21:24:35 | 000,050,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll [2010.12.27 21:24:19 | 000,079,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll [2010.12.27 21:23:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RsFx [2010.12.27 21:20:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [2010.12.27 21:17:41 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server [2010.12.27 21:17:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework [2010.12.27 21:17:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework [2010.12.27 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services [2010.12.27 21:17:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition [2010.12.27 21:16:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PreEmptive Solutions [2010.12.27 21:14:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK [2010.12.27 21:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2010.12.27 21:12:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ASP.NET [2010.12.27 21:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\IIS [2010.12.27 21:11:19 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Visual Studio 2008 [2010.12.27 21:10:05 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Visual Studio 2010 [2010.12.27 21:05:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Designer [2010.12.27 21:04:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\1033 [2010.12.27 21:04:26 | 000,000,000 | ---D | C] -- C:\Windows\symbols [2010.12.27 21:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft F# [2010.12.27 21:04:03 | 000,000,000 | ---D | C] -- C:\Program Files\HTML Help Workshop [2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 [2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0 [2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs [2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer [2010.12.27 21:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Merge Modules [2010.12.27 21:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 9.0 [2010.12.27 20:58:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.12.27 19:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony [2010.12.27 19:25:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2010.12.27 19:24:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony [2010.12.27 19:19:16 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Sony [2010.12.27 15:34:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ijji [2010.12.27 15:34:01 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\System32\ijjiSetup.exe [2010.12.27 15:34:01 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\System32\ijjiProcessRestarter.exe [2010.12.27 15:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\REACTOR [2010.12.26 12:01:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010.12.26 11:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOMG [2010.12.26 11:20:43 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2010.12.26 00:12:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat [2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\Searches [2010.12.26 00:03:55 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2010.12.26 00:03:55 | 000,000,000 | -H-D | C] -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned [2010.12.26 00:03:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Identities [2010.12.26 00:03:45 | 000,000,000 | R--D | C] -- C:\Users\andrea\Contacts [2010.12.26 00:03:36 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\VirtualStore [2010.12.26 00:03:35 | 000,000,000 | --SD | C] -- C:\Users\andrea\AppData\Roaming\Microsoft [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Videos [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Saved Games [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Pictures [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Music [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Links [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Favorites [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Downloads [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Documents [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\Desktop [2010.12.26 00:03:35 | 000,000,000 | R--D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\Temporary Internet Files [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Templates [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Start Menu [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\SendTo [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Recent [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\PrintHood [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\NetHood [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Videos [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Pictures [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Documents\My Music [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\My Documents [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Local Settings [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\History [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Cookies [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\Application Data [2010.12.26 00:03:35 | 000,000,000 | -HSD | C] -- C:\Users\andrea\AppData\Local\Application Data [2010.12.26 00:03:35 | 000,000,000 | -H-D | C] -- C:\Users\andrea\AppData [2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Temp [2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Microsoft [2010.12.26 00:03:35 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Media Center Programs [2010.12.26 00:03:20 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.12.25 23:56:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.12.25 21:25:49 | 000,000,000 | ---D | C] -- C:\Users\andrea\Desktop\gerhard [2010.12.25 20:35:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.12.25 20:35:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.12.25 20:34:35 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar [2010.12.25 20:32:20 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2010.12.25 20:32:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster [2010.12.25 20:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2010.12.25 20:32:09 | 000,000,000 | ---D | C] -- C:\Program Files\IObit [2010.12.25 17:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio [2010.12.25 17:42:13 | 000,000,000 | ---D | C] -- C:\Program Files\CamStudio [2010.12.25 17:24:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers [2010.12.25 17:23:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\DVDVideoSoft [2010.12.25 17:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2010.12.25 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2010.12.25 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2010.12.25 17:17:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ [2010.12.25 17:17:01 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\VirtualDJ [2010.12.25 17:12:37 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps [2010.12.25 17:12:34 | 000,000,000 | ---D | C] -- C:\Fraps [2010.12.25 16:59:54 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit [2010.12.25 16:59:51 | 000,000,000 | ---D | C] -- C:\Program Files\ConduitEngine [2010.12.25 16:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrentBar_DE [2010.12.25 16:59:41 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent [2010.12.25 16:59:13 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\uTorrent [2010.12.25 15:37:55 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Adobe [2010.12.25 15:37:25 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.12.25 15:37:25 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.12.25 15:37:25 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.12.25 15:35:33 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2010.12.25 15:33:07 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010.12.25 15:33:06 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.12.25 15:33:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.12.25 15:32:54 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2010.12.25 15:32:51 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll [2010.12.25 15:32:51 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll [2010.12.25 15:32:51 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll [2010.12.25 15:32:51 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe [2010.12.25 15:32:40 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010.12.25 15:32:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010.12.25 15:32:40 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010.12.25 15:32:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.12.25 15:32:39 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.12.25 15:32:39 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.12.25 15:32:33 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.12.25 15:32:33 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.12.25 15:32:32 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.12.25 15:32:32 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.12.25 15:32:32 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.12.25 15:32:32 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.12.25 15:32:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.12.25 15:32:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.12.25 15:32:32 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.12.25 15:32:32 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.12.25 15:32:32 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.12.25 15:32:30 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.12.25 15:32:26 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.12.25 15:32:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.12.25 15:32:22 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.12.25 15:32:14 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll [2010.12.25 15:32:14 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe [2010.12.25 15:31:35 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.12.25 15:26:51 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Diagnostics [2010.12.25 15:21:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Mozilla [2010.12.25 15:21:47 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Mozilla [2010.12.25 15:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox [2010.12.25 15:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2010.12.25 15:20:19 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.12.25 15:18:28 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Google [2010.12.25 15:16:29 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2010.12.25 15:16:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2010.12.25 15:16:28 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2010.12.25 15:16:28 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2010.12.25 15:16:27 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2010.12.25 15:16:26 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2010.12.25 15:15:57 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2010.12.25 15:15:56 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2010.12.25 15:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software [2010.12.25 15:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software [2010.12.25 15:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.12.25 15:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2010.12.25 15:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2010.12.25 15:14:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.12.25 15:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2010.12.25 15:13:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2010.12.25 15:13:03 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.12.25 15:12:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Google [2010.12.25 15:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop [2010.12.25 15:12:54 | 000,000,000 | ---D | C] -- C:\Users\andrea\Documents\Eigene Google Gadgets [2010.12.25 15:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Updater [2010.12.25 15:12:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Google Updater [2010.12.25 15:12:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google [2010.12.25 15:06:59 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Macromedia [2010.12.25 15:06:58 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Roaming\Adobe [2010.12.25 15:06:17 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Google [2010.12.25 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Deployment [2010.12.25 15:06:02 | 000,000,000 | ---D | C] -- C:\Users\andrea\AppData\Local\Apps [2010.12.25 15:01:02 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.12.25 14:58:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.12.25 14:58:10 | 000,000,000 | -HSD | C] -- C:\System Volume Information [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.01.20 16:56:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2011.01.20 16:23:22 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.01.20 16:23:22 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.01.20 16:23:16 | 000,001,115 | ---- | M] () -- C:\Users\andrea\Desktop\Dyyno Broadcaster.lnk [2011.01.20 16:11:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job [2011.01.20 06:11:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job [2011.01.19 16:22:46 | 000,000,372 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job [2011.01.19 15:27:31 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.01.19 15:27:31 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.01.19 15:18:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.01.19 15:08:36 | 603,627,520 | -HS- | M] () -- C:\hiberfil.sys [2011.01.18 17:36:27 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2011.01.18 16:44:54 | 000,002,318 | ---- | M] () -- C:\Users\andrea\Desktop\Google Chrome.lnk [2011.01.18 12:48:19 | 000,001,197 | ---- | M] () -- C:\Users\andrea\Desktop\DVDVideoSoft Free Studio.lnk [2011.01.18 09:14:17 | 000,138,464 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.01.17 23:16:26 | 000,001,203 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk [2011.01.17 23:16:26 | 000,000,136 | ---- | M] () -- C:\Users\andrea\Desktop\IObit Freeware.url [2011.01.17 23:16:25 | 000,001,179 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk [2011.01.17 15:14:28 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.16 10:28:29 | 000,001,094 | ---- | M] () -- C:\Users\andrea\Desktop\CrossFire.lnk [2011.01.16 10:07:13 | 506,802,211 | ---- | M] (Z8Games.com ) -- C:\Users\andrea\Desktop\CrossFire_Setup_v1056_xfire.exe [2011.01.15 12:57:52 | 000,082,436 | ---- | M] () -- C:\Users\andrea\Documents\Minecraft intro(project).aep [2011.01.15 12:57:21 | 466,587,628 | ---- | M] () -- C:\Users\andrea\Documents\Minecraft intro.avi [2011.01.15 12:35:02 | 000,037,427 | ---- | M] () -- C:\Users\andrea\Desktop\minecraft.jpg [2011.01.14 23:52:42 | 000,000,326 | ---- | M] () -- C:\Users\andrea\SciTE.session [2011.01.14 23:52:30 | 000,317,553 | ---- | M] () -- C:\Users\andrea\Desktop\CSS Spray bot.exe [2011.01.14 23:52:28 | 000,001,112 | ---- | M] () -- C:\Users\andrea\Desktop\CSS Spray bot.au3 [2011.01.14 23:32:52 | 000,001,295 | ---- | M] () -- C:\Users\andrea\Desktop\FD - Shortcut.lnk [2011.01.14 13:04:30 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk [2011.01.14 13:04:30 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk [2011.01.14 13:04:28 | 000,000,287 | ---- | M] () -- C:\Windows\game.ini [2011.01.13 19:58:33 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2011.01.13 19:35:53 | 000,079,872 | ---- | M] () -- C:\Users\andrea\AppData\Roaming\chrtmp [2011.01.13 09:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2011.01.13 09:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys [2011.01.12 17:43:11 | 000,712,620 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.01.12 17:43:11 | 000,142,840 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.01.11 13:43:21 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Play Synthesia.lnk [2011.01.08 15:04:54 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2011.01.08 13:31:59 | 000,174,003 | ---- | M] () -- C:\Users\andrea\Documents\Intro.aep [2011.01.08 13:15:39 | 000,074,243 | ---- | M] () -- C:\Users\andrea\Desktop\189.jpg [2011.01.08 11:43:32 | 003,632,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.01.07 23:04:17 | 000,001,027 | ---- | M] () -- C:\Users\andrea\Desktop\Super Meat Boy.lnk [2011.01.06 21:56:32 | 000,000,552 | ---- | M] () -- C:\Windows\eReg.dat [2011.01.06 21:46:45 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml [2011.01.06 21:46:45 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml [2011.01.06 20:01:13 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2011.01.05 19:51:40 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\Flyff.lnk [2011.01.05 19:51:39 | 000,000,842 | ---- | M] () -- C:\Users\andrea\Desktop\Flyff.lnk [2011.01.05 19:45:09 | 926,086,584 | ---- | M] (Gala-Net ) -- C:\Users\andrea\Desktop\Flyff_US_20101130.exe [2011.01.05 17:59:15 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas.lnk [2011.01.04 20:28:50 | 000,001,047 | ---- | M] () -- C:\Users\andrea\Desktop\Quick Memory Editor.lnk [2011.01.04 19:29:06 | 000,001,277 | ---- | M] () -- C:\Users\andrea\Desktop\Adobe After Effects CS4.lnk [2011.01.04 18:52:42 | 000,014,584 | ---- | M] () -- C:\Users\andrea\Documents\TEST INTO.veg [2011.01.04 15:56:59 | 000,000,953 | ---- | M] () -- C:\Users\andrea\Desktop\Cheat Engine.lnk [2011.01.02 05:40:25 | 000,014,608 | ---- | M] () -- C:\Users\andrea\Documents\TEST INTO.veg.bak [2011.01.02 05:17:59 | 000,002,712 | ---- | M] () -- C:\Users\andrea\Documents\Vegas Pro registrieren.htm [2011.01.02 01:54:09 | 000,001,081 | ---- | M] () -- C:\Users\andrea\Desktop\Voice Mail Compressor.lnk [2011.01.02 00:38:06 | 000,003,584 | ---- | M] () -- C:\Users\andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.01 23:01:10 | 000,001,126 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.1.lnk [2011.01.01 23:01:10 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.1.lnk [2011.01.01 06:08:15 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2011.01.01 04:54:50 | 006,097,576 | ---- | M] () -- C:\Users\andrea\1280x1024.psd [2011.01.01 04:10:13 | 000,000,997 | ---- | M] () -- C:\Users\andrea\Desktop\Virtual DJ Pro.lnk [2010.12.31 03:20:28 | 000,001,856 | ---- | M] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.12.29 07:24:28 | 048,748,876 | ---- | M] (Gala Networks Europe Limited ) -- C:\Users\andrea\Flyff_Eu_DE_Setup_v16_Full.exe [2010.12.29 05:07:09 | 000,000,150 | ---- | M] () -- C:\Users\Public\Desktop\Karos Online.url [2010.12.28 07:46:59 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2010.12.28 07:46:09 | 000,001,220 | ---- | M] () -- C:\Windows\System32\ealregsnapshot1.reg [2010.12.28 05:46:06 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Warcraft III.lnk [2010.12.28 05:11:41 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.12.28 05:11:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.12.28 05:11:41 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.12.28 05:11:40 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.12.27 19:25:35 | 000,002,086 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Movie Studio HD Platinum 10.0.lnk [2010.12.27 15:34:31 | 000,000,171 | ---- | M] () -- C:\Users\Public\Desktop\ijji.url [2010.12.27 15:34:30 | 000,001,875 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.12.27 15:34:30 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk [2010.12.26 00:04:36 | 000,001,407 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.12.26 00:03:40 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Browser Choice.lnk [2010.12.25 20:32:12 | 000,001,066 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk [2010.12.25 20:32:12 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2010.12.25 20:32:12 | 000,001,042 | ---- | M] () -- C:\Users\Public\Desktop\Game Booster.lnk [2010.12.25 17:42:18 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\CamStudio.lnk [2010.12.25 17:23:52 | 000,001,356 | ---- | M] () -- C:\Users\andrea\Desktop\Free YouTube to MP3 Converter.lnk [2010.12.25 17:12:37 | 000,000,562 | ---- | M] () -- C:\Users\andrea\Desktop\Fraps.lnk [2010.12.25 16:59:41 | 000,000,937 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010.12.25 16:59:41 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010.12.25 15:24:21 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.12.25 15:21:45 | 000,001,909 | ---- | M] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.12.25 15:21:45 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.12.25 15:15:16 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.12.25 15:14:22 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.12.25 15:01:13 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf [2010.12.24 01:43:04 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM03.sys [2010.12.24 01:43:00 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCAM_WDM02.sys [2010.12.24 01:42:54 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM01.sys [2010.12.24 01:42:50 | 000,106,208 | ---- | M] (e2eSoft) -- C:\Windows\System32\drivers\VCam_WDM.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.01.20 16:23:15 | 000,001,115 | ---- | C] () -- C:\Users\andrea\Desktop\Dyyno Broadcaster.lnk [2011.01.18 16:44:54 | 000,002,318 | ---- | C] () -- C:\Users\andrea\Desktop\Google Chrome.lnk [2011.01.17 23:16:46 | 000,000,372 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job [2011.01.17 23:16:26 | 000,001,203 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare.lnk [2011.01.17 23:16:26 | 000,000,136 | ---- | C] () -- C:\Users\andrea\Desktop\IObit Freeware.url [2011.01.17 23:16:25 | 000,001,179 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk [2011.01.17 19:56:54 | 000,138,464 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.01.17 19:56:47 | 000,111,928 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.01.17 19:56:23 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.01.17 15:14:28 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011.01.16 10:28:29 | 000,001,094 | ---- | C] () -- C:\Users\andrea\Desktop\CrossFire.lnk [2011.01.15 18:14:14 | 000,004,962 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2011.01.15 15:15:44 | 000,007,552 | ---- | C] () -- C:\Windows\System32\drivers\enodpl.sys [2011.01.15 15:15:44 | 000,006,659 | ---- | C] () -- C:\Windows\System32\TANDPL.VXD [2011.01.15 15:15:44 | 000,006,532 | ---- | C] () -- C:\Windows\System32\ENODPL.VXD [2011.01.15 15:15:44 | 000,004,736 | ---- | C] () -- C:\Windows\System32\drivers\tandpl.sys [2011.01.15 12:57:49 | 000,082,436 | ---- | C] () -- C:\Users\andrea\Documents\Minecraft intro(project).aep [2011.01.15 12:54:56 | 466,587,628 | ---- | C] () -- C:\Users\andrea\Documents\Minecraft intro.avi [2011.01.15 12:35:10 | 000,037,427 | ---- | C] () -- C:\Users\andrea\Desktop\minecraft.jpg [2011.01.15 00:01:11 | 000,001,283 | ---- | C] () -- C:\Settings.ini [2011.01.14 23:32:52 | 000,001,295 | ---- | C] () -- C:\Users\andrea\Desktop\FD - Shortcut.lnk [2011.01.14 23:05:46 | 000,317,553 | ---- | C] () -- C:\Users\andrea\Desktop\CSS Spray bot.exe [2011.01.14 22:55:42 | 000,000,326 | ---- | C] () -- C:\Users\andrea\SciTE.session [2011.01.14 22:55:40 | 000,001,112 | ---- | C] () -- C:\Users\andrea\Desktop\CSS Spray bot.au3 [2011.01.14 13:04:30 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Singleplayer.lnk [2011.01.14 13:04:30 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 2 Multiplayer.lnk [2011.01.14 13:04:28 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini [2011.01.13 19:54:07 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2011.01.13 19:33:23 | 000,079,872 | ---- | C] () -- C:\Users\andrea\AppData\Roaming\chrtmp [2011.01.11 13:43:21 | 000,001,877 | ---- | C] () -- C:\Users\Public\Desktop\Play Synthesia.lnk [2011.01.08 15:04:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.01.08 13:31:58 | 000,174,003 | ---- | C] () -- C:\Users\andrea\Documents\Intro.aep [2011.01.08 13:15:46 | 000,074,243 | ---- | C] () -- C:\Users\andrea\Desktop\189.jpg [2011.01.07 23:01:39 | 000,001,027 | ---- | C] () -- C:\Users\andrea\Desktop\Super Meat Boy.lnk [2011.01.06 21:38:34 | 000,000,552 | ---- | C] () -- C:\Windows\eReg.dat [2011.01.06 20:01:13 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\CyberGhost VPN.lnk [2011.01.05 17:59:15 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas.lnk [2011.01.04 20:28:50 | 000,001,047 | ---- | C] () -- C:\Users\andrea\Desktop\Quick Memory Editor.lnk [2011.01.04 19:29:06 | 000,001,277 | ---- | C] () -- C:\Users\andrea\Desktop\Adobe After Effects CS4.lnk [2011.01.04 15:56:59 | 000,000,953 | ---- | C] () -- C:\Users\andrea\Desktop\Cheat Engine.lnk [2011.01.04 15:56:57 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll [2011.01.02 05:40:25 | 000,014,608 | ---- | C] () -- C:\Users\andrea\Documents\TEST INTO.veg.bak [2011.01.02 05:40:25 | 000,014,584 | ---- | C] () -- C:\Users\andrea\Documents\TEST INTO.veg [2011.01.02 05:17:59 | 000,002,712 | ---- | C] () -- C:\Users\andrea\Documents\Vegas Pro registrieren.htm [2011.01.02 01:54:09 | 000,001,081 | ---- | C] () -- C:\Users\andrea\Desktop\Voice Mail Compressor.lnk [2011.01.02 00:38:06 | 000,003,584 | ---- | C] () -- C:\Users\andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.01.01 23:01:10 | 000,001,126 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.1.lnk [2011.01.01 23:01:10 | 000,001,102 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Flash Media Live Encoder 3.1.lnk [2011.01.01 04:55:22 | 014,400,056 | ---- | C] () -- C:\Users\andrea\1280x1024.bmp [2011.01.01 04:54:44 | 006,097,576 | ---- | C] () -- C:\Users\andrea\1280x1024.psd [2011.01.01 04:10:13 | 000,000,997 | ---- | C] () -- C:\Users\andrea\Desktop\Virtual DJ Pro.lnk [2010.12.31 03:20:28 | 000,001,856 | ---- | C] () -- C:\Users\Public\Desktop\GTA San Andreas.lnk [2010.12.29 07:38:23 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\Flyff.lnk [2010.12.29 07:38:22 | 000,000,842 | ---- | C] () -- C:\Users\andrea\Desktop\Flyff.lnk [2010.12.29 06:19:46 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd [2010.12.29 05:07:09 | 000,000,150 | ---- | C] () -- C:\Users\Public\Desktop\Karos Online.url [2010.12.28 07:46:59 | 000,002,043 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk [2010.12.28 07:46:09 | 000,001,220 | ---- | C] () -- C:\Windows\System32\ealregsnapshot1.reg [2010.12.28 05:36:54 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Warcraft III.lnk [2010.12.27 19:25:35 | 000,002,086 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Movie Studio HD Platinum 10.0.lnk [2010.12.27 15:34:31 | 000,000,171 | ---- | C] () -- C:\Users\Public\Desktop\ijji.url [2010.12.27 15:34:30 | 000,001,875 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk [2010.12.27 15:34:30 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\ijji REACTOR.lnk [2010.12.26 00:04:36 | 000,001,407 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2010.12.26 00:03:40 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\Browser Choice.lnk [2010.12.26 00:03:35 | 000,000,290 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk [2010.12.26 00:03:35 | 000,000,272 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk [2010.12.25 20:32:12 | 000,001,066 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Game Booster.lnk [2010.12.25 20:32:12 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\Switch to Gaming Mode.lnk [2010.12.25 20:32:12 | 000,001,042 | ---- | C] () -- C:\Users\Public\Desktop\Game Booster.lnk [2010.12.25 17:42:18 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\CamStudio.lnk [2010.12.25 17:23:59 | 000,001,197 | ---- | C] () -- C:\Users\andrea\Desktop\DVDVideoSoft Free Studio.lnk [2010.12.25 17:23:52 | 000,001,356 | ---- | C] () -- C:\Users\andrea\Desktop\Free YouTube to MP3 Converter.lnk [2010.12.25 17:12:37 | 000,000,562 | ---- | C] () -- C:\Users\andrea\Desktop\Fraps.lnk [2010.12.25 16:59:41 | 000,000,937 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk [2010.12.25 16:59:41 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk [2010.12.25 15:25:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml [2010.12.25 15:25:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml [2010.12.25 15:24:21 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.12.25 15:21:45 | 000,001,909 | ---- | C] () -- C:\Users\andrea\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk [2010.12.25 15:21:45 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.12.25 15:15:16 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.12.25 15:14:22 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.12.25 15:13:17 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.12.25 15:13:16 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.12.25 15:12:32 | 000,000,868 | ---- | C] () -- C:\Windows\tasks\Google Software Updater.job [2010.12.25 15:06:19 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job [2010.12.25 15:06:18 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job [2010.12.25 14:58:10 | 603,627,520 | -HS- | C] () -- C:\hiberfil.sys [2010.08.29 21:15:21 | 000,000,792 | ---- | C] () -- C:\Windows\System32\RTSLCS.dll [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.07.14 00:24:44 | 000,003,584 | ---- | C] () -- C:\Windows\System32\nt.dll ========== LOP Check ========== [2011.01.18 18:05:34 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\.minecraft [2011.01.18 12:48:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft [2010.12.25 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.20 16:22:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Dyyno [2011.01.03 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GameTuts [2011.01.02 00:05:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GetRightToGo [2011.01.07 23:05:53 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Hive Cluster [2011.01.18 12:49:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\IObit [2011.01.01 23:35:19 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\ManyCam [2010.12.27 23:03:17 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Publish Providers [2011.01.02 05:17:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Sony [2010.12.28 07:59:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\SPORE [2011.01.11 13:56:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Synthesia [2011.01.19 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\uTorrent [2011.01.06 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WB Games [2011.01.19 16:22:46 | 000,000,372 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job [2009.07.14 05:53:46 | 000,006,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.01.18 18:05:34 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\.minecraft [2011.01.04 19:09:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Adobe [2011.01.18 12:48:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoft [2010.12.25 17:24:02 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers [2011.01.20 16:22:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Dyyno [2011.01.03 21:20:05 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GameTuts [2011.01.02 00:05:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\GetRightToGo [2010.12.25 15:18:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Google [2011.01.07 23:05:53 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Hive Cluster [2010.12.26 00:03:47 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Identities [2011.01.18 12:49:50 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\IObit [2010.12.25 15:06:59 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Macromedia [2011.01.17 15:15:28 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Malwarebytes [2011.01.01 23:35:19 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\ManyCam [2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Media Center Programs [2011.01.14 22:50:17 | 000,000,000 | --SD | M] -- C:\Users\andrea\AppData\Roaming\Microsoft [2010.12.25 15:22:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Mozilla [2010.12.27 23:03:17 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Publish Providers [2010.12.28 07:58:40 | 000,000,000 | RH-D | M] -- C:\Users\andrea\AppData\Roaming\SecuROM [2011.01.19 16:22:26 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Skype [2011.01.19 13:37:46 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\skypePM [2011.01.02 05:17:10 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Sony [2010.12.28 07:59:45 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\SPORE [2011.01.11 13:56:54 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\Synthesia [2011.01.19 16:22:12 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\uTorrent [2011.01.06 18:49:32 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WB Games [2010.12.27 22:59:26 | 000,000,000 | ---D | M] -- C:\Users\andrea\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2010.12.29 00:13:03 | 000,012,862 | R--- | M] () -- C:\Users\andrea\AppData\Roaming\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=5E02BA9F23426353B819C7DA126FF7AF -- C:\Windows\explorer.exe [2010.08.29 21:03:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2010.08.29 21:03:48 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2010.08.29 21:05:59 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTORV.SYS > [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll [2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2010.08.29 21:05:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2010.08.29 21:05:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2010.08.29 21:05:58 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 02:16:17 | 000,003,584 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\nt.dll < End of report > |
|
20.01.2011, 17:21
| #6 |
| /// Malware-holic | Google Virus bitte erstelle und poste ein combofix log. Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________ --> Google Virus |
|
21.01.2011, 08:34
| #7 |
| | Google Virus Hier der Log(ComboFix): Combofix Logfile: Code:
ATTFilter ComboFix 11-01-20.02 - andrea 21.01.2011 8:12.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.43.1033.18.768.229 [GMT 1:00]
ausgeführt von:: c:\users\andrea\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\CFLog
c:\cflog\CrashLog_20110116.txt
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\andrea\AppData\Roaming\chrtmp
c:\users\andrea\AppData\Roaming\Dyyno
c:\users\andrea\AppData\Roaming\Dyyno\dgcsrv.xml
c:\users\andrea\AppData\Roaming\Dyyno\dyyno.xml
c:\windows\system32\nt.dll
----- BITS: Eventuell infizierte Webseiten -----
hxxp://apnmedia.ask.com
Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert
Kopie von - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!winsxs!x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1!explorer.exe wurde wiederhergestellt
Infizierte Kopie von c:\windows\System32\wininit.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe wurde wiederhergestellt
Infizierte Kopie von c:\windows\explorer.exe wurde gefunden und desinfiziert
Kopie von - c:\combofix\HarddiskVolumeShadowCopy7_!Windows!winsxs!x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1!explorer.exe wurde wiederhergestellt
.
((((((((((((((((((((((( Dateien erstellt von 2010-12-21 bis 2011-01-21 ))))))))))))))))))))))))))))))
.
2011-01-21 07:25 . 2011-01-21 07:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-20 20:20 . 2011-01-20 20:22 -------- d-----w- c:\program files\Image-Line
2011-01-20 20:08 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2011-01-20 20:08 . 2009-08-02 20:09 1554944 ----a-w- c:\windows\system32\vorbis.acm
2011-01-20 20:07 . 2011-01-20 20:22 -------- d-----w- c:\program files\Vstplugins
2011-01-20 20:07 . 2011-01-20 20:07 -------- d-----w- c:\program files\Outsim
2011-01-18 12:30 . 2010-11-16 20:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE836B5A-FFC1-4C9D-8DD1-CCFD59D17267}\mpengine.dll
2011-01-17 18:56 . 2011-01-18 08:14 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-01-17 18:56 . 2011-01-18 08:14 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-01-17 18:56 . 2011-01-17 18:56 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-01-17 14:14 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-17 14:14 . 2011-01-17 14:14 -------- d-----w- c:\programdata\Malwarebytes
2011-01-17 14:14 . 2011-01-17 14:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-17 14:14 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-16 09:24 . 2011-01-16 09:24 -------- d-----w- c:\program files\Z8Games
2011-01-16 08:35 . 2010-10-22 06:23 57960 ----a-w- c:\windows\system32\OpenCL.dll
2011-01-16 08:35 . 2010-10-22 06:23 888424 ----a-w- c:\windows\system32\nvdispco322050.dll
2011-01-15 14:15 . 2003-04-18 23:39 6659 ----a-w- c:\windows\system32\TANDPL.VXD
2011-01-15 14:15 . 2003-04-18 23:32 4736 ----a-w- c:\windows\system32\drivers\tandpl.sys
2011-01-15 14:15 . 2003-03-02 16:44 7552 ----a-w- c:\windows\system32\drivers\enodpl.sys
2011-01-15 14:15 . 2001-08-31 14:16 6532 ----a-w- c:\windows\system32\ENODPL.VXD
2011-01-14 21:49 . 2011-01-14 22:32 -------- d-----w- c:\program files\AutoIt3
2011-01-14 12:04 . 2011-01-18 21:37 -------- d-sh--w- c:\windows\ftpcache
2011-01-14 12:02 . 2011-01-18 15:42 -------- d-----w- c:\program files\Activision
2011-01-13 20:35 . 2011-01-19 13:42 -------- d-----w- C:\PacSteamT
2011-01-13 20:07 . 2011-01-13 20:07 -------- d-----w- c:\program files\Common Files\Thraex Software
2011-01-13 18:04 . 2011-01-18 08:32 -------- d-----w- c:\program files\Common Files\Steam
2011-01-13 18:04 . 2011-01-21 07:27 -------- d-----w- c:\program files\Steam
2011-01-12 19:29 . 2011-01-12 19:29 -------- d-----w- c:\program files\MSXML 4.0
2011-01-11 23:43 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-01-11 23:43 . 2010-10-16 04:33 372736 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-11 23:43 . 2010-10-16 04:33 352256 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-11 23:43 . 2010-10-16 04:33 987136 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-11 23:43 . 2010-10-16 04:33 208896 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-11 23:43 . 2010-11-02 04:35 1170944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-11 23:43 . 2010-11-02 04:35 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-01-11 23:43 . 2010-11-02 04:35 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-01-11 23:43 . 2010-11-02 04:41 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-11 23:43 . 2010-11-02 04:36 801792 ----a-w- c:\windows\system32\FntCache.dll
2011-01-11 23:43 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2011-01-11 23:42 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-11 23:42 . 2010-11-02 04:41 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-01-11 23:42 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-01-11 23:42 . 2010-11-02 04:35 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-11 23:42 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2011-01-11 23:42 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-11 23:42 . 2010-11-02 04:41 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-11 23:42 . 2010-11-02 02:37 211968 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-01-11 23:42 . 2010-06-26 05:14 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2011-01-11 23:42 . 2010-11-02 04:35 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-11 12:42 . 2011-01-11 12:43 -------- d-----w- c:\program files\Synthesia
2011-01-10 19:52 . 2011-01-10 19:52 -------- d-----w- c:\programdata\Trymedia
2011-01-10 19:48 . 2011-01-10 19:48 -------- d-----w- c:\programdata\InstallShield
2011-01-10 12:38 . 2011-01-10 12:41 -------- d-----w- c:\program files\Manic Digger
2011-01-08 13:53 . 2011-01-08 13:53 -------- d-----w- c:\program files\Common Files\Skype
2011-01-08 13:53 . 2011-01-08 13:53 -------- d-----r- c:\program files\Skype
2011-01-07 22:03 . 2011-01-17 15:12 -------- d-----w- c:\program files\Super Meat Boy
2011-01-06 20:56 . 2011-01-06 20:56 -------- d-----w- c:\program files\Maxis
2011-01-06 19:01 . 2010-02-26 00:51 25216 ----a-w- c:\windows\system32\drivers\tap0901.sys
2011-01-06 19:01 . 2011-01-06 19:01 -------- d-----w- c:\program files\S.A.D
2011-01-05 18:45 . 2011-01-05 18:45 -------- d-----w- c:\program files\Gpotato
2011-01-05 18:41 . 2011-01-05 18:41 -------- d-----w- c:\programdata\PMB Files
2011-01-05 18:41 . 2011-01-05 18:41 -------- d-----w- c:\program files\Pando Networks
2011-01-05 16:58 . 2011-01-05 16:59 -------- d-----w- c:\program files\MTA San Andreas
2011-01-04 19:28 . 2011-01-04 19:43 -------- d-----w- c:\program files\Quick Memory Editor
2011-01-04 18:08 . 2011-01-04 18:08 -------- d-----w- c:\programdata\FLEXnet
2011-01-04 18:03 . 2011-01-04 18:03 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2011-01-04 14:56 . 2009-11-03 22:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2011-01-04 14:56 . 2009-11-03 22:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2011-01-04 14:56 . 2011-01-09 16:45 -------- d-----w- c:\program files\Cheat Engine
2011-01-02 06:37 . 2011-01-02 06:37 -------- d-----w- c:\windows\system32\RTCOM
2011-01-02 05:37 . 2011-01-02 05:37 -------- d-----w- c:\programdata\SplitMediaLabs
2011-01-02 00:54 . 2011-01-02 00:54 -------- d-----w- c:\program files\Voice Mail Compressor
2011-01-02 00:35 . 2011-01-20 15:22 -------- d-----w- c:\program files\Dyyno
2011-01-01 23:35 . 2010-12-24 00:43 106208 ----a-w- c:\windows\system32\drivers\VCAM_WDM03.sys
2011-01-01 23:35 . 2010-12-24 00:42 106208 ----a-w- c:\windows\system32\drivers\VCam_WDM.sys
2011-01-01 23:35 . 2010-12-24 00:43 106208 ----a-w- c:\windows\system32\drivers\VCAM_WDM02.sys
2011-01-01 23:35 . 2010-12-24 00:42 106208 ----a-w- c:\windows\system32\drivers\VCam_WDM01.sys
2011-01-01 22:56 . 2011-01-01 22:56 -------- d-----w- c:\program files\VHLabs
2011-01-01 22:35 . 2011-01-02 06:53 -------- d-----w- c:\program files\ManyCam
2011-01-01 05:08 . 2011-01-01 05:08 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-01-01 03:37 . 2011-01-01 03:37 -------- d-----w- c:\program files\Adobe Media Player
2011-01-01 03:10 . 2011-01-01 03:10 -------- d-----w- c:\program files\VirtualDJ
2010-12-31 02:20 . 2010-12-31 02:20 -------- d-----w- c:\program files\Rockstar Games
2010-12-30 06:19 . 2010-12-30 06:19 -------- d-----w- c:\program files\Risk
2010-12-29 06:31 . 2010-12-29 06:31 -------- d-----w- c:\program files\gPotato.eu
2010-12-29 06:16 . 2010-12-29 06:16 -------- d-----w- c:\program files\Neffy
2010-12-29 05:20 . 2010-01-19 19:59 3595660 ----a-w- c:\windows\system32\GameMon.des
2010-12-29 05:19 . 2004-12-30 03:43 4682 ----a-w- c:\windows\system32\npptNT2.sys
2010-12-29 05:19 . 2003-07-15 12:17 5174 ----a-w- c:\windows\system32\nppt9x.vxd
2010-12-29 05:19 . 2010-12-29 05:19 -------- d-----w- c:\program files\Common Files\INCA Shared
2010-12-29 04:07 . 2010-12-29 04:07 -------- d-----w- C:\ijji
2010-12-28 23:28 . 2008-05-30 22:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-12-28 23:23 . 2010-12-28 23:27 -------- d--h--w- c:\windows\msdownld.tmp
2010-12-28 23:20 . 2010-12-28 23:39 -------- d-----w- c:\program files\PCSX2 0.9.7
2010-12-28 06:46 . 2010-12-28 06:46 -------- d-----w- c:\programdata\Electronic Arts
2010-12-28 06:46 . 2010-12-28 06:46 1220 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-12-28 06:33 . 2010-12-28 06:46 -------- d-----w- c:\program files\Electronic Arts
2010-12-28 05:52 . 2010-12-29 22:10 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-12-28 05:43 . 2010-12-28 05:43 -------- d-----w- c:\windows\system32\Macromed
2010-12-28 05:42 . 2010-12-28 05:42 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-12-28 04:36 . 2010-12-28 22:23 -------- d-----w- c:\program files\Warcraft III
2010-12-28 04:36 . 2010-12-28 04:46 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-12-28 04:12 . 2010-12-28 04:12 -------- d-----w- c:\program files\Common Files\Java
2010-12-28 04:11 . 2010-12-28 04:11 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-28 04:11 . 2010-12-28 04:11 -------- d-----w- c:\program files\Java
2010-12-27 20:24 . 2009-07-23 03:08 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2010-12-27 20:24 . 2009-07-23 03:08 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2010-12-27 20:23 . 2010-12-27 20:23 -------- d-----w- c:\windows\system32\RsFx
2010-12-27 20:17 . 2010-12-27 20:23 -------- d-----w- c:\program files\Microsoft SQL Server
2010-12-27 20:17 . 2010-12-27 20:17 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-12-27 20:17 . 2010-12-27 20:17 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-12-27 20:17 . 2010-12-27 20:17 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-12-27 20:16 . 2010-12-27 20:16 -------- d-----w- c:\programdata\PreEmptive Solutions
2010-12-27 20:12 . 2010-12-27 20:12 -------- d-----w- c:\program files\Microsoft ASP.NET
2010-12-27 20:12 . 2010-12-27 20:12 -------- d-----w- c:\program files\IIS
2010-12-27 20:11 . 2010-12-27 20:31 2377696 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2010-12-27 20:04 . 2010-12-27 20:22 -------- d-----w- c:\windows\system32\1033
2010-12-27 20:04 . 2010-12-27 20:04 -------- d-----w- c:\windows\symbols
2010-12-27 20:04 . 2010-12-27 20:07 -------- d-----w- c:\program files\Microsoft F#
2010-12-27 20:04 . 2010-12-27 20:05 -------- d-----w- c:\program files\HTML Help Workshop
2010-12-27 20:04 . 2010-12-27 20:17 -------- d-----w- c:\program files\Microsoft SDKs
2010-12-27 20:04 . 2010-12-27 20:16 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2010-12-27 20:04 . 2010-12-27 20:06 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-12-27 20:04 . 2010-12-27 20:04 -------- d-----w- c:\program files\Microsoft Help Viewer
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-25 14:12 . 2010-12-25 14:55 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]
[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 20:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
2010-12-09 20:51 3911776 ----a-w- c:\program files\uTorrentBar_DE\tbuTor.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{c840e246-6b95-475e-9bd7-caa1c7eca9f2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}"= "c:\program files\uTorrentBar_DE\tbuTor.dll" [2010-12-09 3911776]
[HKEY_CLASSES_ROOT\clsid\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-12-25 136176]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-25 396152]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-21 2752512]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Steam"="c:\program files\Steam\Steam.exe" [2011-01-13 1242448]
"Dyyno Launcher"="c:\program files\Dyyno\Dyyno Broadcaster\dyyno_launcher.exe" [2010-09-11 2151776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-12-25 30192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-11-30 9914984]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2010-12-14 2412680]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-12-25 30192]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-01-19 3595660]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VCam_WDM;e2eSoft VCam;c:\windows\system32\DRIVERS\VCam_WDM.sys [2010-12-24 106208]
R3 VCam_WDM01;e2eSoft VCam 01;c:\windows\system32\DRIVERS\VCam_WDM01.sys [2010-12-24 106208]
R3 VCAM_WDM02;e2eSoft VCam 02;c:\windows\system32\DRIVERS\VCAM_WDM02.sys [2010-12-24 106208]
R3 VCAM_WDM03;e2eSoft VCam 03;c:\windows\system32\DRIVERS\VCAM_WDM03.sys [2010-12-24 106208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-25 1343400]
R3 XDva379;XDva379;c:\windows\system32\XDva379.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Dyyno Launcher;Dyyno Service;c:\program files\Dyyno\Dyyno Broadcaster\launcherd.exe [2010-09-11 415072]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
Inhalt des "geplante Tasks" Ordners
2011-01-21 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-01-17 15:19]
2011-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000Core.job
- c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 14:06]
2011-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2285187412-2589335758-901124341-1000UA.job
- c:\users\andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-25 14:06]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2851647
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\andrea\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
FF - ProfilePath - c:\users\andrea\AppData\Roaming\Mozilla\Firefox\Profiles\0dlze9cv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2851647&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: uTorrentBar_DE Community Toolbar: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - %profile%\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
HKLM-Run-Google Quick Search Box - c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
AddRemove-Google Updater - c:\program files\Google\Google Updater\GoogleUpdater.exe
AddRemove-Picasa 3 - c:\program files\Google\Picasa3\Uninstall.exe
AddRemove-Steam App 220 - c:\pacsteamt\steam.exe
AddRemove-Steam App 240 - c:\pacsteamt\steam.exe
AddRemove-Steam App 4850 - c:\pacsteamt\steam.exe
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\Google\Google Toolbar\Component\GoogleToolbarManager_4079369A224CB572.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_USERS\S-1-5-21-2285187412-2589335758-901124341-1000\Software\SecuROM\License information*]
"datasecu"=hex:bb,0d,61,6c,8e,df,67,11,2d,7a,51,c6,8a,a1,10,b2,30,c4,61,8e,63,
34,23,73,ac,46,92,6a,8d,d5,a3,ca,5c,5a,03,fb,bc,5a,58,b3,2e,dc,1c,f4,ac,be,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\NVIDIA Corporation\Display\NvXDSync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\IObit\Game Booster\GameBox.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-01-21 08:32:50 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2011-01-21 07:32
Vor Suchlauf: 229.748.568.064 bytes free
Nach Suchlauf: 229.648.949.248 bytes free
- - End Of File - - 17B22D94356C140275DB3F2C4AB545B6
Scheint zu Funktionieren google funktioniert wieder^^ Geändert von Sebastian19 (21.01.2011 um 09:30 Uhr) |
|
21.01.2011, 13:40
| #8 |
| /// Malware-holic | Google Virus ich dachte das wäre der plan :d öffne computer c: dann qoobox, rechtsklick auf quarantain, mit winrar oder zip packen, datei hochladen. http://www.trojaner-board.de/54791-a...ner-board.html
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Google Virus |
| adware, antiviren, beschädigen, drücke, eingebe, ergebnisse, folge, folgendes, google, google virus, ladet, link, nichts, problem, programme, seite, sekunden, sobald, suche, systemcare, virus, website |
Linear-Darstellung
