Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Trojan Win 32 Qhost eingefangen Wie lÖschen?

Trojan Win 32 Qhost eingefangen Wie lÖschen?


Log-Analyse und Auswertung: Trojan Win 32 Qhost eingefangen Wie lÖschen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 09.05.2011, 20:50   #1
IanFever
 
Trojan Win 32 Qhost eingefangen Wie lÖschen? - Standard

Trojan Win 32 Qhost eingefangen Wie lÖschen?


Hallo habe heute Pc gestartet und ja ziemliche Probleme Windows Oversight Center zeigt an das ich diesen Trojaner win32 Qhost habe krieg ihn aber nicht weg und bräuchte hilfe da ich mich umgesehen habe und darf ja nicht das gleiche tun wie es bei den andern steht da es bei mir ja anders sein kann antivir zeigt nix an dieser trojaner schliesst mir auch programme wenn ich sie nicht als administrator ausführe Danke Bryan

OTL logfile created on: 9-5-2011 20:50:32 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Bryan\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000413 | Country: Luxembourg | Language: FRL | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 58,00% Memory free
12,00 Gb Paging File | 9,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 1385,85 Gb Total Space | 1257,83 Gb Free Space | 90,76% Space Free | Partition Type: NTFS
Drive D: | 11,31 Gb Total Space | 1,62 Gb Free Space | 14,28% Space Free | Partition Type: NTFS

Computer Name: BRYAN-PC | User Name: Bryan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011-05-09 20:49:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bryan\Desktop\OTL.exe
PRC - [2011-05-09 10:22:29 | 001,765,888 | -H-- | M] () -- C:\Users\Bryan\AppData\Roaming\Microsoft\ysvrto.exe
PRC - [2011-05-06 18:01:32 | 000,177,616 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
PRC - [2011-05-06 18:01:26 | 000,062,928 | R--- | M] (iS3, Inc.) -- C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
PRC - [2011-04-27 14:54:00 | 000,442,024 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
PRC - [2011-04-27 14:54:00 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011-04-12 14:03:33 | 001,206,408 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe
PRC - [2011-04-12 14:03:29 | 000,738,952 | ---- | M] (SPAMfighter ApS) -- C:\Program Files (x86)\Fighters\FighterLauncher.exe
PRC - [2011-04-12 14:03:24 | 001,131,656 | ---- | M] (SPAMfighter) -- C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe
PRC - [2011-04-12 13:38:06 | 000,826,688 | ---- | M] (Preventon Technologies Limited) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVScanningService.exe
PRC - [2011-04-12 13:38:06 | 000,142,768 | ---- | M] (Preventon Technologies Limited) -- C:\Program Files (x86)\Common Files\Common Toolkit Suite\AVEngine\AVWatchService.exe
PRC - [2011-03-23 10:21:32 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011-03-21 09:49:58 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE
PRC - [2010-12-20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe
PRC - [2009-10-02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009-02-27 20:13:04 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe


========== Modules (SafeList) ==========

MOD - [2011-05-09 20:49:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bryan\Desktop\OTL.exe
MOD - [2010-08-21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010-12-03 12:35:56 | 000,341,296 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe -- (NitroReaderDriverReadSpool)
SRV:64bit: - [2009-07-14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011-05-06 18:01:26 | 000,062,928 | R--- | M] (iS3, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe -- (szserver)
SRV - [2011-04-27 14:54:00 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011-04-26 20:26:28 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011-04-18 19:43:03 | 000,818,115 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\msvfd32.exe -- (Adobe Licensing Console)
SRV - [2011-04-12 14:03:33 | 001,206,408 | ---- | M] (SPAMfighter ApS) [Auto | Running] -- C:\Program Files (x86)\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011-04-12 13:38:06 | 000,826,688 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe -- (AV Engine Scanning Service)
SRV - [2011-04-12 13:38:06 | 000,142,768 | ---- | M] () [Auto | Running] -- C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe -- (AV Watch Service)
SRV - [2011-03-23 10:21:32 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011-03-21 09:49:58 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010-10-12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010-02-26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe -- (NIS)
SRV - [2010-02-19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009-10-02 13:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009-06-10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007-12-17 05:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007-01-11 05:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011-04-24 23:23:42 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011-04-12 13:38:07 | 000,013,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avfsfilter.sys -- (AVFSFilter)
DRV:64bit: - [2011-03-11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011-02-18 17:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011-01-20 19:26:39 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011-01-10 15:23:15 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011-01-10 15:23:15 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010-07-28 15:33:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2010-07-28 15:33:16 | 000,128,000 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bserd.sys -- (ss_bserd)
DRV:64bit: - [2010-07-28 15:33:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV:64bit: - [2010-07-28 15:33:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV:64bit: - [2010-05-06 06:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010-04-29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010-04-22 05:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010-04-22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010-04-22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010-02-26 02:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2009-10-02 13:58:58 | 000,537,112 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009-09-17 14:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009-09-17 07:57:46 | 000,023,536 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms -- (PCDSRVC{F36B3A4C-F95654BD-06000000}_0)
DRV:64bit: - [2009-08-30 02:17:18 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1108000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2009-08-21 17:38:14 | 000,543,872 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RC_64.sys -- (AVER_H193)
DRV:64bit: - [2009-08-21 17:37:24 | 000,039,936 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer888RCIR_64.sys -- (CXCIR)
DRV:64bit: - [2009-08-21 02:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009-05-19 23:48:42 | 000,702,976 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009-05-18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011-02-25 23:59:11 | 001,124,472 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110309.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011-01-20 19:47:35 | 001,791,096 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110321.033\EX64.SYS -- (NAVEX15)
DRV - [2011-01-20 19:47:35 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011-01-20 19:47:35 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20110321.033\ENG64.SYS -- (NAVENG)
DRV - [2011-01-20 19:47:34 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010-12-01 02:03:34 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110317.005\IDSviA64.sys -- (IDSVia64)
DRV - [2010-01-15 16:22:22 | 000,074,768 | R--- | M] (iS3 Inc.) [Kernel | Boot | Running] -- C:\Windows\SySWOW64\DRIVERS\szkg64.sys -- (szkg5)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.de
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "hxxp://my.daemon-search.com/startpage"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.2
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.21amo
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.4.0024
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..keyword.URL: "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZVxdm008YYLU&ptb=QRIsoRZBP5mgzgqdD0A50Q&ind=2011022214&ptnrS=ZVxdm008YYLU&si=&n=77ddc386&psa=&st=kwd&searchfor="

FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\ [2011-01-22 14:49:40 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\ [2011-01-21 22:00:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files (x86)\MyWebSearch\bar\2.bin [2011-05-09 20:52:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011-04-14 01:14:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011-05-06 10:46:53 | 000,000,000 | ---D | M]

[2011-01-20 22:51:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bryan\AppData\Roaming\mozilla\Extensions
[2011-05-09 18:35:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bryan\AppData\Roaming\mozilla\Firefox\Profiles\yo8xc1yz.default\extensions
[2011-04-23 15:01:53 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Bryan\AppData\Roaming\mozilla\Firefox\Profiles\yo8xc1yz.default\extensions\DTToolbar@toolbarnet.com
[2011-05-09 18:35:28 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Bryan\AppData\Roaming\mozilla\Firefox\Profiles\yo8xc1yz.default\extensions\ffxtlbr@babylon.com
[2011-03-29 19:58:47 | 000,000,000 | ---D | M] (SkipScreen) -- C:\Users\Bryan\AppData\Roaming\mozilla\Firefox\Profiles\yo8xc1yz.default\extensions\SkipScreen@SkipScreen
[2011-04-23 15:01:51 | 000,002,059 | ---- | M] () -- C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\yo8xc1yz.default\searchplugins\daemon-search.xml
[2011-03-04 00:23:32 | 000,009,932 | ---- | M] () -- C:\Users\Bryan\AppData\Roaming\Mozilla\Firefox\Profiles\yo8xc1yz.default\searchplugins\mywebsearch.xml
[2011-04-28 21:48:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011-04-28 21:48:36 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011-01-21 20:50:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011-02-20 19:54:43 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011-05-09 20:52:08 | 000,000,000 | ---D | M] (My Web Search) -- C:\PROGRAM FILES (X86)\MYWEBSEARCH\BAR\2.BIN
[2011-01-21 22:00:51 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\COFFPLGN
[2011-01-22 14:49:40 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPLGN
[2011-02-02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2011-04-09 00:22:24 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2011-04-09 00:22:25 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2011-04-09 00:22:25 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2011-04-09 00:22:25 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2011-04-09 00:22:25 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2011-05-09 19:45:57 | 000,000,072 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files (x86)\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (Ask Toolbar BHO) - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - File not found
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.8.0.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files (x86)\AskTBar\bar\1.bin\ASKTBAR.DLL (Ask.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PC-Doctor for Windows localizer] C:\Program Files\PC-Doctor for Windows\localizer.exe (PC-Doctor, Inc.)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Remote Solution] C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swproTray.exe (SPAMfighter)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKCU..\Run: [AdobeBridge] C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe (Adobe Systems, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPSON SX410 Series] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Trojan Remover] C:\Program Files (x86)\Trojan Remover\RMVTRJAN.EXE (Simply Super Software)
O4 - Startup: C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\fliptoast.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: Download Video on This Page - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O8:64bit: - Extra context menu item: Download Video This Links To - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O8 - Extra context menu item: Download Video on This Page - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O8 - Extra context menu item: Download Video This Links To - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O9 - Extra Button: Download Video - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O9 - Extra 'Tools' menuitem : Download Video on This Page - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - C:\Program Files (x86)\Tomato\TubeDownload\MDIEEx.dll (Tomato)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/IWONBarInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Bryan\AppData\Roaming\Microsoft\ysvrto.exe) - C:\Users\Bryan\AppData\Roaming\Microsoft\ysvrto.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8ea03fb3-2950-11e0-93e9-4061868c3dc0}\Shell - "" = AutoRun
O33 - MountPoints2\{8ea03fb3-2950-11e0-93e9-4061868c3dc0}\Shell\AutoRun\command - "" = J:\ICM_Manager.exe
O33 - MountPoints2\{ebad5230-24ba-11e0-9290-4061868c3dc0}\Shell - "" = AutoRun
O33 - MountPoints2\{ebad5230-24ba-11e0-9290-4061868c3dc0}\Shell\AutoRun\command - "" = K:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011-05-09 20:19:24 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011-05-08 13:18:22 | 000,000,000 | ---D | C] -- C:\nebula3HSrepository
[2011-05-06 18:01:20 | 000,132,560 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2011-05-06 18:01:18 | 000,398,800 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2011-05-06 18:01:18 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2011-05-06 18:01:18 | 000,067,024 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2011-05-06 18:01:18 | 000,028,624 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2011-05-06 18:01:16 | 000,738,768 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2011-05-06 18:01:16 | 000,390,608 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2011-05-06 18:01:16 | 000,230,864 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2011-05-06 18:01:16 | 000,099,792 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2011-04-27 23:36:26 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011-04-27 23:35:52 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011-04-27 23:35:52 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011-04-27 23:35:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011-04-18 19:43:03 | 000,818,115 | ---- | C] ( ) -- C:\Windows\SysWow64\msvfd32.exe
[2011-04-14 17:43:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011-04-14 17:43:16 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011-04-14 17:43:15 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011-04-14 17:43:12 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011-04-14 17:43:12 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011-04-14 17:43:06 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011-04-14 17:43:05 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011-04-14 17:43:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011-04-14 17:43:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011-04-14 17:43:05 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011-04-14 17:43:04 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011-04-14 17:43:04 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011-04-14 17:42:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[2011/05/09 20:49:32 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bryan\Desktop\OTL.exe
[2011/05/09 20:19:32 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Malwarebytes
[2011/05/09 20:19:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/09 20:19:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/05/09 20:19:19 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/09 20:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/05/09 19:40:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
[2011/05/09 19:40:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2011/05/09 19:40:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2011/05/09 19:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2011/05/09 18:35:48 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Documents\Simply Super Software
[2011/05/09 18:35:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2011/05/09 18:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011/05/09 18:35:19 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ztvcabinet.dll
[2011/05/09 18:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2011/05/09 18:35:17 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Simply Super Software
[2011/05/09 18:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011/05/09 18:34:41 | 010,488,608 | ---- | C] (Simply Super Software ) -- C:\Users\Bryan\Desktop\trjsetup682.exe
[2011/05/09 18:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\clp
[2011/05/09 18:32:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
[2011/05/09 18:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fighters
[2011/05/09 18:32:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite
[2011/05/09 18:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Common Toolkit Suite
[2011/05/09 18:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters
[2011/05/09 18:29:34 | 000,000,000 | -H-D | C] -- C:\ProgramData\{06E03BAF-E228-492A-A40B-DA13D8861239}
[2011/05/09 18:29:09 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Fighters
[2011/05/09 10:19:39 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{F4557481-8AF6-49A6-8E9E-AF8FB0457C89}
[2011/05/08 13:18:22 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AcusticaAudio
[2011/05/08 13:18:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcusticaAudio
[2011/05/08 13:17:18 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Coyote PhaseOne
[2011/05/08 13:16:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ohm Force
[2011/05/08 13:14:32 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIXcoustic Creations - Electri-Q (posihfopit edition)
[2011/05/08 13:14:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIXcoustic Creations - Electri-Q (posihfopit edition)
[2011/05/08 12:18:21 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{4B089C23-3CB1-41D4-A3E8-0ABD3EFE3846}
[2011/05/07 23:27:30 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{6E92E486-0BC2-48B9-8E5E-ACB7A94D6104}
[2011/05/07 11:27:07 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{96F7B166-BA42-4F08-8D4F-45C7804DAE5F}
[2011/05/07 01:22:55 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{1ED56DEA-2F4A-4EE2-962B-C3A44F5D1C37}
[2011/05/06 18:01:20 | 000,022,992 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2011/05/06 18:01:18 | 000,546,256 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2011/05/06 18:01:18 | 000,452,048 | R--- | C] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2011/05/06 10:47:31 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{BEBBBB61-818E-4080-9753-D1B7B39D37B1}
[2011/05/05 22:09:18 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Google
[2011/05/05 22:06:16 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\Google
[2011/05/05 22:06:15 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2011/05/05 22:06:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2011/05/05 22:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2011/05/05 11:59:49 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{178186F0-D6E1-4711-A8B3-01BE59D11389}
[2011/05/04 17:34:30 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{735D6609-E4B6-4218-85CC-8B10C9DFAD40}
[2011/05/03 11:40:09 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{756846C9-DE97-4591-BF7E-30618D7A38E2}
[2011/05/02 19:18:00 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\HIO
[2011/05/02 19:03:58 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{BAA1608F-B8E8-4166-9DA5-8B089251469B}
[2011/05/01 17:46:02 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{6141C380-7D11-42C3-8662-0FD40F599B43}
[2011/05/01 02:50:56 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{C25DF10A-A87A-4487-9212-8A8770844DA9}
[2011/04/30 21:44:43 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\B-hop Script
[2011/04/30 21:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
[2011/04/30 21:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutoHotkey
[2011/04/30 21:29:35 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\BunnyHop Script by Raven
[2011/04/30 19:25:48 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\Hydra Templates
[2011/04/30 14:50:45 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{57E04C55-BA9E-4D3B-ACBF-1C5ABEC365E3}
[2011/04/29 23:32:22 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{80CCC054-9C11-44E5-A469-288F407F0674}
[2011/04/29 11:31:19 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{BCA7D679-46EF-43E4-A63F-6284D925F3B7}
[2011/04/28 23:14:03 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{23A2B42C-6FED-4FD7-8228-38034AC7675A}
[2011/04/28 21:49:33 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\skypePM
[2011/04/28 21:49:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011/04/28 21:48:41 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\Skype
[2011/04/28 21:48:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/04/28 21:48:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2011/04/28 21:48:29 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/04/28 21:48:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/04/28 11:13:40 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{5FBDCC81-D68E-4CE9-B4CC-5D7B983BCAF9}
[2011/04/27 23:36:26 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/04/27 23:36:24 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/27 23:36:24 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/27 23:35:53 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011/04/27 23:35:52 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011/04/27 23:35:52 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011/04/27 23:35:52 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011/04/27 23:35:52 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011/04/27 23:35:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011/04/27 17:49:21 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{328FB81A-A851-4146-9D94-6555D9150527}
[2011/04/27 03:19:36 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{05A0EBB5-190B-4DD2-B16D-6B8ABBDF3A8D}
[2011/04/26 13:53:28 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{0B5200D7-ACC9-47E2-9E02-6AA8C6860932}
[2011/04/26 13:42:15 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{44B0DBD9-1A6F-4A9A-8F8E-583140C6E3D5}
[2011/04/26 03:13:55 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\Collab Nathan WIld Ian Fever
[2011/04/26 02:54:32 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\3xOsc Soundset 3 (Created by Norland)
[2011/04/26 00:06:34 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{FE92AD7A-C7CD-451D-86D0-5631127BD220}
[2011/04/25 15:52:52 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\VST_Effects_Bundle
[2011/04/25 12:06:10 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{D3A56A1E-9B33-493B-882D-5D753EF70E93}
[2011/04/24 23:56:07 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{0F37C9F1-4202-434B-AF79-9C0346926D62}
[2011/04/24 15:33:25 | 000,254,528 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/04/24 11:55:43 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{6B92E24B-9A20-48C0-8147-C556D9506A9E}
[2011/04/23 15:01:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2011/04/23 15:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2011/04/23 15:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2011/04/23 14:48:11 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{D94138F8-7BA8-49A2-AF51-5E46A493A19E}
[2011/04/23 01:09:50 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{8ECB959D-DAC0-4CB4-BD76-12A29327824F}
[2011/04/22 11:09:16 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{522B96E2-1DE9-4866-8708-FE83CDEA3759}
[2011/04/21 15:40:48 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{14DCB910-C05B-4A63-874E-5F8C469588CD}
[2011/04/21 03:40:14 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{272346C3-0BAE-4D5C-AF6E-06F94DB0C45C}
[2011/04/21 01:41:33 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Roaming\TS3Client
[2011/04/21 01:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/04/21 01:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2011/04/20 15:57:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011/04/20 15:57:39 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011/04/20 15:39:41 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{07715B6E-FED1-4A8F-91C7-A2501894A6F6}
[2011/04/19 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{777F5466-E190-4E25-81FC-50EB7D820613}
[2011/04/18 19:46:21 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\Patch
[2011/04/18 14:38:45 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{2DD01718-0DA4-4490-841F-E921F04957A8}
[2011/04/17 19:16:39 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{DF5FFBD6-CC42-4B1E-A6A3-7B51FF00D38F}
[2011/04/16 10:04:22 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{EB136D61-8D59-4C7E-8538-03309E94268E}
[2011/04/15 14:23:11 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{B99D74CD-F62D-4D9E-8431-C96197006B18}
[2011/04/14 17:43:23 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2011/04/14 17:43:23 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2011/04/14 17:43:22 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/14 17:43:21 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/14 17:43:16 | 001,395,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/14 17:43:16 | 001,359,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/14 17:43:12 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/14 17:43:12 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/14 17:43:06 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/14 17:43:05 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/14 17:43:05 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/14 17:43:05 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/14 17:43:05 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/14 17:43:04 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/14 17:43:04 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/14 17:42:56 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/14 17:42:56 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/14 17:42:51 | 000,640,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/14 17:42:51 | 000,603,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/14 17:42:51 | 000,518,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/14 17:42:51 | 000,020,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/14 17:42:51 | 000,019,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/14 17:42:50 | 000,556,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/14 17:42:50 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/14 17:42:49 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOVER.exe
[2011/04/14 14:30:48 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{DC784B39-9214-4487-9219-6C5AF0226912}
[2011/04/13 11:28:22 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{6C6A2F5A-1EBD-40F6-A9A7-2A4FA0E402BB}
[2011/04/12 10:22:51 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{96F8DD60-7BF3-4E3F-93EC-8B6BA2F7CFDF}
[2011/04/11 10:59:15 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{9D04529E-9074-4304-8862-EECF2A68CA2C}
[2011/04/10 18:11:21 | 000,000,000 | ---D | C] -- C:\Users\Bryan\Desktop\VA-Kontor_Top_Of_The_Clubs_Vol._50-3CD-2011-VOiCE
[2011/04/10 13:49:37 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{A8CA232F-25E2-42F4-935B-FDC8601E917F}
[2011/04/10 13:48:52 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{CCE04575-BB77-4443-A420-7183694F8E40}
[2011/04/09 23:45:19 | 000,000,000 | ---D | C] -- C:\Users\Bryan\AppData\Local\{1A356F5E-4952-4F5A-A575-4094B1D6BA6F}
[2011/03/21 01:53:30 | 003,002,471 | ---- | C] (MyWebSearch.com) -- C:\Users\Bryan\AppData\Local\mwsautSp.exe
[2009/07/13 22:46:42 | 001,169,224 | ---- | C] (Microsoft Corporation) -- C:\Users\Bryan\AppData\Roaming\rundll32.exe

========== Files - Modified Within 30 Days ==========

[2011/05/09 20:49:42 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bryan\Desktop\OTL.exe
[2011/05/09 20:19:28 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 19:46:47 | 000,000,128 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpfr2.cfg
[2011/05/09 19:46:42 | 000,001,400 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2011/05/09 19:46:37 | 000,000,432 | ---- | M] () -- C:\Windows\SysWow64\drivers\kgpfr2.cfg
[2011/05/09 19:24:13 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/09 19:24:13 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/09 18:42:51 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Free File Viewer Update Checker.job
[2011/05/09 18:35:05 | 010,488,608 | ---- | M] (Simply Super Software ) -- C:\Users\Bryan\Desktop\trjsetup682.exe
[2011/05/09 18:32:24 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2011/05/09 18:08:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/09 18:08:26 | 504,688,639 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/08 15:49:18 | 001,660,386 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/05/08 15:49:18 | 000,744,568 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011/05/08 15:49:18 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/08 15:49:18 | 000,148,086 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011/05/08 15:49:18 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/05/07 23:15:00 | 000,348,431 | ---- | M] () -- C:\Users\Bryan\Desktop\E. Remake -Whatcha Say.flp
[2011/05/07 16:04:08 | 000,007,680 | ---- | M] () -- C:\Users\Bryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/06 18:01:20 | 000,132,560 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3HTUI5.dll
[2011/05/06 18:01:20 | 000,022,992 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZIO5.dll
[2011/05/06 18:01:18 | 000,546,256 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZComp5.dll
[2011/05/06 18:01:18 | 000,452,048 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\SZBase5.dll
[2011/05/06 18:01:18 | 000,398,800 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3DBA5.dll
[2011/05/06 18:01:18 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Svc5.dll
[2011/05/06 18:01:18 | 000,067,024 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Hks5.dll
[2011/05/06 18:01:18 | 000,028,624 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3XDat5.dll
[2011/05/06 18:01:16 | 000,738,768 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Base5.dll
[2011/05/06 18:01:16 | 000,390,608 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3UI5.dll
[2011/05/06 18:01:16 | 000,230,864 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Win325.dll
[2011/05/06 18:01:16 | 000,099,792 | R--- | M] (iS3, Inc.) -- C:\Windows\SysWow64\IS3Inet5.dll
[2011/05/05 20:03:36 | 002,013,071 | ---- | M] () -- C:\Users\Bryan\Desktop\Foto0068.jpg
[2011/05/05 20:03:24 | 001,882,026 | ---- | M] () -- C:\Users\Bryan\Desktop\Foto0067.jpg
[2011/05/05 20:03:10 | 001,840,714 | ---- | M] () -- C:\Users\Bryan\Desktop\Foto0066.jpg
[2011/05/04 21:40:42 | 000,000,338 | ---- | M] () -- C:\Users\Bryan\Desktop\TechnoBase.fm.rar
[2011/04/30 21:46:21 | 000,001,352 | ---- | M] () -- C:\Users\Bryan\Documents\AutoHotkey.ahk
[2011/04/28 21:49:40 | 000,000,048 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2011/04/28 21:48:30 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/28 19:23:05 | 003,271,130 | ---- | M] () -- C:\Users\Bryan\Desktop\Collab Nathan WIld Ian Fever.rar
[2011/04/26 17:14:54 | 004,000,091 | ---- | M] () -- C:\Users\Bryan\Desktop\Collab Nathan WIld Ian Fever.zip
[2011/04/24 23:23:42 | 000,254,528 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2011/04/23 15:01:50 | 000,001,912 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/04/21 16:00:01 | 000,002,447 | ---- | M] () -- C:\Users\Bryan\Desktop\Deadmau5_-_ghosts_and_stuff__lookitselmo_20090528021249.mid
[2011/04/21 15:56:36 | 000,001,285 | ---- | M] () -- C:\Users\Bryan\Desktop\Tiesto__Hardwell_-_Zero_76__The_Connector_20110420130755.mid
[2011/04/21 01:41:28 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/04/18 19:45:46 | 000,001,108 | ---- | M] () -- C:\Users\Bryan\Desktop\FL Studio 10.lnk
[2011/04/18 19:43:03 | 000,818,115 | ---- | M] ( ) -- C:\Windows\SysWow64\msvfd32.exe
[2011/04/15 19:15:19 | 006,723,166 | ---- | M] () -- C:\Users\Bryan\Desktop\Ian Fever ft. Sousario Beat - Amazing Slow Piano Beat.mp3
[2011/04/15 19:06:27 | 000,734,967 | ---- | M] () -- C:\Users\Bryan\Desktop\a.png
[2011/04/15 17:37:51 | 000,532,621 | ---- | M] () -- C:\Users\Bryan\Desktop\IanFever.jpg
[2011/04/14 21:23:34 | 004,888,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/13 13:49:16 | 000,198,377 | ---- | M] () -- C:\Users\Bryan\Desktop\Dutch_House_lead.flp
[2011/04/12 13:38:07 | 000,013,720 | ---- | M] () -- C:\Windows\SysNative\drivers\avfsfilter.sys

========== Files Created - No Company Name ==========

[2011-05-09 19:46:36 | 000,000,432 | ---- | C] () -- C:\Windows\SysWow64\drivers\kgpfr2.cfg
[2011-03-09 19:17:12 | 001,625,012 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011-01-21 19:19:33 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2011/05/09 20:19:28 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/09 19:46:47 | 000,000,128 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpfr2.cfg
[2011/05/09 19:45:57 | 000,001,400 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2011/05/09 18:35:19 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2011/05/09 18:35:19 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2011/05/09 18:35:19 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2011/05/09 18:35:19 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2011/05/09 18:32:23 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\SPYWAREfighter.lnk
[2011/05/07 23:14:57 | 000,348,431 | ---- | C] () -- C:\Users\Bryan\Desktop\E. Remake -Whatcha Say.flp
[2011/05/05 21:29:56 | 001,840,714 | ---- | C] () -- C:\Users\Bryan\Desktop\Foto0066.jpg
[2011/05/05 21:29:50 | 001,882,026 | ---- | C] () -- C:\Users\Bryan\Desktop\Foto0067.jpg
[2011/05/05 21:29:43 | 002,013,071 | ---- | C] () -- C:\Users\Bryan\Desktop\Foto0068.jpg
[2011/05/04 21:40:42 | 000,000,338 | ---- | C] () -- C:\Users\Bryan\Desktop\TechnoBase.fm.rar
[2011/04/30 21:46:21 | 000,001,352 | ---- | C] () -- C:\Users\Bryan\Documents\AutoHotkey.ahk
[2011/04/28 21:49:40 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/28 21:48:30 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/04/26 17:47:10 | 003,271,130 | ---- | C] () -- C:\Users\Bryan\Desktop\Collab Nathan WIld Ian Fever.rar
[2011/04/26 17:14:54 | 004,000,091 | ---- | C] () -- C:\Users\Bryan\Desktop\Collab Nathan WIld Ian Fever.zip
[2011/04/24 15:33:07 | 000,000,076 | ---- | C] () -- C:\Users\Bryan\Desktop\dyn-ammv15.cue
[2011/04/24 15:32:59 | 855,330,672 | ---- | C] () -- C:\Users\Bryan\Desktop\dyn-ammv15.bin
[2011/04/24 15:32:59 | 000,007,929 | ---- | C] () -- C:\Users\Bryan\Desktop\dynamics.nfo
[2011/04/23 15:01:50 | 000,001,912 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2011/04/21 16:00:00 | 000,002,447 | ---- | C] () -- C:\Users\Bryan\Desktop\Deadmau5_-_ghosts_and_stuff__lookitselmo_20090528021249.mid
[2011/04/21 15:56:35 | 000,001,285 | ---- | C] () -- C:\Users\Bryan\Desktop\Tiesto__Hardwell_-_Zero_76__The_Connector_20110420130755.mid
[2011/04/21 01:41:28 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/04/18 19:45:46 | 000,001,108 | ---- | C] () -- C:\Users\Bryan\Desktop\FL Studio 10.lnk
[2011/04/15 19:17:04 | 006,723,166 | ---- | C] () -- C:\Users\Bryan\Desktop\Ian Fever ft. Sousario Beat - Amazing Slow Piano Beat.mp3
[2011/04/15 19:05:37 | 000,734,967 | ---- | C] () -- C:\Users\Bryan\Desktop\a.png
[2011/04/15 17:37:48 | 000,532,621 | ---- | C] () -- C:\Users\Bryan\Desktop\IanFever.jpg
[2011/04/12 13:38:07 | 000,013,720 | ---- | C] () -- C:\Windows\SysNative\drivers\avfsfilter.sys
[2011/03/10 16:02:01 | 000,010,436 | ---- | C] () -- C:\Users\Bryan\AppData\Roaming\data.dat
[2011/03/09 20:54:29 | 000,000,308 | ---- | C] () -- C:\Users\Bryan\AppData\Roaming\wklnhst.dat
[2011/02/14 20:18:49 | 000,045,142 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp!C!)DE)QEWK~$(KGRHQQOKK!EZLFKM6T-BNEDZNRNW!~~_12.0
[2011/02/14 20:18:49 | 000,027,440 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp!C!)DE)QEWK~$(KGRHQQOKK!EZLFKM6T-BNEDZNRNW!~~_12.JPG
[2011/02/11 14:36:21 | 000,020,509 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpKT4_WFP_GR.0
[2011/02/11 14:36:21 | 000,017,947 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpKT4_WFP_GR.JPG
[2011/02/10 15:18:51 | 000,063,313 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpFOTO(17).0
[2011/02/10 15:18:51 | 000,052,979 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpFOTO(17).JPG
[2011/02/10 13:25:59 | 000,060,063 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpAR4_WEISSGL.JPG
[2011/02/10 13:22:37 | 000,062,104 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpAR4_WEISSGL.0
[2011/02/08 17:25:22 | 001,109,076 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0819.0
[2011/02/08 17:25:22 | 000,968,256 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0819.JPG
[2011/02/08 17:24:39 | 000,866,843 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0817.JPG
[2011/02/08 17:24:38 | 001,022,792 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0817.0
[2011/02/08 17:24:23 | 000,785,301 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0816.JPG
[2011/02/08 17:24:22 | 000,996,636 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0816.0
[2011/02/07 12:33:01 | 000,076,834 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpDSC00393.0
[2011/02/07 12:32:52 | 000,077,308 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpDSC00393.JPG
[2011/02/06 15:23:24 | 000,041,805 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp!CDDQTFQBMK~$(KGRHQV,!IME0HSF4BDYBNOTMVM7D!~~_12.0
[2011/02/06 15:23:24 | 000,034,885 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp!CDDQTFQBMK~$(KGRHQV,!IME0HSF4BDYBNOTMVM7D!~~_12.JPG
[2011/02/06 15:19:43 | 000,034,770 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIL_7_GR.JPG
[2011/02/04 15:38:01 | 000,073,009 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIL_7_GR.0
[2011/01/29 19:20:33 | 000,897,772 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0572.0
[2011/01/29 19:20:33 | 000,781,398 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0572.JPG
[2011/01/29 11:54:43 | 000,144,212 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIMG002.2
[2011/01/29 11:54:43 | 000,139,773 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIMG002.1
[2011/01/29 11:54:42 | 000,184,035 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIMG002.0
[2011/01/29 11:54:42 | 000,145,919 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpIMG002.JPG
[2011/01/28 13:57:42 | 000,002,240 | ---- | C] () -- C:\Windows\LENDIG.sys
[2011/01/25 22:32:26 | 000,008,801 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpWW-2.JPG
[2011/01/25 17:31:42 | 000,009,607 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmpWW-2.0
[2011/01/22 14:45:02 | 000,846,174 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0797.JPG
[2011/01/22 14:45:01 | 000,901,584 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0797.0
[2011/01/22 14:44:10 | 001,074,436 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0799.0
[2011/01/22 14:44:10 | 000,962,820 | ---- | C] () -- C:\Users\Bryan\AppData\Local\tmp104_0799.JPG
[2011/01/21 19:19:33 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2011/01/20 23:06:03 | 000,007,680 | ---- | C] () -- C:\Users\Bryan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009-08-03 01:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009-08-03 01:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009-08-03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009-08-03 01:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009-07-14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009-07-14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009-07-14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009-07-13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009-06-10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/06/12 16:53:46 | 000,001,177 | -H-- | C] () -- C:\Users\Bryan\AppData\Roaming\logs.dat
[2001-02-25 14:27:46 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\Cwdxpx1.dll

========== LOP Check ==========

[2011/03/09 19:18:23 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Acumen Business Systems Ltd
[2011/04/25 02:00:24 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Azureus
[2011/02/04 19:42:07 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\com.w3i.FlipToast
[2011/01/20 20:56:54 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\DAEMON Tools Lite
[2011/01/20 22:27:36 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\FabFilter
[2011/05/09 18:29:15 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Fighters
[2011/02/05 12:55:56 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\FreeFileViewer
[2011/03/14 21:57:16 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Nitro PDF
[2011/02/26 04:17:25 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Publish Providers
[2011/05/09 18:35:17 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Simply Super Software
[2011/03/09 20:28:39 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\SoftGrid Client
[2011/02/26 03:35:00 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Sony
[2011/02/20 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Steinberg
[2011/03/10 20:36:48 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Template
[2011/02/07 11:22:21 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Tomato
[2011/03/09 20:07:47 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\TP
[2011/05/01 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\TS3Client
[2011/01/22 20:06:51 | 000,000,000 | ---D | M] -- C:\Users\Bryan\AppData\Roaming\Windows Live Writer
[2011/05/09 18:42:51 | 000,000,402 | ---- | M] () -- C:\Windows\Tasks\Free File Viewer Update Checker.job
[2011/01/20 19:30:58 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2011/05/06 11:53:49 | 000,032,496 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2011/04/11 20:12:45 | 000,000,000 | ---D | M](C:\Users\Bryan\AppData\Roaming\???????sAppData) -- C:\Users\Bryan\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2011/04/11 20:12:45 | 000,000,000 | ---D | M](C:\Users\Bryan\AppData\Roaming\???????sAppData) -- C:\Users\Bryan\AppData\Roaming\敎潲䍄敔灭慬整sAppData
[2011/04/11 13:42:11 | 000,000,000 | ---D | C](C:\Users\Bryan\AppData\Roaming\???????sAppData) -- C:\Users\Bryan\AppData\Roaming\敎潲䍄敔灭慬整sAppData

========== Alternate Data Streams ==========

@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:CB0AACC9

< End of report >

Alt 10.05.2011, 09:32   #2
markusg
/// Malware-holic
 
Trojan Win 32 Qhost eingefangen Wie lÖschen? - Standard

Trojan Win 32 Qhost eingefangen Wie lÖschen?


bitte erstelle und poste ein combofix log.
Ein Leitfaden und Tutorium zur Nutzung von ComboFix
__________________

__________________
Antwort

Themen zu Trojan Win 32 Qhost eingefangen Wie lÖschen?
?????, alternate, antivir, autorun, avgntflt.sys, avira, babylon, babylon toolbar, babylontoolbar, bho, bonjour, error, firefox, format, helper, home, intrusion prevention, location, logfile, mozilla, object, oldtimer, plug-in, realtek, registry, rundll, scan, searchplugins, security, software, start menu, studio, suite/avengine/avscanningservice.exe, suite/avengine/avwatchservice.exe, super, symantec, syswow64, teamspeak, trojan, trojaner, webcheck, wildtangent games, win 32, windows


« Trojaner "WTR Loader" | BKA-Trojaner »


Ähnliche Themen: Trojan Win 32 Qhost eingefangen Wie lÖschen?


  1. 2 Trojaner eingefangen durch E-Mail-Anhänge // Trojan-Banker.Win32.Agent.ubo und Trojan.Win32.Yakes.ghny
    Log-Analyse und Auswertung - 19.07.2015 (28)
  2. Spybot kann Win32.Qhost.ahnj nicht löschen
    Log-Analyse und Auswertung - 03.05.2015 (20)
  3. Zbot.A.1193 eingefangen, lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (10)
  4. Trojan-Ransom.Win32.Blocker.cbsn & Trojan-Spy.Win.32.Zbot.nsur eingefangen -.-
    Plagegeister aller Art und deren Bekämpfung - 12.04.2014 (23)
  5. Deltasearch - eingefangen- Gefahr? wie löschen, etc.
    Log-Analyse und Auswertung - 05.08.2013 (2)
  6. Qvo6 virus eingefangen! Kann es nicht löschen
    Log-Analyse und Auswertung - 18.07.2013 (6)
  7. My start von Incredibar eingefangen-wie löschen?
    Log-Analyse und Auswertung - 18.02.2013 (14)
  8. Trojaner eingefangen (verm. Trojan:Win32/Qhost.HN)
    Plagegeister aller Art und deren Bekämpfung - 23.08.2011 (5)
  9. Trojan QHost & Trojan Win 32 Agent
    Plagegeister aller Art und deren Bekämpfung - 10.05.2011 (1)
  10. TR/PSW.Papras.AB eingefangen. Einfaches Löschen mit AntiVir genügend?
    Plagegeister aller Art und deren Bekämpfung - 06.08.2010 (5)
  11. Trojan.Renos.PFI und Trojan.DownLoader1.6583 eingefangen ?
    Plagegeister aller Art und deren Bekämpfung - 02.05.2010 (1)
  12. Trojaner eingefangen?! Löschen möglich?
    Plagegeister aller Art und deren Bekämpfung - 02.09.2009 (5)
  13. TR/Qhost.kzn
    Log-Analyse und Auswertung - 19.01.2009 (6)
  14. Trojaner gefunden? :Trojan.Win32.Qhost.df.
    Plagegeister aller Art und deren Bekämpfung - 29.09.2005 (1)
  15. trojan 32.qhost
    Plagegeister aller Art und deren Bekämpfung - 28.12.2004 (11)
  16. Trojan.Win32.Qhost.z
    Plagegeister aller Art und deren Bekämpfung - 20.11.2004 (15)
  17. qhost apd
    Plagegeister aller Art und deren Bekämpfung - 29.10.2004 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojan Win 32 Qhost eingefangen Wie lÖschen? - Hallo habe heute Pc gestartet und ja ziemliche Probleme Windows Oversight Center zeigt an das ich diesen Trojaner win32 Qhost habe krieg ihn aber nicht weg und bräuchte hilfe da - Trojan Win 32 Qhost eingefangen Wie lÖschen?...
Archiv
Du betrachtest: Trojan Win 32 Qhost eingefangen Wie lÖschen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55