| nasuper123 | 03.11.2010 16:58 |
Und die OTL.txt Datei war zu groß.
Deswegen schreib ich sie so rein:OTL Logfile: Code:
OTL logfile created on: 03.11.2010 16:00:02 - Run 1
OTL by OldTimer - Version 3.2.17.2 Folder = C:\Users\Salva\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,07 Gb Total Space | 69,63 Gb Free Space | 25,04% Space Free | Partition Type: NTFS
Drive D: | 20,01 Gb Total Space | 6,70 Gb Free Space | 33,50% Space Free | Partition Type: FAT32
Computer Name: SALVA-PC | User Name: Salva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Salva\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\Salva\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
PRC - C:\Programme\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 2.4\program\soffice.exe (OpenOffice.org)
PRC - c:\Programme\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\Programme\Ares\Ares.exe (Ares Development Group)
PRC - C:\Programme\MarkAny\ContentSafer\MaAgent.exe ((주)마크애니)
PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - C:\Windows\System32\lxctcoms.exe ( )
========== Modules (SafeList) ==========
MOD - C:\Users\Salva\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Emsisoft Anti-Malware\a2hooks32.dll (Emsi Software GmbH)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SRV - (NMSAccessU) -- C:\Programme\CDBurnerXP\NMSAccessU.exe ()
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AresChatServer) -- C:\Programme\Ares\chatServer.exe (Ares Development Group)
SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
SRV - (lxct_device) -- C:\Windows\System32\lxctcoms.exe ( )
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (a2injectiondriver) -- C:\Programme\Emsisoft Anti-Malware\a2dix86.sys (Emsi Software GmbH)
DRV - (a2util) -- C:\Programme\Emsisoft Anti-Malware\a2util32.sys (Emsi Software GmbH)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH)
DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)
DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (SCREAMINGBDRIVER) -- C:\Windows\System32\drivers\ScreamingBAudio.sys (Screaming Bee LLC)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (VX1000) -- C:\Windows\System32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (FWLANUSB) -- C:\Windows\System32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (xfilt) -- C:\Windows\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\Windows\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (dsreader) MaxDrive Driver (dsreader.sys) -- C:\Windows\System32\drivers\dsreader.sys (Thesycon GmbH, Germany)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 0F A2 16 CB 12 CB 01 [binary data]
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\URLSearchHook: {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "msn.de"
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.0.7.0088
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.0
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {542e4d79-1970-4e95-9862-fdb96f61b280}:2.6.0.15
FF - prefs.js..extensions.enabledItems: {5e5ab302-7f65-44cd-8211-c1d4caaccea3}:2.7.1.3
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: extension@virtusdesigns.com:3.6.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.07.04 10:38:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.28 19:29:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.28 19:29:20 | 000,000,000 | ---D | M]
[2009.01.10 13:12:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Extensions
[2010.11.02 22:13:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}(184)
[2010.08.24 16:37:20 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}(185)
[2010.05.30 19:08:20 | 000,000,000 | ---D | M] (Messenger Plus Live Germany Toolbar) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{542e4d79-1970-4e95-9862-fdb96f61b280}
[2010.09.05 18:37:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}
[2010.08.24 16:36:44 | 000,000,000 | ---D | M] (Aero Fox XL) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}(186)
[2010.06.16 10:36:16 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
[2009.12.31 16:47:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.02.28 14:20:03 | 000,000,000 | ---D | M] (HyperCam Toolbar) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2010.08.01 16:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\extension@virtusdesigns.com
[2010.08.24 16:36:46 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\Foxdie@tanjihay(179).com
[2010.09.05 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\Foxdie@tanjihay.com
[2010.08.24 16:36:51 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\foxdie_ext_ocelot@foxdie(180).us
[2010.08.24 16:36:47 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\FoxdieGraphite@tanjihay(181).com
[2010.09.05 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\FoxdieGraphite@tanjihay.com
[2010.08.24 16:36:48 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\nasanightlaunch@example(182).com
[2010.09.05 18:37:30 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\nasanightlaunch@example.com
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\personas@christopher(183).beard
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\extension@virtusdesigns.com\__MACOSX
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\extension@virtusdesigns.com\chrome
[2010.08.24 16:37:13 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\extension@virtusdesigns.com\defaults
[2010.08.24 16:36:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}(186)\chrome\mac\mozapps\extensions
[2010.08.24 16:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Salva\AppData\Roaming\mozilla\Firefox\Profiles\9yiviz7j.default\extensions\{5c8bfb7c-9a54-11dc-8314-0800200c9a66}(186)\chrome\win\mozapps\extensions
[2009.06.14 10:54:19 | 000,001,681 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\ask.uk.xml
[2008.10.22 21:47:48 | 000,000,681 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\ask.xml
[2010.06.11 01:08:24 | 000,000,917 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\conduit.xml
[2010.10.31 11:08:37 | 000,000,950 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin-1.xml
[2009.10.17 22:27:14 | 000,000,950 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin-2.xml
[2009.11.30 18:32:47 | 000,000,950 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin-3.xml
[2009.11.30 22:46:20 | 000,000,950 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin-4.xml
[2010.01.09 21:54:14 | 000,000,961 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin-5.xml
[2010.05.12 17:40:06 | 000,001,042 | ---- | M] () -- C:\Users\Salva\AppData\Roaming\Mozilla\FireFox\Profiles\9yiviz7j.default\searchplugins\icqplugin.xml
[2010.11.02 21:15:00 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2009.07.14 18:56:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.24 19:56:45 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.09.12 20:02:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.10.25 18:29:57 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.10.25 18:29:58 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.10.25 18:29:58 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.25 18:29:58 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.25 18:29:58 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar1.dll (Ask.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programme\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar1.dll (Ask.com)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (HyperCam Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Programme\HyperCam Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (Messenger Plus Live Germany Toolbar) - {542e4d79-1970-4e95-9862-fdb96f61b280} - C:\Programme\Messenger_Plus_Live_Germany\tbMess.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Programme\XfireXO\tbXfir.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4 - HKLM..\Run: [a-squared] C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2guard.exe (Emsi Software GmbH)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [LXCTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.DLL (Lexmark International Inc.)
O4 - HKLM..\Run: [lxctmon.exe] C:\Program Files\Lexmark 5400 Series\lxctmon.exe ()
O4 - HKLM..\Run: [MAAgent] C:\Programme\MarkAny\ContentSafer\MaAgent.exe ((주)마크애니)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [otutnmoqn] C:\Users\Salva\AppData\Roaming\zwckxl.DLL File not found
O4 - HKLM..\Run: [SMSTray] C:\Programme\Samsung\Samsung Media Studio 5\SMSTray.exe (SAMSUNG ELECTRONICS)
O4 - HKLM..\Run: [Windows Audio Driver] C:\Windows\System32\audiohd.exe File not found
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [{7D7186F2-879A-1298-3CE7-F26AB0C09832}] C:\Users\Salva\AppData\Roaming\Vyywah\xaok.exe File not found
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [BitTorrent DNA] C:\Users\Salva\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [Windows Audio Driver] C:\Users\Salva\AppData\Roaming\audiohd.exe File not found
O4 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Salva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe ()
O4 - Startup: C:\Users\Salva1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Programme\OpenOffice.org 2.4\program\quickstart.exe ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Salva\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PacificPoker4 - {94EDF7B4-4272-4af3-8F8B-4E2F68E225B7} - C:\PROGRA~1\PACIFI~1\pacificpoker.exe File not found
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1663235162-73008841-3581746775-1000\..Trusted Domains: esl.eu ([www] http in Vertrauenswürdige Sites)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://static.pe.schuelervz.net/photouploader/ImageUploader5.cab?nocache=1224266755 (Image Uploader Control)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/DE-DE/a-UNO1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Salva\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Salva\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Programme\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{164626b6-0497-11dd-a795-001c4af3f9a8}\Shell - "" = AutoRun
O33 - MountPoints2\{164626b6-0497-11dd-a795-001c4af3f9a8}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O33 - MountPoints2\{2b818cb6-797d-11df-bd3a-001c4af4dd4d}\Shell\AutoRun\command - "" = G:\Menu.exe -- File not found
O33 - MountPoints2\{a12bf38c-206f-11df-bae6-001c4af4dd4d}\Shell\AutoRun\command - "" = K:\Menu.exe -- File not found
O33 - MountPoints2\{ac35f78c-31c7-11df-bb59-001c4af4dd4d}\Shell - "" = AutoRun
O33 - MountPoints2\{ac35f78c-31c7-11df-bb59-001c4af4dd4d}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{b1d5d4e8-d69c-11dc-bd11-0019db51d684}\Shell - "" = AutoRun
O33 - MountPoints2\{b1d5d4e8-d69c-11dc-bd11-0019db51d684}\Shell\AutoRun\command - "" = G:\pushinst.exe -- File not found
O33 - MountPoints2\{ea50f779-d7af-11dd-ac57-001c4af4dd4d}\Shell - "" = AutoRun
O33 - MountPoints2\{ea50f779-d7af-11dd-ac57-001c4af4dd4d}\Shell\AutoRun\command - "" = L:\FalloutLauncher.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\pushinst.exe -- File not found
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\pushinst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpReg: EzPrint - hkey= - key= - C:\Program Files\Lexmark 5400 Series\ezprint.exe (Lexmark International Inc.)
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ6\ICQ.exe File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: Lexmark 5400 Series Fax Server - hkey= - key= - C:\Program Files\Lexmark 5400 Series\fm3032.exe ()
MsConfig - StartUpReg: MsnMsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: VX1000 - hkey= - key= - C:\Windows\vVX1000.exe (Microsoft Corporation)
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - State: "startup" - 2
SafeBootMin: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: aawservice - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe (Lavasoft)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - C:\Windows\System32\i420vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.XFR1 - C:\Windows\System32\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010.10.25 18:47:42 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office
[2010.10.25 18:46:38 | 000,000,000 | ---D | C] -- C:\Programme\MSECache
[2010.10.24 14:14:58 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\3DAvatars
[2010.10.17 19:12:30 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\MADI=)
[2010.10.14 13:23:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.10.13 20:09:30 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.10.13 20:09:29 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.10.13 20:09:29 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.10.13 20:09:28 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.10.13 20:09:28 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.10.13 20:09:28 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.10.13 20:09:27 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.10.13 20:09:27 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.10.13 20:09:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.10.13 20:09:27 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.10.13 20:09:27 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.10.13 20:09:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.10.13 20:09:27 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.10.13 20:09:27 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.10.13 20:09:27 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.10.13 20:09:27 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.10.13 20:09:27 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.09.12 20:04:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.12 20:02:43 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.09.12 20:02:43 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.09.12 20:02:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.09.12 20:02:42 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.09.07 19:27:59 | 013,317,624 | ---- | C] (Opera Software ASA) -- C:\Users\Salva\Desktop\Opera_1061_int_Setup.exe
[2010.09.05 18:43:03 | 000,000,000 | ---D | C] -- C:\Users\Salva\AppData\Local\Pando_Temp
[2010.09.02 20:40:54 | 000,000,000 | ---D | C] -- C:\Users\Salva\AppData\Roaming\Opera
[2010.09.02 20:40:54 | 000,000,000 | ---D | C] -- C:\Users\Salva\AppData\Local\Opera
[2010.09.02 20:40:08 | 000,000,000 | ---D | C] -- C:\Programme\Opera
[2010.08.20 02:09:56 | 000,000,000 | ---D | C] -- C:\Programme\IObit
[2010.08.17 15:17:50 | 000,000,000 | ---D | C] -- C:\Users\Salva\AppData\Roaming\TuneUp Software
[2010.08.17 15:17:29 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2010
[2010.08.17 15:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.08.17 15:14:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.08.13 19:55:24 | 000,000,000 | ---D | C] -- C:\Users\Salva\AppData\Roaming\Locktime
[2010.08.13 16:36:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Locktime
[2010.08.13 02:03:20 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\Originals
[2010.08.13 01:53:15 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\Icons
[2010.08.13 01:43:33 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\keens_iconpack_0.33
[2010.08.12 23:45:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.08.05 21:29:52 | 000,000,000 | ---D | C] -- C:\Users\Salva\Desktop\img
[2006.07.13 18:38:18 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxctpmui.dll
[2006.07.13 18:37:04 | 001,187,840 | ---- | C] ( ) -- C:\Windows\System32\lxctserv.dll
[2006.07.13 18:32:18 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxctcomm.dll
[2006.07.13 18:30:18 | 000,393,216 | ---- | C] ( ) -- C:\Windows\System32\lxctiesc.dll
[2006.07.13 18:28:08 | 000,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxctinpa.dll
[2006.07.13 18:27:24 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxctpplc.dll
[2006.07.13 18:26:42 | 000,667,648 | ---- | C] ( ) -- C:\Windows\System32\lxctcomc.dll
[2006.07.13 18:26:12 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxctprox.dll
[2006.07.13 18:19:32 | 000,983,040 | ---- | C] ( ) -- C:\Windows\System32\lxctusb1.dll
[2006.07.13 18:16:42 | 000,528,384 | ---- | C] ( ) -- C:\Windows\System32\lxctlmpm.dll
[2006.07.13 18:15:54 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcthbn3.dll
========== Files - Modified Within 90 Days ==========
[2010.11.03 15:43:39 | 000,638,510 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.03 15:43:39 | 000,604,126 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.03 15:43:39 | 000,130,462 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.03 15:43:39 | 000,107,562 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.03 15:38:05 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.03 15:38:05 | 000,036,917 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.03 15:37:09 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.03 15:37:09 | 000,004,528 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.03 15:37:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.03 15:36:59 | 2143,838,208 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.02 20:50:26 | 000,002,032 | ---- | M] () -- C:\Users\Salva\AppData\Local\d3d9caps.dat
[2010.11.02 17:57:04 | 005,885,781 | ---- | M] () -- C:\Users\Salva\Desktop\Huey- Nobody Loves The Hood.mp3
[2010.11.02 17:56:42 | 006,089,893 | ---- | M] () -- C:\Users\Salva\Desktop\Huey - Notebook Paper - 06 - 2 nite.mp3
[2010.11.02 17:56:19 | 006,684,807 | ---- | M] () -- C:\Users\Salva\Desktop\09 bushido - hast du was bist du was.mp3
[2010.11.02 17:50:32 | 000,011,470 | -HS- | M] () -- C:\Users\Salva\Desktop\Folder.jpg
[2010.11.02 17:50:32 | 000,011,470 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{64BB48A0-591E-4E6B-90EC-C30928861065}_Large.jpg
[2010.11.02 17:50:09 | 000,002,797 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArtSmall.jpg
[2010.11.02 17:50:09 | 000,002,797 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{64BB48A0-591E-4E6B-90EC-C30928861065}_Small.jpg
[2010.11.02 17:48:18 | 000,010,595 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{DB420B2B-5D73-4D32-99A0-79B4E5FD039E}_Large.jpg
[2010.11.02 17:47:53 | 000,002,802 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{DB420B2B-5D73-4D32-99A0-79B4E5FD039E}_Small.jpg
[2010.11.02 17:44:04 | 008,885,983 | ---- | M] () -- C:\Users\Salva\Desktop\12 Titel 12.mp3
[2010.11.02 17:43:42 | 007,065,707 | ---- | M] () -- C:\Users\Salva\Desktop\03 razorlight - wire to wire.mp3
[2010.11.02 17:39:56 | 005,249,821 | ---- | M] () -- C:\Users\Salva\Desktop\copia de que tengo que hacer.mp3
[2010.11.02 17:39:02 | 000,011,969 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{693263B9-5BC1-4666-A8D7-BF23818A35D6}_Large.jpg
[2010.11.02 17:38:30 | 000,003,079 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{693263B9-5BC1-4666-A8D7-BF23818A35D6}_Small.jpg
[2010.11.02 17:36:42 | 000,017,384 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{F1D2E6E9-2209-404F-97B2-92857855D75B}_Large.jpg
[2010.11.02 17:36:13 | 000,003,593 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{F1D2E6E9-2209-404F-97B2-92857855D75B}_Small.jpg
[2010.11.02 17:34:02 | 000,017,665 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{969E190D-C45F-4201-AABE-82B4CD1DECCE}_Large.jpg
[2010.11.02 17:33:33 | 000,003,973 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{969E190D-C45F-4201-AABE-82B4CD1DECCE}_Small.jpg
[2010.11.02 16:59:02 | 004,545,758 | ---- | M] () -- C:\Users\Salva\Desktop\Headhunterz vs. Abject - Scantraxx Rootz.mp3
[2010.11.02 16:58:33 | 007,383,168 | ---- | M] () -- C:\Users\Salva\Desktop\Bushido_-_Alles_Gute_kommt_von_unten_feat._Chakuza__Kay_One.mp3
[2010.11.02 16:58:06 | 004,246,882 | ---- | M] () -- C:\Users\Salva\Desktop\Bushido - 7 - 13 - Reich mir nicht deine Hand.mp3
[2010.11.02 16:57:40 | 011,038,283 | ---- | M] () -- C:\Users\Salva\Desktop\109-justin_timberlake-summer_love-set_the_mood_prelude-ucs.mp3
[2010.11.02 16:54:36 | 000,009,905 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{6AAED1DD-804F-4468-9B53-518E8C817E21}_Large.jpg
[2010.11.02 16:54:34 | 000,014,860 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{C90871F0-A4E6-47F3-90CE-04A844F89A64}_Large.jpg
[2010.11.02 16:54:33 | 000,003,056 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{6AAED1DD-804F-4468-9B53-518E8C817E21}_Small.jpg
[2010.11.02 16:54:31 | 000,003,202 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{C90871F0-A4E6-47F3-90CE-04A844F89A64}_Small.jpg
[2010.11.02 16:54:29 | 000,007,313 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
[2010.11.02 16:54:28 | 000,002,197 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
[2010.11.02 15:49:08 | 000,312,345 | ---- | M] () -- C:\Users\Salva\Desktop\30745_as1r_123_1114lo.jpg
[2010.10.31 21:18:21 | 000,000,104 | ---- | M] () -- C:\Users\Salva\Desktop\Papierkorb - Verknüpfung.lnk
[2010.10.30 12:09:34 | 004,167,808 | ---- | M] () -- C:\Users\Salva\Desktop\No Soul.mp3
[2010.10.24 14:12:21 | 005,859,702 | ---- | M] () -- C:\Users\Salva\Desktop\3DAvatars.rar
[2010.10.23 13:33:52 | 000,024,439 | ---- | M] () -- C:\Users\Salva\Desktop\s.jpg
[2010.10.22 22:55:20 | 000,055,296 | ---- | M] () -- C:\Users\Salva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.21 20:04:01 | 000,040,813 | ---- | M] () -- C:\Users\Salva\Desktop\Snapshot_20101021_13.JPG
[2010.10.21 15:10:10 | 000,068,175 | ---- | M] () -- C:\Users\Salva\Desktop\333333.jpg
[2010.10.20 21:27:41 | 000,041,886 | ---- | M] () -- C:\Users\Salva\Desktop\22222.jpg
[2010.10.20 21:12:33 | 000,013,148 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{BF7EC0C9-BF4D-4F86-81EA-A96F717D1909}_Large.jpg
[2010.10.20 21:12:33 | 000,002,844 | -HS- | M] () -- C:\Users\Salva\Desktop\AlbumArt_{BF7EC0C9-BF4D-4F86-81EA-A96F717D1909}_Small.jpg
[2010.10.20 21:10:25 | 000,174,384 | ---- | M] () -- C:\Users\Salva\Desktop\project.cedprj
[2010.10.20 20:24:36 | 006,072,448 | ---- | M] () -- C:\Users\Salva\Desktop\MADI=) - Dschungelbuch King Louie - Ich wär so gern wie du.mp3
[2010.10.20 20:21:20 | 003,768,448 | ---- | M] () -- C:\Users\Salva\Desktop\MADI=) Mulan - Sei ein Mann.mp3
[2010.10.20 20:15:02 | 006,963,328 | ---- | M] () -- C:\Users\Salva\Desktop\MADI=) B.O.B FEAT. BRUNO MARS - NOTHING ON YOU.mp3
[2010.10.20 19:10:20 | 000,169,247 | ---- | M] () -- C:\Users\Salva\Desktop\01102010356-tile1.jpg
[2010.10.20 19:07:11 | 000,209,920 | -H-- | M] () -- C:\Users\Salva\Desktop\photothumb.db
[2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.10.17 21:33:50 | 000,173,125 | ---- | M] () -- C:\Users\Salva\Desktop\01102010356-tile.jpg
[2010.10.17 21:21:54 | 000,050,176 | -H-- | M] () -- C:\Users\Salva\photothumb.db
[2010.10.17 21:20:13 | 000,012,288 | -H-- | M] () -- C:\Users\Salva\Documents\photothumb.db
[2010.10.17 21:12:48 | 000,162,385 | ---- | M] () -- C:\Users\Salva\Desktop\Hochzeit Daniele.jpg
[2010.10.17 20:53:18 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.10.17 19:07:37 | 001,517,893 | ---- | M] () -- C:\Users\Salva\Desktop\tor-0.2.1.26-win32.exe
[2010.10.17 11:22:42 | 005,657,416 | ---- | M] () -- C:\Users\Salva\Desktop\copia de rihanna-only girl (in the world)-mastered-adwiin.mp3
[2010.10.14 16:02:00 | 000,014,139 | ---- | M] () -- C:\Users\Salva\Desktop\sssss.odt
[2010.09.25 09:48:33 | 004,245,632 | ---- | M] () -- C:\Users\Salva\Desktop\Sexion D'assaut - Désolé.mp3
[2010.09.20 10:25:01 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshsq.dll
[2010.09.19 10:14:41 | 005,388,416 | ---- | M] () -- C:\Users\Salva\Desktop\Lady Gaga - Alejandro [Dave Aude Radio Mix] [Future Trance Vol. 53].mp3
[2010.09.19 10:11:30 | 005,220,480 | ---- | M] () -- C:\Users\Salva\Desktop\Stereo Rocker (Future Trance Vol.53) - LOL (Radio Mix FT Fast).mp3
[2010.09.19 09:51:06 | 005,869,696 | ---- | M] () -- C:\Users\Salva\Desktop\Inna - Deja vu.mp3
[2010.09.19 09:50:31 | 005,382,272 | ---- | M] () -- C:\Users\Salva\Desktop\Inna - Sun Is Up.mp3
[2010.09.19 09:45:35 | 004,923,520 | ---- | M] () -- C:\Users\Salva\Desktop\Medina - You and I.mp3
[2010.09.19 09:41:32 | 005,937,280 | ---- | M] () -- C:\Users\Salva\Desktop\Swedish House Mafia - One (Your Name) feat Pharrell.mp3
[2010.09.19 09:21:55 | 004,184,192 | ---- | M] () -- C:\Users\Salva\Desktop\PH Electro - Englishman In New York.mp3
[2010.09.17 22:43:54 | 000,012,849 | ---- | M] () -- C:\Users\Salva\Desktop\DSC09599 (2).jpg
[2010.09.13 11:50:15 | 009,025,948 | ---- | M] () -- C:\Users\Salva\Desktop\06. Elektra - Dishi (Fast Foot Rmx) [WWW.FINESTBLACKBEATZ.US].mp3
[2010.09.12 15:21:58 | 000,006,443 | ---- | M] () -- C:\Users\Salva\Desktop\049.png
[2010.09.08 06:58:17 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.09.08 06:57:48 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.09.08 06:57:48 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.09.08 06:57:18 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.09.08 06:57:10 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.09.08 06:57:05 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.09.08 06:56:53 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.09.08 06:56:53 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.09.08 06:56:53 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.09.08 06:56:52 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.09.08 06:56:52 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.09.08 06:56:47 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.09.08 06:04:36 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.09.08 05:26:46 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.09.08 05:26:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.09.08 05:25:50 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.09.08 05:25:15 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.09.07 19:28:00 | 013,317,624 | ---- | M] (Opera Software ASA) -- C:\Users\Salva\Desktop\Opera_1061_int_Setup.exe
[2010.09.05 19:21:44 | 000,000,962 | ---- | M] () -- C:\Users\Public\Desktop\War Rock.lnk
[2010.09.05 19:02:03 | 674,588,448 | ---- | M] () -- C:\Users\Salva\War_Rock_20100806.exe
[2010.09.05 18:42:42 | 000,000,953 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2010.09.05 18:42:42 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\GamersFirst LIVE!.lnk
[2010.08.25 07:30:41 | 007,170,176 | ---- | M] () -- C:\Users\Salva\Desktop\Llamado De Emergencia.mp3
[2010.08.25 07:30:28 | 006,697,088 | ---- | M] () -- C:\Users\Salva\Desktop\Lo que paso paso.mp3
[2010.08.25 07:30:24 | 003,846,272 | ---- | M] () -- C:\Users\Salva\Desktop\No Me Dejes Solo.mp3
[2010.08.24 21:39:01 | 006,047,872 | ---- | M] () -- C:\Users\Salva\Desktop\Dile.mp3
[2010.08.23 11:41:17 | 000,206,793 | ---- | M] () -- C:\Users\Salva\Documents\ts3_clientui-win32-11937-2010-08-23 12_41_16.566220.dmp
[2010.08.22 01:28:10 | 010,057,734 | ---- | M] () -- C:\Users\Salva\Desktop\06 Nothin On You.m4a
[2010.08.22 01:07:07 | 008,106,045 | ---- | M] () -- C:\Users\Salva\Desktop\08 Beautiful Monster.m4a
[2010.08.22 01:06:16 | 006,755,144 | ---- | M] () -- C:\Users\Salva\Desktop\06 Amazing.m4a
[2010.08.22 01:05:15 | 007,871,334 | ---- | M] () -- C:\Users\Salva\Desktop\03 California Girl.m4a
[2010.08.21 21:03:24 | 000,199,117 | ---- | M] () -- C:\Users\Salva\Documents\ts3_clientui-win32-11937-2010-08-21 22_03_22.879308.dmp
[2010.08.19 13:21:04 | 004,042,880 | ---- | M] () -- C:\Users\Salva\Desktop\Dan Balan- Chica Bomb (Official Music Video ).mp3
[2010.08.19 01:01:05 | 000,012,471 | ---- | M] () -- C:\Users\Salva\Desktop\acc.odt
[2010.08.14 14:25:01 | 006,015,104 | ---- | M] () -- C:\Users\Salva\Desktop\Laserkraft 3D - Nein Mann.mp3
[2010.08.12 23:46:33 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2010.08.12 23:46:33 | 000,000,933 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.08.12 16:31:02 | 006,619,264 | ---- | M] () -- C:\Users\Salva\Desktop\Opium Project - Hello Moskva (Dj Revyakin Next Touch Flo Remix).mp3
[2010.08.12 14:00:43 | 000,000,211 | ---- | M] () -- C:\Users\Salva\Desktop\Spielezentrum.url
[2010.08.12 12:45:32 | 006,146,176 | ---- | M] () -- C:\Users\Salva\Desktop\tokyo drift - teriyaki boys.mp3
========== Files Created - No Company Name ==========
[2010.11.02 17:51:00 | 000,011,470 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{64BB48A0-591E-4E6B-90EC-C30928861065}_Large.jpg
[2010.11.02 17:51:00 | 000,002,797 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{64BB48A0-591E-4E6B-90EC-C30928861065}_Small.jpg
[2010.11.02 17:48:43 | 000,010,595 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{DB420B2B-5D73-4D32-99A0-79B4E5FD039E}_Large.jpg
[2010.11.02 17:48:43 | 000,002,802 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{DB420B2B-5D73-4D32-99A0-79B4E5FD039E}_Small.jpg
[2010.11.02 17:39:34 | 000,011,969 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{693263B9-5BC1-4666-A8D7-BF23818A35D6}_Large.jpg
[2010.11.02 17:39:34 | 000,003,079 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{693263B9-5BC1-4666-A8D7-BF23818A35D6}_Small.jpg
[2010.11.02 17:37:20 | 000,017,384 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{F1D2E6E9-2209-404F-97B2-92857855D75B}_Large.jpg
[2010.11.02 17:37:20 | 000,003,593 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{F1D2E6E9-2209-404F-97B2-92857855D75B}_Small.jpg
[2010.11.02 17:34:39 | 000,017,665 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{969E190D-C45F-4201-AABE-82B4CD1DECCE}_Large.jpg
[2010.11.02 17:34:39 | 000,003,973 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{969E190D-C45F-4201-AABE-82B4CD1DECCE}_Small.jpg
[2010.11.02 16:54:42 | 000,009,905 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{6AAED1DD-804F-4468-9B53-518E8C817E21}_Large.jpg
[2010.11.02 16:54:42 | 000,003,056 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{6AAED1DD-804F-4468-9B53-518E8C817E21}_Small.jpg
[2010.11.02 16:54:38 | 000,014,860 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{C90871F0-A4E6-47F3-90CE-04A844F89A64}_Large.jpg
[2010.11.02 16:54:38 | 000,003,202 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{C90871F0-A4E6-47F3-90CE-04A844F89A64}_Small.jpg
[2010.11.02 16:54:31 | 000,007,313 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Large.jpg
[2010.11.02 16:54:31 | 000,002,197 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{D6D6FADC-B55A-4C8B-A639-5F5D428D9770}_Small.jpg
[2010.11.02 15:49:06 | 000,312,345 | ---- | C] () -- C:\Users\Salva\Desktop\30745_as1r_123_1114lo.jpg
[2010.10.31 21:18:21 | 000,000,104 | ---- | C] () -- C:\Users\Salva\Desktop\Papierkorb - Verknüpfung.lnk
[2010.10.30 12:04:28 | 004,167,808 | ---- | C] () -- C:\Users\Salva\Desktop\No Soul.mp3
[2010.10.24 14:12:20 | 005,859,702 | ---- | C] () -- C:\Users\Salva\Desktop\3DAvatars.rar
[2010.10.23 13:32:35 | 000,024,439 | ---- | C] () -- C:\Users\Salva\Desktop\s.jpg
[2010.10.21 20:01:37 | 000,040,813 | ---- | C] () -- C:\Users\Salva\Desktop\Snapshot_20101021_13.JPG
[2010.10.21 15:09:16 | 000,068,175 | ---- | C] () -- C:\Users\Salva\Desktop\333333.jpg
[2010.10.20 21:27:40 | 000,041,886 | ---- | C] () -- C:\Users\Salva\Desktop\22222.jpg
[2010.10.20 21:12:33 | 000,013,148 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{BF7EC0C9-BF4D-4F86-81EA-A96F717D1909}_Large.jpg
[2010.10.20 21:12:33 | 000,002,844 | -HS- | C] () -- C:\Users\Salva\Desktop\AlbumArt_{BF7EC0C9-BF4D-4F86-81EA-A96F717D1909}_Small.jpg
[2010.10.20 20:58:23 | 000,174,384 | ---- | C] () -- C:\Users\Salva\Desktop\project.cedprj
[2010.10.20 20:24:04 | 006,072,448 | ---- | C] () -- C:\Users\Salva\Desktop\MADI=) - Dschungelbuch King Louie - Ich wär so gern wie du.mp3
[2010.10.20 20:20:47 | 003,768,448 | ---- | C] () -- C:\Users\Salva\Desktop\MADI=) Mulan - Sei ein Mann.mp3
[2010.10.20 20:14:17 | 006,963,328 | ---- | C] () -- C:\Users\Salva\Desktop\MADI=) B.O.B FEAT. BRUNO MARS - NOTHING ON YOU.mp3
[2010.10.20 19:10:20 | 000,169,247 | ---- | C] () -- C:\Users\Salva\Desktop\01102010356-tile1.jpg
[2010.10.17 21:33:48 | 000,173,125 | ---- | C] () -- C:\Users\Salva\Desktop\01102010356-tile.jpg
[2010.10.17 21:12:47 | 000,162,385 | ---- | C] () -- C:\Users\Salva\Desktop\Hochzeit Daniele.jpg
[2010.10.17 19:07:37 | 001,517,893 | ---- | C] () -- C:\Users\Salva\Desktop\tor-0.2.1.26-win32.exe
[2010.10.17 11:23:24 | 005,657,416 | ---- | C] () -- C:\Users\Salva\Desktop\copia de rihanna-only girl (in the world)-mastered-adwiin.mp3
[2010.10.17 11:16:44 | 011,038,283 | ---- | C] () -- C:\Users\Salva\Desktop\109-justin_timberlake-summer_love-set_the_mood_prelude-ucs.mp3
[2010.10.17 11:16:32 | 005,617,951 | ---- | C] () -- C:\Users\Salva\Desktop\Sie ist ein Blickfang.mp3
[2010.10.17 11:16:01 | 006,755,144 | ---- | C] () -- C:\Users\Salva\Desktop\06 Amazing.m4a
[2010.10.17 11:15:35 | 005,885,781 | ---- | C] () -- C:\Users\Salva\Desktop\Huey- Nobody Loves The Hood.mp3
[2010.10.17 11:15:13 | 006,089,893 | ---- | C] () -- C:\Users\Salva\Desktop\Huey - Notebook Paper - 06 - 2 nite.mp3
[2010.10.17 11:14:50 | 004,545,758 | ---- | C] () -- C:\Users\Salva\Desktop\Headhunterz vs. Abject - Scantraxx Rootz.mp3
[2010.10.17 11:13:47 | 006,025,216 | ---- | C] () -- C:\Users\Salva\Desktop\azad - fly away (feat kool savas & francisco).mp3
[2010.10.17 11:13:18 | 005,838,976 | ---- | C] () -- C:\Users\Salva\Desktop\Bushido feat Baba Saad - Ich War Nie Ein Rapper.mp3
[2010.10.17 11:13:13 | 004,246,882 | ---- | C] () -- C:\Users\Salva\Desktop\Bushido - 7 - 13 - Reich mir nicht deine Hand.mp3
[2010.10.17 11:12:58 | 006,684,807 | ---- | C] () -- C:\Users\Salva\Desktop\09 bushido - hast du was bist du was.mp3
[2010.10.17 11:12:54 | 003,756,702 | ---- | C] () -- C:\Users\Salva\Desktop\07-Ab 18 feat. Saad.mp3
[2010.10.17 11:12:37 | 007,383,168 | ---- | C] () -- C:\Users\Salva\Desktop\Bushido_-_Alles_Gute_kommt_von_unten_feat._Chakuza__Kay_One.mp3
[2010.10.17 11:12:30 | 005,414,516 | ---- | C] () -- C:\Users\Salva\Desktop\304-bushido_-_autoritaet_feat._summer_cem-ysp.mp3
[2010.10.17 11:11:55 | 007,936,570 | ---- | C] () -- C:\Users\Salva\Desktop\103-the_black_eyed_peas_-_meet_me_halfway_(richard_vision_solmatic_remix).mp3
[2010.10.17 11:09:45 | 005,498,277 | ---- | C] () -- C:\Users\Salva\Desktop\208-alex_m._vs._marc_van_damme_-_fly_away_(thomas_petersen_vs._gainworx_edit).mp3
[2010.10.14 16:01:59 | 000,014,139 | ---- | C] () -- C:\Users\Salva\Desktop\sssss.odt
[2010.09.29 20:17:55 | 2143,838,208 | -HS- | C] () -- C:\hiberfil.sys
[2010.09.25 09:45:34 | 004,245,632 | ---- | C] () -- C:\Users\Salva\Desktop\Sexion D'assaut - Désolé.mp3
[2010.09.23 20:31:24 | 004,287,972 | ---- | C] () -- C:\Users\Salva\Desktop\youtube - dj cargo vs. supersonik - summer night (tecktonik).mp3
[2010.09.23 20:11:29 | 007,184,381 | ---- | C] () -- C:\Users\Salva\Desktop\07 Alles wird gut.m4a
[2010.09.23 20:06:31 | 007,065,707 | ---- | C] () -- C:\Users\Salva\Desktop\03 razorlight - wire to wire.mp3
[2010.09.23 20:01:46 | 010,057,734 | ---- | C] () -- C:\Users\Salva\Desktop\06 Nothin On You.m4a
[2010.09.23 19:59:07 | 005,367,936 | ---- | C] () -- C:\Users\Salva\Desktop\Jason Derulo - In My Head (Official Lyrics Video).mp3
[2010.09.23 19:56:01 | 005,952,323 | ---- | C] () -- C:\Users\Salva\Desktop\118-pachanga-loco-b2r(2).mp3
[2010.09.23 19:55:36 | 009,836,879 | ---- | C] () -- C:\Users\Salva\Desktop\copia de pitbull - calle ocho (75, brazil street) im1307.mp3
[2010.09.23 19:54:28 | 005,491,648 | ---- | C] () -- C:\Users\Salva\Desktop\The Fast And The Furious (Tokyo Drift) Soundtrack - 10. Don Omar - Los Bandaleros.mp3
[2010.09.23 19:52:11 | 003,846,272 | ---- | C] () -- C:\Users\Salva\Desktop\No Me Dejes Solo.mp3
[2010.09.23 19:51:29 | 006,697,088 | ---- | C] () -- C:\Users\Salva\Desktop\Lo que paso paso.mp3
[2010.09.23 19:50:16 | 007,170,176 | ---- | C] () -- C:\Users\Salva\Desktop\Llamado De Emergencia.mp3
[2010.09.23 19:49:58 | 005,249,821 | ---- | C] () -- C:\Users\Salva\Desktop\copia de que tengo que hacer.mp3
[2010.09.19 10:14:10 | 005,388,416 | ---- | C] () -- C:\Users\Salva\Desktop\Lady Gaga - Alejandro [Dave Aude Radio Mix] [Future Trance Vol. 53].mp3
[2010.09.19 10:11:09 | 005,220,480 | ---- | C] () -- C:\Users\Salva\Desktop\Stereo Rocker (Future Trance Vol.53) - LOL (Radio Mix FT Fast).mp3
[2010.09.19 10:05:57 | 001,994,880 | ---- | C] () -- C:\Users\Salva\Desktop\Yolanda Be Cool & Dcup - We No Speak Americano (Official Video) - OUT NOW!!!.mp3
[2010.09.19 10:05:10 | 006,015,104 | ---- | C] () -- C:\Users\Salva\Desktop\Laserkraft 3D - Nein Mann.mp3
[2010.09.19 09:50:38 | 005,869,696 | ---- | C] () -- C:\Users\Salva\Desktop\Inna - Deja vu.mp3
[2010.09.19 09:50:01 | 005,382,272 | ---- | C] () -- C:\Users\Salva\Desktop\Inna - Sun Is Up.mp3
[2010.09.19 09:45:11 | 004,923,520 | ---- | C] () -- C:\Users\Salva\Desktop\Medina - You and I.mp3
[2010.09.19 09:41:08 | 005,937,280 | ---- | C] () -- C:\Users\Salva\Desktop\Swedish House Mafia - One (Your Name) feat Pharrell.mp3
[2010.09.19 09:21:32 | 004,184,192 | ---- | C] () -- C:\Users\Salva\Desktop\PH Electro - Englishman In New York.mp3
[2010.09.17 22:43:53 | 000,012,849 | ---- | C] () -- C:\Users\Salva\Desktop\DSC09599 (2).jpg
[2010.09.13 07:33:45 | 009,025,948 | ---- | C] () -- C:\Users\Salva\Desktop\06. Elektra - Dishi (Fast Foot Rmx) [WWW.FINESTBLACKBEATZ.US].mp3
[2010.09.12 15:21:58 | 000,006,443 | ---- | C] () -- C:\Users\Salva\Desktop\049.png
[2010.09.11 09:00:35 | 010,252,673 | ---- | C] () -- C:\Users\Salva\Desktop\04 imma be(2).mp3
[2010.09.11 09:00:11 | 008,885,983 | ---- | C] () -- C:\Users\Salva\Desktop\12 Titel 12.mp3
[2010.09.11 08:59:49 | 004,202,495 | ---- | C] () -- C:\Users\Salva\Desktop\deso_dogg-gangxta_feat._kaisa-noir.mp3
[2010.09.11 08:59:41 | 004,629,335 | ---- | C] () -- C:\Users\Salva\Desktop\03-swiss_-_es_kann_nur_einer_befehlen-ysp.mp3
[2010.09.11 08:57:12 | 005,942,643 | ---- | C] () -- C:\Users\Salva\Desktop\17 klaas - our own way.mp3
[2010.09.11 08:55:45 | 003,175,413 | ---- | C] () -- C:\Users\Salva\Desktop\(25) [Andy Judge] Castles In The Sky.mp3
[2010.09.11 08:53:57 | 005,515,463 | ---- | C] () -- C:\Users\Salva\Desktop\101-darius_and_finlay_and_shaun_baker_-_show_me_10_(dj_gollum_edit) ( www.BreakZ.us ).mp3
[2010.09.11 08:53:50 | 002,958,757 | ---- | C] () -- C:\Users\Salva\Desktop\(06) [Jan Wayne, RainDropz] Numb.mp3
[2010.09.11 08:53:29 | 005,301,696 | ---- | C] () -- C:\Users\Salva\Desktop\(07) [Dj Gollum, Scarlet] All The Things She Said.mp3
[2010.09.11 08:53:14 | 003,449,817 | ---- | C] () -- C:\Users\Salva\Desktop\(13) [Francesco Zeta] Fairyland.mp3
[2010.09.11 08:53:11 | 003,394,346 | ---- | C] () -- C:\Users\Salva\Desktop\(24) [Tunnel Allstars DJ Team] Liebesrausch.mp3
[2010.09.11 08:52:43 | 004,845,696 | ---- | C] () -- C:\Users\Salva\Desktop\Triple bounce - Talk 2 me (The Hitmen remix edit) [HQ]_1.mp3
[2010.09.11 08:52:29 | 006,049,732 | ---- | C] () -- C:\Users\Salva\Desktop\dj smash feat fast food - volna (dj antoine vs yoko remix edit).mp3
[2010.09.11 08:52:20 | 009,371,759 | ---- | C] () -- C:\Users\Salva\Desktop\opium project - guby shepcut club mix www rmx lt(2).mp3
[2010.09.11 08:52:02 | 005,584,168 | ---- | C] () -- C:\Users\Salva\Desktop\122-the_vamprockerz_-_vamos_a_la_playa_(dj_gollum_rmx_edit).mp3
[2010.09.07 19:29:54 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.09.05 19:21:44 | 000,000,962 | ---- | C] () -- C:\Users\Public\Desktop\War Rock.lnk
[2010.09.05 18:43:33 | 674,588,448 | ---- | C] () -- C:\Users\Salva\War_Rock_20100806.exe
[2010.08.28 11:16:43 | 006,047,872 | ---- | C] () -- C:\Users\Salva\Desktop\Dile.mp3
[2010.08.25 07:25:22 | 007,871,334 | ---- | C] () -- C:\Users\Salva\Desktop\03 California Girl.m4a
[2010.08.25 07:25:03 | 008,106,045 | ---- | C] () -- C:\Users\Salva\Desktop\08 Beautiful Monster.m4a
[2010.08.25 07:24:57 | 004,042,880 | ---- | C] () -- C:\Users\Salva\Desktop\Dan Balan- Chica Bomb (Official Music Video ).mp3
[2010.08.25 07:24:50 | 006,619,264 | ---- | C] () -- C:\Users\Salva\Desktop\Opium Project - Hello Moskva (Dj Revyakin Next Touch Flo Remix).mp3
[2010.08.23 11:41:16 | 000,206,793 | ---- | C] () -- C:\Users\Salva\Documents\ts3_clientui-win32-11937-2010-08-23 12_41_16.566220.dmp
[2010.08.21 21:03:22 | 000,199,117 | ---- | C] () -- C:\Users\Salva\Documents\ts3_clientui-win32-11937-2010-08-21 22_03_22.879308.dmp
[2010.08.12 23:46:33 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Watch.lnk
[2010.08.12 23:46:33 | 000,000,933 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2010.08.12 14:00:43 | 000,000,211 | ---- | C] () -- C:\Users\Salva\Desktop\Spielezentrum.url
[2010.08.12 12:44:55 | 006,146,176 | ---- | C] () -- C:\Users\Salva\Desktop\tokyo drift - teriyaki boys.mp3
[2010.06.17 10:37:02 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.06.17 10:36:48 | 000,036,917 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.05.28 01:04:46 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2010.04.02 16:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.31 21:50:42 | 606,124,944 | ---- | C] () -- C:\Programme\War_Rock_20100331.exe
[2010.03.21 11:30:25 | 000,000,552 | ---- | C] () -- C:\Users\Salva\AppData\Local\d3d8caps.dat
[2010.03.12 12:52:23 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2010.02.23 13:21:32 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.11.20 07:08:54 | 000,090,112 | ---- | C] () -- C:\Windows\System32\nccad432.dll
[2009.05.23 23:45:17 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.01.01 03:55:59 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.11.07 19:00:06 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2008.11.07 19:00:06 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Ogg.dll
[2008.11.07 18:59:47 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2008.11.07 18:59:47 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2008.07.12 22:15:16 | 000,000,338 | ---- | C] () -- C:\Windows\doom3.ini
[2008.02.21 15:49:54 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxctpmon.dll
[2008.02.21 15:49:54 | 000,032,768 | ---- | C] () -- C:\Windows\System32\LXCTFXPU.DLL
[2008.02.21 15:49:34 | 000,012,288 | ---- | C] () -- C:\Windows\System32\lxctpmrc.dll
[2008.02.21 15:47:04 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCTinst.dll
[2008.02.21 15:44:27 | 000,335,872 | ---- | C] () -- C:\Windows\System32\lxctcoin.dll
[2008.02.16 19:11:48 | 000,001,444 | ---- | C] () -- C:\Program Files\Pacific Poker.lnk
[2008.02.09 13:53:37 | 000,000,093 | ---- | C] () -- C:\Users\Salva\AppData\Local\fusioncache.dat
[2008.02.09 01:15:53 | 000,026,340 | ---- | C] () -- C:\Users\Salva\AppData\Roaming\UserTile.png
[2008.02.08 01:06:14 | 000,055,296 | ---- | C] () -- C:\Users\Salva\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.05 00:59:40 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008.02.04 22:13:44 | 000,002,032 | ---- | C] () -- C:\Users\Salva\AppData\Local\d3d9caps.dat
[2007.04.10 14:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.07.24 00:06:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\lxctgrd.dll
[2006.06.20 14:40:14 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxctdrs.dll
[2006.05.18 12:01:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxctcaps.dll
[2006.05.03 15:31:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxctcnv4.dll
[2005.06.24 03:37:50 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxctvs.dll
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL
[1997.11.17 16:13:16 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
========== LOP Check ==========
[2008.06.08 18:12:36 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\5400 Series
[2009.05.03 14:37:50 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\AD ON Multimedia
[2009.10.31 14:09:58 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Ashampoo
[2008.07.30 03:14:29 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Canneverbe_Limited
[2009.01.01 04:02:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools
[2009.01.01 04:03:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools Lite
[2009.01.01 04:02:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools Pro
[2008.11.07 18:59:36 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DataCast
[2009.12.30 22:33:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DeepBurner
[2010.11.03 15:57:41 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DNA
[2010.08.01 16:16:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.28 22:38:39 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\gtk-2.0
[2010.11.02 16:17:49 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQ
[2008.02.06 21:14:12 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQ Toolbar
[2008.08.01 20:51:21 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQLite
[2008.04.24 13:05:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\InterTrust
[2010.04.10 12:03:01 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\kosy
[2008.03.21 10:22:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\LimeWire
[2010.08.13 19:55:24 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Locktime
[2008.07.14 13:26:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2009.09.13 13:51:25 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.05.17 20:23:46 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Nokia
[2010.09.02 20:40:54 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Opera
[2008.09.03 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PacificPoker
[2010.05.17 20:23:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PC Suite
[2008.02.09 01:15:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PeerNetworking
[2010.07.11 23:34:03 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Screaming Bee
[2008.02.09 13:58:33 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\T-Online
[2010.06.01 13:08:01 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TeamViewer
[2010.11.02 16:17:06 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TS3Client
[2010.08.17 15:17:50 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TuneUp Software
[2010.09.24 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Ulyzg
[2010.04.11 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Uniblue
[2010.06.13 17:13:18 | 000,000,000 | ---D | M] -- C:\Users\Salva1\AppData\Roaming\ICQ
[2010.06.29 21:22:55 | 000,000,000 | ---D | M] -- C:\Users\Salva1\AppData\Roaming\PC Suite
[2010.06.13 16:13:40 | 000,000,000 | ---D | M] -- C:\Users\Salva1\AppData\Roaming\TeamViewer
[2010.11.03 06:28:39 | 000,032,628 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2008.06.08 18:12:36 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\5400 Series
[2009.05.03 14:37:50 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\AD ON Multimedia
[2008.06.07 11:33:00 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Adobe
[2010.07.15 21:38:55 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Apple Computer
[2009.10.31 14:09:58 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Ashampoo
[2009.05.03 14:21:17 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\AVS4YOU
[2008.07.30 03:14:29 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Canneverbe_Limited
[2009.01.01 04:02:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools
[2009.01.01 04:03:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools Lite
[2009.01.01 04:02:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DAEMON Tools Pro
[2008.11.07 18:59:36 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DataCast
[2009.12.30 22:33:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DeepBurner
[2010.02.23 13:22:12 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DivX
[2010.11.03 15:57:41 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DNA
[2009.05.25 19:33:00 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\dvdcss
[2010.08.01 16:16:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\DVDVideoSoftIEHelpers
[2008.05.02 16:30:44 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Google
[2009.10.28 22:38:39 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\gtk-2.0
[2010.11.02 16:17:49 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQ
[2008.02.06 21:14:12 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQ Toolbar
[2008.08.01 20:51:21 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\ICQLite
[2008.02.04 22:13:48 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Identities
[2008.02.05 10:42:55 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\InstallShield
[2008.04.24 13:05:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\InterTrust
[2010.04.10 12:03:01 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\kosy
[2008.03.21 10:22:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\LimeWire
[2010.08.13 19:55:24 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Locktime
[2008.02.04 23:10:51 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Macromedia
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Media Center Programs
[2008.07.14 13:26:22 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2009.09.13 13:51:25 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2009.11.06 12:28:16 | 000,000,000 | --SD | M] -- C:\Users\Salva\AppData\Roaming\Microsoft
[2009.04.22 21:31:56 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\mIRC
[2009.01.10 13:12:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Mozilla
[2010.05.17 20:23:46 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Nokia
[2010.11.03 15:39:26 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\OpenOffice.org2
[2010.09.02 20:40:54 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Opera
[2008.09.03 17:48:20 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PacificPoker
[2010.05.17 20:23:40 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PC Suite
[2008.02.09 01:15:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\PeerNetworking
[2010.07.11 23:34:03 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Screaming Bee
[2008.03.15 00:06:31 | 000,000,000 | RH-D | M] -- C:\Users\Salva\AppData\Roaming\SecuROM
[2010.10.09 19:04:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Skype
[2010.10.09 18:38:38 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\skypePM
[2008.02.09 13:58:33 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\T-Online
[2010.09.04 21:51:50 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\teamspeak2
[2010.06.01 13:08:01 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TeamViewer
[2010.11.02 16:17:06 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TS3Client
[2010.08.17 15:17:50 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TuneUp Software
[2008.06.02 13:03:24 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\TVU Networks
[2010.09.24 18:03:53 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Ulyzg
[2010.04.11 18:40:20 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Uniblue
[2008.03.23 20:32:35 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\vlc
[2008.02.06 18:28:38 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\WinRAR
[2010.06.16 10:41:05 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Xfire
[2008.02.08 23:22:38 | 000,000,000 | ---D | M] -- C:\Users\Salva\AppData\Roaming\Yahoo!
< %APPDATA%\*.exe /s >
[2007.11.20 12:50:04 | 000,088,576 | ---- | M] (AD ON Multimedia Advertising GmbH) -- C:\Users\Salva\AppData\Roaming\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe
[2008.02.17 00:06:05 | 004,506,256 | ---- | M] (Lime Wire LLC) -- C:\Users\Salva\AppData\Roaming\LimeWire\.NetworkShare\LimeWireWin4.16.6.exe
[2008.06.01 22:21:06 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Salva\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
[2008.06.01 22:21:06 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Salva\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
[2008.06.01 22:21:06 | 000,008,854 | R--- | M] () -- C:\Users\Salva\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\Uninstall_Project64__9559F7CA5E344237A2D9D856464AD727.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.17 12:15:14 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008.02.17 12:15:14 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008.02.17 12:15:13 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2008.02.05 01:57:06 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008.02.05 01:57:06 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: IASTORV.SYS >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< MD5 for: USER32.DLL >
[2008.02.05 01:44:04 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=63B4F59D7C89B1BF5277F1FFEFD491CD -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[2008.02.05 01:44:08 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2009.01.01 03:55:59 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006.11.02 11:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006.11.02 11:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.19 08:38:03 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.19 08:36:10 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
========== Files - Unicode (All) ==========
[2010.09.19 09:57:05 | 005,754,880 | ---- | M] ()(C:\Users\Salva\Desktop\Dj Smash - ?????.mp3) -- C:\Users\Salva\Desktop\Dj Smash - Птица.mp3
[2010.09.19 09:56:29 | 005,754,880 | ---- | C] ()(C:\Users\Salva\Desktop\Dj Smash - ?????.mp3) -- C:\Users\Salva\Desktop\Dj Smash - Птица.mp3
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Users\Salva\Documents\clip0001.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Salva\Desktop\cjz-zeiten_xvid.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Salva\Desktop\(24) [Tunnel Allstars DJ Team] Liebesrausch.mp3:TOC.WMV
@Alternate Data Stream - 41688 bytes -> C:\Users\Salva\Documents\clip0002.avi:TOC.WMV
< End of report >
--- --- --- |
