Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AKM Virus blockt den gesamten PC (https://www.trojaner-board.de/118190-akm-virus-blockt-gesamten-pc.html)

Bupi 29.06.2012 12:05
AKM Virus blockt den gesamten PC
 
Ein großes Hallo erstmal.

Direkt zu meinem Problem, der "AKM" Virus.

Ich starte meinen PC, Egal ob abgesicherter Modus oder ein anderes Konto. Es klappt nix. Ich habe es mit der Anleitung bei TaCi05 (?) probiert, nix geworden, und wollte bevor ich eigene spiränzchen mach lieber doch nocheinmal ein genaues Feedback haben.

Ich bin beim Schritt stehengeblieben über eine CD oder einen USB-Stick zu booten. Mit dem könnt ich ja viel anfangen, und währ eigentlich der wichtigste Schritt, aber ne, nix daraus geworden :headbang: :headbang: . Es hat einfach nur 5 std. gebootet und nix war.

Von mir aus können die Schritte auch das System neu aufsetzten, nur davor muss ich einfach meine Daten sichern, 300 GB an Daten.

Freue mich jetzt schon auf eine Antwort.
Lg. Bupi

markusg 29.06.2012 16:59
hi,
etwas genauer bitte, hing das system beim booten einfach, gabs ne fehlermeldung, wenn ja welche?
so schnell geben wir nicht auf :-)

Bupi 30.06.2012 13:05
Hallo
Es stand da Booting from Swissflash(meim USBstick) ,mehr stand dann nicht mehr da, nach 3 std Wartezeit.

Ich habe wie beim Thread von TaCi05 die 2 Datein (Oldtimer OTL und eeepcfr) gesaugt, und auf den USB stick gegeben.
Was mir jetzt aufgefallen ist, das ich diese eine Datei nicht in eine ISO Datei umwandeln konnte. Könntet ihr das machen und das bei z.b mediafire uploaden und ich saug das auf meinen USB rauf, da ich jetzt auf meinem 2.ten Computer(nen Mac) sitze und dort nix auf ISO "konvertieren" bzw. Brennen kann, und meine Nachbern kenne ich nicht :D.

Wär der UNTERGANG wenn ich meine Spiele alle neu Installieren müsst und meine Musik wieder zusammensuchen muss von Sticks-Festplatten-CD's. Würde Monate brauchen :P .

PS: Könnt ihr mir gleich ein gutes Antivirenprogramm bzw ein Programm das mir die schädliche Software entfernt empfehlen, weil ich glaub ich hab noch ein Paar unerwünschte Gäste auf meinem PC.

LG. Jakob

markusg 30.06.2012 13:32
dafür hat man ja ne datensicherung...
wohnen keine freunde bzw bekannten in deiner nähe?

Bupi 30.06.2012 13:35
Keine die Internet haben oder nicht auf urlaub sind oder keinen mac haben :D

markusg 30.06.2012 13:37
überprüfe mal ob du den usb stick überhaupt richtig erstellt hast.
nen windows pc ist warscheinlich von nöten, keine ahnung wie das mit nem mac geht brauch ich persönlich nicht :d
wenn nicht halt mal in ein intenet kafee gehen

Bupi 30.06.2012 14:38
wie meinst du richtig erstellt?, was muss den alles rauf?? OTL und des EEE ding oder????

markusg 30.06.2012 14:40
Erstellen wir einen bootbaren USB Stick für OTLPE

Wichtig:
Der USB Stick muss mindestens 512 MB oder mehr haben. Sichere gegebenfalls alle Dateien von dem USB Stick, diese werden nach den folgenden Schritten nicht
mehr vorhanden sein.
Downloade dir eeepcfr.zip und entpacke die Datei nach Systemroot (meistens
C:\).
  • Leere den USB Stick auf den Du OTLPE erstellen willst.
  • Navigiere nach C:\eeecpfr und starte usb_prep8.cmd.
  • Drücke
    im DOS Fenster eine beliebige Taste.
  • Gehe nun sicher das der richtige Laufwerksbuchstabe deines USB Sticks ganz oben steht.
    Für Drive Label: gib ein OTLPE.
    Unter Source Path to built BartPE/WinPE Files klicke ... und wähle den vorher erstellten OTLPE Ordner .
    Setze ein Häckchen bei Enable File Copy.
  • Klicke Start, akzeptiere die Nutzungsbestimmungen.
Nun kannst Du mit dem USB Stick dein System starten!

Nun boote von mit der OTLPE USB Stick.
Hinweis: Wie boote ich von CD (einfach statt ner CD USB Device
auswählen)
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Wenn Du gefragt
    wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s)
    for scanning"    , dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.

  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt
    und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste
    den Inhalt von C:\OTL.Txt und Extras.Txt.

Bupi 30.06.2012 14:50
bis davor check ichs ja, nur brauch ich da verpflichtend die ISO damit ich dafür booten kann?!
ZITAT:
Downloade dir eeepcfr.zip und entpacke die Datei nach Systemroot (meistens
C:\).

* Leere den USB Stick auf den Du OTLPE erstellen willst.
* Navigiere nach C:\eeecpfr und starte usb_prep8.cmd.
* Drücke
im DOS Fenster eine beliebige Taste.
* Gehe nun sicher das der richtige Laufwerksbuchstabe deines USB Sticks ganz oben steht.
Für Drive Label: gib ein OTLPE.
Unter Source Path to built BartPE/WinPE Files klicke ... und wähle den vorher erstellten OTLPE Ordner .
Setze ein Häckchen bei Enable File Copy.
* Klicke Start, akzeptiere die Nutzungsbestimmungen.

da steigts bei mir auch irgendwie aus? das kapier ich nischt

markusg 30.06.2012 15:12
was genau.
steht doch da was zu tun ist, auf c: entpacken und dann den geposteten anweisung folgen.

Bupi 01.07.2012 08:43
Also wenn ich den Anweisungen auf einem Windows folge dann klappt das?!
Dann schau ich mal ob sich heut nach der arbeit das Internetcafeausgeht :D

Bupi 02.07.2012 17:17
Ok, Soweit so gut, habs mir dann noch auf eine CD gebrannt und bin jetzt bei OTL.
scanne alles durch (mit dem Code(?) bzw den befehlen in der box, und dann steht auf einmal da , OUT OF MEMORY
OK kann man klicken und BÄNG nix geht mehr.
scann grad ein 2tes mal aber glaub das das nochmal passiert

könnt ich sonst einfach meine Daten von der CD aus retten, den PCauf die Werkeinstellungen zurücksetzen und eine neue "windowschance" haben bzw. komplett virenfrei neu anfangen?

danke nochmal für die geduld :)

Edit:
beim 2ten mal auch aufgehängt aber ohne out of memory medlung

ergebniss von der datei

"

ˇ˛All processes killed

========== OTL ==========

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ffdwnd not found.

File C:\Dokumente und Einstellungen\USER200\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\firefox.exe not found.

========== COMMANDS ==========



[EMPTYFLASH]



User: All Users



User: bupi

->Flash cache emptied: 8558 bytes



User: Default

->Flash cache emptied: 0 bytes



User: Default User

->Flash cache emptied: 0 bytes



User: IUSR_NMPR



User: Public



User: UpdatusUser

->Flash cache emptied: 0 bytes



Total Flash Files Cleaned = 0,00 mb





[EMPTYTEMP]



User: All Users



User: bupi

->Temp folder emptied: 1158002708 bytes

->Temporary Internet Files folder emptied: 29436579 bytes

->Java cache emptied: 33550280 bytes

->FireFox cache emptied: 58884608 bytes

->Apple Safari cache emptied: 17671168 bytes

->Flash cache emptied: 0 bytes



User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 0 bytes



User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes



User: IUSR_NMPR

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes



User: Public



User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 33170 bytes

->Flash cache emptied: 0 bytes



%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 1879628 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 7346 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 31876429 bytes

RecycleBin emptied: 141988 bytes



Total Files Cleaned = 1.270,00 mb





OTL by OldTimer - Version 3.2.31.0 log created on 03022012_150726



Files\Folders moved on Reboot...



Registry entries deleted on Reboot...



dat wars, ?
Ich komm nicht mehr ganz mit, normal starten geht. zb nochimmer nischt

markusg 03.07.2012 19:08
wieso hast du einfach irgend nen script zum entfernen ausgeführt, das steht hier doch gar nicht
scanne mit otl ohne script bitte.

Bupi 03.07.2012 19:17
Oh..... Ups, sorry, wird gemacht, ergebniss bekommst in 15 min
als edit


EDIT:OTL Logfile:
Code:
OTL logfile created on: 7/3/2012 9:33:01 PM - Run
OTLPE by OldTimer - Version 3.1.48.0    Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Premium Service Pack 2 (Version = 6.0.6002) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445.76 Gb Total Space | 27.87 Gb Free Space | 6.25% Space Free | Partition Type: NTFS
Drive D: | 19.99 Gb Total Space | 10.15 Gb Free Space | 50.76% Space Free | Partition Type: FAT32
Drive H: | 3.76 Gb Total Space | 3.76 Gb Free Space | 99.99% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012/06/16 11:00:18 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/05/03 10:35:04 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2012/05/03 10:33:56 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/02/29 03:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/25 09:47:58 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/10 05:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 05:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/02/10 00:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/09 15:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/11/18 09:13:54 | 001,510,720 | ---- | M] (TuneUp Software) [Auto] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/10/29 06:54:36 | 000,131,912 | ---- | M] (Desura Pty Ltd) [On_Demand] -- C:\Program Files\Common Files\Desura\desura_service.exe -- (Desura Install Service)
SRV - [2010/02/11 22:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009/08/16 09:01:16 | 000,222,968 | ---- | M] () [Auto] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2008/03/12 13:12:12 | 000,069,120 | ---- | M] (Google) [On_Demand] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe -- (GoogleDesktopManager)
SRV - [2008/01/18 18:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/19 12:42:38 | 000,290,909 | ---- | M] () [Auto] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe -- (TVECapSvc) TVEnhance Background Capture Service (TBCS)
SRV - [2007/10/19 12:42:38 | 000,114,779 | ---- | M] () [Auto] -- C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe -- (TVESched) TVEnhance Task Scheduler (TTS))
SRV - [2007/10/08 18:19:22 | 000,358,936 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007/06/27 05:18:08 | 000,223,448 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel(R)
SRV - [2007/06/27 05:17:26 | 000,272,600 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe -- (QualityManager) Intel(R)
SRV - [2007/06/27 05:17:12 | 000,446,680 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel(R)
SRV - [2007/06/27 05:16:02 | 000,157,912 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel(R)
SRV - [2007/06/27 05:15:28 | 000,039,640 | ---- | M] (Intel(R) Corporation) [On_Demand] -- C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe -- (DHTRACE) Intel(R)
SRV - [2007/06/27 05:15:14 | 000,059,096 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel(R)
SRV - [2007/06/27 05:14:46 | 000,317,656 | ---- | M] (Intel(R) Corporation) [Auto] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe -- (NMSCore) Intel(R)
SRV - [2007/06/27 05:13:56 | 000,268,504 | ---- | M] () [Auto] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel(R) Viiv(TM)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/05/17 17:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007/02/12 06:46:34 | 000,208,896 | ---- | M] () [Auto] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2005/11/17 09:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Program Files\Hofer Foto Service\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2001/11/12 07:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Program Files\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] --  -- (kbeepm)
DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)
DRV - File not found [Kernel | On_Demand] --  -- (esgiguard)
DRV - [2012/02/10 00:13:00 | 010,816,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2012/01/17 08:45:56 | 000,148,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2012/01/14 14:15:18 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2011/11/08 16:25:24 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand] -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011/04/14 10:57:51 | 000,233,024 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2010/07/29 21:32:44 | 001,255,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ksaud.sys -- (ksaud)
DRV - [2010/03/03 10:08:13 | 000,165,376 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/03/03 10:07:36 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/10/02 07:53:46 | 000,158,344 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\MAudioFastTrack.sys -- (MAUSBFASTTRACK)
DRV - [2009/09/04 07:48:39 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2009/05/11 04:12:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/07/08 06:21:11 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto] -- C:\Windows\System32\SVKP.sys -- (SVKP)
DRV - [2008/03/29 07:21:23 | 000,717,296 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2008/01/08 03:17:08 | 001,302,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2007/10/29 08:48:42 | 000,005,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\IntelDH.sys -- (IntelDH)
DRV - [2007/09/21 04:38:22 | 000,554,496 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007/06/29 08:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/06/27 05:17:46 | 000,014,552 | ---- | M] () [File_System | On_Demand] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2007/06/19 05:37:58 | 000,229,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2007/04/10 17:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2007/02/18 15:34:50 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto] -- C:\Windows\System32\drivers\nmsunidr.sys -- (nmsunidr)
DRV - [2007/02/08 13:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006/11/30 09:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006/11/23 13:20:06 | 000,018,432 | ---- | M] (SIA Syncrosoft) [Kernel | On_Demand] -- C:\Windows\System32\drivers\synasUSB.sys -- (SynasUSB)
DRV - [2006/11/17 04:31:04 | 000,013,976 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\x10hid.sys -- (X10Hid)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/07/05 08:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/06/14 10:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/11/22 09:04:42 | 008,719,104 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\Administrator_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Administrator_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\Administrator_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\bupi_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\bupi_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\bupi_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\bupi_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
IE - HKU\bupi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\bupi_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\IUSR_NMPR_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\IUSR_NMPR_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\UpdatusUser_ON_C\..\URLSearchHook: {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\UpdatusUser_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc;version=0.8.6f: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\bupi\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/16 11:00:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/12 09:33:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\bupi\Program Files\DNA [2011/11/20 07:23:05 | 000,000,000 | ---D | M]
 
[2008/07/21 06:51:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bupi\AppData\Roaming\Mozilla\Extensions
[2012/05/30 09:31:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions
[2012/05/30 09:31:23 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/10/03 19:05:34 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009/04/28 14:19:28 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2009/01/27 17:46:05 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2012/03/27 09:55:29 | 000,000,933 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\11-suche.xml
[2011/02/21 12:56:59 | 000,000,873 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\conduit.xml
[2012/03/27 09:55:29 | 000,002,419 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\englische-ergebnisse.xml
[2012/05/01 10:35:45 | 000,010,534 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\gmx-suche-sterreich.xml
[2012/03/27 09:55:29 | 000,010,525 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\gmx-suche.xml
[2012/06/20 12:57:41 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-1.xml
[2010/12/18 17:51:00 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-10.xml
[2011/02/21 14:04:09 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-11.xml
[2011/04/06 07:47:07 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-12.xml
[2011/05/05 18:07:35 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-13.xml
[2011/06/26 08:40:23 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-14.xml
[2011/08/13 05:25:57 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-15.xml
[2010/01/06 16:43:53 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-2.xml
[2010/03/03 10:27:29 | 000,000,961 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-3.xml
[2010/03/31 17:32:05 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-4.xml
[2010/04/03 08:37:33 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-5.xml
[2010/09/06 17:19:30 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-6.xml
[2010/09/18 06:47:45 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-7.xml
[2010/10/28 18:27:26 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-8.xml
[2010/10/31 15:03:28 | 000,000,950 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin-9.xml
[2009/10/14 13:13:26 | 000,000,944 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\icqplugin.xml
[2012/03/27 09:55:29 | 000,002,457 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\lastminute.xml
[2009/05/27 11:07:31 | 000,001,632 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\live-search.xml
[2012/03/27 09:55:29 | 000,005,508 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Mozilla\Firefox\Profiles\9aeo6d2a.default\searchplugins\webde-suche.xml
[2012/03/10 14:06:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/09 15:47:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012/03/10 14:06:42 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) --
() (No name found) -- C:\USERS\BUPI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9AEO6D2A.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BUPI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\9AEO6D2A.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012/06/16 11:00:19 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/07 20:45:16 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2010/09/27 09:03:39 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2003/12/19 06:58:34 | 000,057,344 | ---- | M] (Playnet Inc.) -- C:\Program Files\mozilla firefox\plugins\NPplaynet.dll
[2012/06/11 05:13:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/06/11 05:13:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/06/11 05:13:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/06/11 05:13:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/06/11 05:13:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/06/11 05:13:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\toolbaru.dll (IE Toolbar)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (free-downloads.net Toolbar) - {ecdee021-0d17-467f-a1ff-c7a115230949} -  File not found
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  File not found
O3 - HKU\bupi_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\bupi_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  File not found
O3 - HKU\IUSR_NMPR_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\IUSR_NMPR_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  File not found
O3 - HKU\UpdatusUser_ON_C\..\Toolbar\WebBrowser: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKU\UpdatusUser_ON_C\..\Toolbar\WebBrowser: (free-downloads.net Toolbar) - {ECDEE021-0D17-467F-A1FF-C7A115230949} -  File not found
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [Creative SB Monitoring Utility] C:\Windows\System32\SBAVMon.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [toolbar_eula_launcher]  File not found
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKLM..\Run: [TVEService] C:\Program Files\HomeCinema\TV Enhance\TVEService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi Surround 5.1 Pro\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}]  File not found
O4 - HKU\Administrator_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}]  File not found
O4 - HKU\Administrator_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O4 - HKU\Administrator_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\Administrator_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\Administrator_ON_C..\Run: [NVIDIA driver monitor]  File not found
O4 - HKU\Administrator_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\Administrator_ON_C..\Run: [RGSC]  File not found
O4 - HKU\Administrator_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\Administrator_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\bupi_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}]  File not found
O4 - HKU\bupi_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}] C:\Users\bupi\AppData\Roaming\Microsoft\torrent.exe ()
O4 - HKU\bupi_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O4 - HKU\bupi_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\bupi_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\bupi_ON_C..\Run: [NVIDIA driver monitor]  File not found
O4 - HKU\bupi_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\bupi_ON_C..\Run: [RGSC]  File not found
O4 - HKU\bupi_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}]  File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}]  File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [NVIDIA driver monitor]  File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [RGSC]  File not found
O4 - HKU\IUSR_NMPR_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\IUSR_NMPR_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [{9B338E1F-26D8-3356-2B12-4DA1683823F3}]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [{E1C80263-F055-11DC-B0CA-806E6F6E6963}]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [4E3E0230AEBB4E96]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKU\UpdatusUser_ON_C..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts)
O4 - HKU\UpdatusUser_ON_C..\Run: [NVIDIA driver monitor]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [OnlineFestplatte] C:\Program Files\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\UpdatusUser_ON_C..\Run: [RGSC]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [Steam] C:\Program Files\Steam\steam.exe (Valve Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\Administrator_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - HKU\bupi_ON_C..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.)
O4 - HKU\IUSR_NMPR_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\IUSR_NMPR_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [CTAutoUpdate] C:\Program Files\Creative\Shared Files\Software Update\AutoUpdate.exe (Creative Technology Ltd)
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [InetReg] C:\Program Files\Creative\Produktregistrierung\German\InetReg.exe (Creative Technology Ltd)
O4 - Startup: C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\IUSR_NMPR_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube Download - C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/5/b/0/5b0d4654-aa20-495c-b89f-c1c34c691085/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (C:\Users\bupi\AppData\Local\Temp\wpbt0.dll) - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll ()
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O31 - SafeBoot: AlternateShell - C:\Users\bupi\AppData\Local\Temp\wpbt0.dll
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{07656abd-6504-11e0-96e4-001d9223a406}\Shell - "" = AutoRun
O33 - MountPoints2\{07656abd-6504-11e0-96e4-001d9223a406}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{184a6769-3771-11e0-a241-001d9223a406}\Shell\AutoRun\command - "" = L:\setup.exe
O33 - MountPoints2\{eb7a6596-f2fd-11de-8a11-001d9223a406}\Shell - "" = AutoRun
O33 - MountPoints2\{eb7a6596-f2fd-11de-8a11-001d9223a406}\Shell\AutoRun\command - "" = "K:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/24 08:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\CRS
[2012/06/23 09:13:52 | 000,000,000 | ---D | C] -- C:\Program Files\Dropbox
[2012/06/22 03:00:44 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012/06/22 03:00:44 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012/06/22 03:00:14 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012/06/22 03:00:14 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012/06/14 15:50:06 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/06/14 15:50:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/06/14 15:50:04 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/06/14 15:50:03 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2012/06/14 15:50:03 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/06/14 15:50:02 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/06/14 15:50:02 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/06/14 15:50:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/06/13 11:36:47 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2008/07/06 16:20:42 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\rsnpstd3.dll
[2008/07/06 16:20:42 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[2008/07/06 16:20:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\vsnpstd3.dll
[2008/07/06 16:20:42 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/03 18:09:31 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 18:09:31 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 18:09:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/03 18:09:26 | 3217,223,680 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/03 14:09:39 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/26 16:19:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/26 15:30:05 | 000,028,603 | ---- | M] () -- C:\Users\bupi\Desktop\post.jpg
[2012/06/24 23:46:09 | 000,205,075 | ---- | M] () -- C:\Users\bupi\Desktop\4586013_460s.jpg
[2012/06/23 22:44:40 | 000,297,663 | ---- | M] () -- C:\Users\bupi\Desktop\4578955_460s.jpg
[2012/06/23 11:12:57 | 000,281,152 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2012/06/23 09:34:32 | 000,000,054 | ---- | M] () -- C:\Users\bupi\Desktop\OpenDocument Text (neu).odt
[2012/06/23 09:14:02 | 000,000,991 | ---- | M] () -- C:\Users\bupi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/23 04:45:04 | 000,049,730 | ---- | M] () -- C:\Users\bupi\Desktop\4564372_460s.jpg
[2012/06/21 18:28:28 | 001,348,495 | ---- | M] () -- C:\Users\bupi\Desktop\4554500_460s.jpg
[2012/06/21 07:27:13 | 000,230,424 | ---- | M] () -- C:\img2-001.raw
[2012/06/18 16:33:18 | 000,138,992 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2012/06/18 16:33:08 | 000,281,152 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2012/06/15 09:08:51 | 000,403,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/14 15:41:59 | 000,016,180 | ---- | M] () -- C:\Users\bupi\AppData\Local\d3d9caps.dat
[2012/06/11 06:39:48 | 000,029,523 | ---- | M] () -- C:\Users\bupi\Desktop\4440614_460s.jpg
[2012/06/10 11:34:26 | 000,753,515 | ---- | M] () -- C:\Users\bupi\Desktop\4423594_460s.jpg
[2012/06/10 11:22:26 | 000,046,699 | ---- | M] () -- C:\Users\bupi\Desktop\4436006_460s.jpg
[2012/06/05 19:23:01 | 000,592,308 | ---- | M] () -- C:\Users\bupi\Desktop\4166056_460s_v1.jpg
[2012/06/05 17:21:28 | 000,557,857 | ---- | M] () -- C:\Users\bupi\Desktop\4379025_460s.jpg
[2012/06/05 17:16:47 | 000,179,231 | ---- | M] () -- C:\Users\bupi\Desktop\4381123_460s.jpg
[2012/06/05 17:11:52 | 000,038,795 | ---- | M] () -- C:\Users\bupi\Desktop\4383590_460s.jpg
[2012/06/04 08:23:04 | 000,334,354 | ---- | M] () -- C:\Users\bupi\Desktop\DSC00823.JPG
[6 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/02 07:59:46 | 3217,223,680 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/26 15:30:04 | 000,028,603 | ---- | C] () -- C:\Users\bupi\Desktop\post.jpg
[2012/06/24 23:46:09 | 000,205,075 | ---- | C] () -- C:\Users\bupi\Desktop\4586013_460s.jpg
[2012/06/23 22:44:40 | 000,297,663 | ---- | C] () -- C:\Users\bupi\Desktop\4578955_460s.jpg
[2012/06/23 09:32:42 | 000,000,054 | ---- | C] () -- C:\Users\bupi\Desktop\OpenDocument Text (neu).odt
[2012/06/23 04:45:04 | 000,049,730 | ---- | C] () -- C:\Users\bupi\Desktop\4564372_460s.jpg
[2012/06/21 18:28:28 | 001,348,495 | ---- | C] () -- C:\Users\bupi\Desktop\4554500_460s.jpg
[2012/06/11 06:39:48 | 000,029,523 | ---- | C] () -- C:\Users\bupi\Desktop\4440614_460s.jpg
[2012/06/10 11:34:26 | 000,753,515 | ---- | C] () -- C:\Users\bupi\Desktop\4423594_460s.jpg
[2012/06/10 11:22:25 | 000,046,699 | ---- | C] () -- C:\Users\bupi\Desktop\4436006_460s.jpg
[2012/06/05 19:23:01 | 000,592,308 | ---- | C] () -- C:\Users\bupi\Desktop\4166056_460s_v1.jpg
[2012/06/05 17:21:28 | 000,557,857 | ---- | C] () -- C:\Users\bupi\Desktop\4379025_460s.jpg
[2012/06/05 17:16:47 | 000,179,231 | ---- | C] () -- C:\Users\bupi\Desktop\4381123_460s.jpg
[2012/06/05 17:11:52 | 000,038,795 | ---- | C] () -- C:\Users\bupi\Desktop\4383590_460s.jpg
[2012/06/04 08:23:29 | 000,334,354 | ---- | C] () -- C:\Users\bupi\Desktop\DSC00823.JPG
[2012/05/03 10:43:11 | 000,181,760 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012/05/03 10:43:11 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012/05/03 10:42:28 | 000,044,795 | R--- | C] () -- C:\Windows\System32\kschimp.ini
[2012/05/03 10:36:54 | 000,034,637 | ---- | C] () -- C:\Windows\System32\ksaud.ini
[2012/05/03 10:36:54 | 000,001,772 | ---- | C] () -- C:\ProgramData\cfSB1095.ini
[2012/03/10 13:31:50 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2012/02/09 15:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/01/01 17:34:07 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/11/26 14:31:31 | 000,110,592 | ---- | C] () -- C:\Windows\System32\rtvcvfw32.dll
[2011/11/16 06:28:01 | 000,150,346 | ---- | C] () -- C:\Windows\hpwins10.dat
[2011/11/16 06:27:52 | 000,010,385 | ---- | C] () -- C:\Windows\hpwscr10.dat
[2011/11/16 06:27:52 | 000,001,042 | ---- | C] () -- C:\Windows\hpwmdl10.dat
[2011/11/14 07:50:01 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/11/14 07:49:07 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/11/14 07:49:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/10/13 21:03:30 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/09/28 12:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/06/11 05:32:19 | 000,028,272 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\OFMissionEditorConfig.xml
[2011/03/29 04:00:00 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011/03/24 15:35:18 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011/03/24 15:28:12 | 000,631,808 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011/03/02 06:43:46 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/02/01 11:58:04 | 000,001,100 | ---- | C] () -- C:\Users\bupi\AppData\Local\d3d8caps.dat
[2010/09/02 03:33:54 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2010/09/02 03:32:52 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2010/08/27 09:43:58 | 002,434,856 | ---- | C] () -- C:\Windows\System32\pbsvc_bc2.exe
[2010/03/03 10:08:13 | 000,165,376 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/03/03 10:07:36 | 000,018,048 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/02/10 23:16:10 | 000,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/09/21 06:58:42 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/09/06 10:00:56 | 000,037,632 | ---- | C] () -- C:\Windows\DPUNIN20.EXE
[2009/08/13 18:14:31 | 000,314,702 | ---- | C] () -- C:\Windows\Theatre Of War Uninstaller.exe
[2009/08/03 09:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 09:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/03/12 10:13:33 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2009/02/25 10:25:52 | 000,139,152 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\PnkBstrK.sys
[2009/02/25 10:25:52 | 000,138,992 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009/02/25 10:25:37 | 000,281,152 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe
[2009/02/25 10:25:35 | 000,794,408 | ---- | C] () -- C:\Windows\System32\pbsvc.exe
[2009/02/25 10:25:35 | 000,076,888 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009/02/13 18:03:10 | 000,022,647 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\UserTile.png
[2009/01/23 16:21:04 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys
[2009/01/21 11:44:51 | 000,000,019 | ---- | C] () -- C:\Windows\KNP.INI
[2009/01/03 17:23:43 | 000,286,208 | ---- | C] () -- C:\Windows\System32\binkw32.dll
[2008/12/22 14:35:30 | 000,200,704 | ---- | C] () -- C:\Windows\System32\teulKit.dll
[2008/09/14 04:59:31 | 000,069,632 | ---- | C] () -- C:\Windows\System32\xmltok.dll
[2008/09/14 04:59:31 | 000,036,864 | ---- | C] () -- C:\Windows\System32\xmlparse.dll
[2008/08/19 15:56:07 | 000,001,600 | ---- | C] () -- C:\Windows\eReg.dat
[2008/08/08 07:03:38 | 000,000,092 | ---- | C] () -- C:\Users\bupi\AppData\Local\fusioncache.dat
[2008/08/06 04:10:33 | 000,000,000 | ---- | C] () -- C:\Users\bupi\AppData\Roaming\Default.PLS
[2008/07/21 15:52:35 | 000,000,347 | ---- | C] () -- C:\Windows\CoDUO.INI
[2008/07/21 15:41:38 | 000,000,745 | ---- | C] () -- C:\Windows\CoD.INI
[2008/07/08 06:21:57 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2008/07/06 16:20:43 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2008/07/06 16:20:43 | 000,090,112 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2008/07/06 16:20:43 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2008/07/06 16:20:42 | 008,719,104 | ---- | C] () -- C:\Windows\System32\drivers\snpstd3.sys
[2008/07/06 16:20:42 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd3.exe
[2008/07/06 11:27:53 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2008/06/27 04:40:08 | 000,000,084 | ---- | C] () -- C:\Users\bupi\AppData\default.pls
[2008/03/20 17:20:38 | 000,399,360 | ---- | C] () -- C:\Windows\System32\Smab.dll
[2008/03/20 17:20:37 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe
[2008/03/20 17:20:37 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe
[2008/03/20 17:20:37 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe
[2008/03/20 17:20:37 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/03/20 17:20:36 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe
[2008/03/20 17:19:04 | 000,151,040 | -HS- | C] () -- C:\Windows\System32\VistaUltm.dll
[2008/03/20 17:19:04 | 000,027,648 | -HS- | C] () -- C:\Windows\System32\Smab0.dll
[2008/03/19 09:05:00 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008/03/18 02:03:39 | 000,142,848 | ---- | C] () -- C:\Users\bupi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/03/16 06:12:22 | 000,016,180 | ---- | C] () -- C:\Users\bupi\AppData\Local\d3d9caps.dat
[2008/03/15 13:03:28 | 000,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008/01/28 05:39:58 | 000,009,824 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2007/10/29 06:55:47 | 000,000,000 | ---- | C] () -- C:\Windows\homeDVD-Fotos.INI
[2007/10/29 06:53:22 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2007/10/29 06:45:31 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007/10/23 11:07:03 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/10/23 07:59:52 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2007/04/10 17:46:52 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2006/12/11 00:06:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/02 11:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 11:33:31 | 000,117,714 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 11:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 11:33:31 | 000,000,000 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,403,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,582,484 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,096,748 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 05:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2005/10/15 08:25:20 | 000,028,672 | ---- | C] () -- C:\Windows\System32\myodbc3i.exe
[2005/10/15 08:25:20 | 000,011,776 | ---- | C] () -- C:\Windows\System32\myodbc3m.exe
[2004/12/07 23:21:10 | 000,065,536 | ---- | C] () -- C:\Windows\System32\xfire_lsp_10650.dll
[1997/06/14 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2012/03/11 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DAEMON Tools Pro
[2012/03/03 12:29:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Origin
[2012/03/03 12:37:37 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2012/01/02 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\.minecraft
[2012/04/18 07:49:52 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ableton
[2009/01/17 08:12:16 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Audio Record Edit Toolbox
[2008/11/06 14:57:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Audio Recorder for Free
[2009/05/05 11:47:48 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Babylon
[2011/06/06 09:41:33 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\BANDISOFT
[2011/04/15 21:23:23 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\BitTorrent
[2009/02/01 09:31:39 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Black Sea Studios
[2008/03/29 07:20:59 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DAEMON Tools
[2011/04/14 11:01:04 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DAEMON Tools Pro
[2011/11/20 17:25:00 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DNA
[2012/06/26 14:01:07 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Dropbox
[2010/10/18 16:46:40 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DVDVideoSoft
[2011/06/22 12:56:08 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\DVDVideoSoftIEHelpers
[2008/07/30 10:42:22 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ebner
[2010/03/27 10:04:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\FMZilla
[2009/06/20 14:03:43 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Gearbox Software
[2011/06/15 18:47:35 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\GetRightToGo
[2011/09/13 11:33:49 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\ICQ
[2008/03/29 07:26:10 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\ICQ Toolbar
[2011/08/16 21:31:32 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Kibou
[2011/05/05 17:41:06 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Leadertech
[2009/04/02 14:51:56 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\LimeWire
[2008/03/12 13:25:11 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\MAGIX
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\mquadr.at
[2012/06/23 11:13:17 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Mumble
[2010/02/09 08:02:19 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Mumble(PR Edition)
[2011/08/17 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Norib
[2011/11/16 06:03:45 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Origin
[2010/03/03 10:08:23 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\SpieleEntwicklungsKombinat
[2009/01/23 16:23:46 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Steinberg
[2011/06/14 13:58:27 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\The Creative Assembly
[2012/06/03 17:46:50 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\TS3Client
[2011/11/26 14:31:54 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\TuneUp Software
[2008/08/08 11:05:10 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Turbine
[2009/08/11 11:16:40 | 000,000,000 | ---D | M] -- C:\Users\bupi\AppData\Roaming\Ubisoft
[2012/04/18 07:42:14 | 000,000,000 | ---D | M] -- C:\ProgramData\Ableton
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2009/08/13 06:33:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2011/04/14 10:57:12 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Pro
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2011/10/29 06:51:39 | 000,000,000 | ---D | M] -- C:\ProgramData\Desura
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/07/21 09:14:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2011/11/10 10:04:52 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2012/02/29 19:00:04 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2011/10/28 10:28:32 | 000,000,000 | ---D | M] -- C:\ProgramData\eH21712AgMgB21712
[2011/11/14 08:36:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2009/12/09 15:48:02 | 000,000,000 | ---D | M] -- C:\ProgramData\ICQ
[2009/08/30 10:49:16 | 000,000,000 | ---D | M] -- C:\ProgramData\KONAMI
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\ProgramData\m2backup
[2010/10/12 10:25:40 | 000,000,000 | ---D | M] -- C:\ProgramData\m2portal
[2007/10/29 06:46:31 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2010/10/11 11:00:57 | 000,000,000 | ---D | M] -- C:\ProgramData\mquadr.at
[2012/03/03 11:19:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2008/06/18 11:57:14 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2010/03/03 10:08:23 | 000,000,000 | ---D | M] -- C:\ProgramData\SpieleEntwicklungsKombinat
[2006/11/02 09:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2008/06/18 11:56:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2009/01/23 16:21:04 | 000,000,000 | ---D | M] -- C:\ProgramData\Syncrosoft
[2006/11/02 09:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/11/26 14:33:09 | 000,000,000 | ---D | M] -- C:\ProgramData\TuneUp Software
[2012/01/01 07:24:45 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2007/10/23 10:01:51 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2008/03/12 13:20:33 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2009/07/04 13:50:50 | 000,000,000 | ---D | M] -- C:\ProgramData\WindowsSearch
[2007/10/23 08:04:20 | 000,000,000 | ---D | M] -- C:\ProgramData\X10 Settings
[2010/10/11 11:00:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\{0B1855D9-8D06-4BE1-B93C-7EFA1D0C3E32}
[2007/10/23 09:37:41 | 000,000,000 | ---D | M] -- C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2010/10/11 10:47:14 | 000,000,000 | -H-D | M] -- C:\ProgramData\{29558F44-C67B-4F2C-99E0-F1CE2AE1F960}
[2011/11/26 14:29:54 | 000,000,000 | -HSD | M] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010/10/11 10:47:05 | 000,000,000 | -H-D | M] -- C:\ProgramData\{392ECEAB-FD15-485B-8C44-C2C591EDECB5}
[2010/09/09 19:00:06 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/01 12:23:50 | 000,000,000 | ---D | M] -- C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/10/11 11:00:22 | 000,000,000 | -H-D | M] -- C:\ProgramData\{DE1CDDDC-29FB-4BCF-94A4-B8339595BAB7}
[2012/07/03 14:11:14 | 000,032,536 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
--- --- ---

markusg 03.07.2012 19:19
bitte verzichte auf solche zwischen posts, sonst muss ich immer reingucken ob du noch was hinzugefügt hast :-)


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:36 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131