herr nachbar | 19.11.2012 01:02 | Liste der Anhänge anzeigen (Anzahl: 2) Zitat:
Zudem wird der Strang hier immer schwieriger, ich hab den Eindruck du verzettelst dich in dutzenden Themen und Vermutungen, bringst hier und da was durcheinaner und folgst dann einem völlig falschen Weg, deswegen gehe ich auf den anderen Text erstmal nicht näher ein
| okay. hast ja recht :)
hab jetzt geschafft n Windows 7 x64 zu installieren, jetzt hab ich wenigstens halbwegs aktuelle updates nach der Neuinstallation.
Leider hab ich hier schon ein paar Programme und Treiber installiert. Ich dachte schon ich hab endlich Ruhe und nach 15min ging es dann wieder los :/
Verallgemeinert könnte man sagen:
- viel zu hohe CPU Auslastung und Festplattenaktivität.
- Langsame Internetverbindung mit disconnects.
- Das Bios hat stark veränderte Optionen
- Registryeinstellungen setzen sich nach Neustart oder sogar Betriebssystemwechsel wieder zurück
- Treiber stürzen ab
- Ich habe auf einmal ganz viele PCI Geräte.
- Virenscanner und Rootkit scanner finden nichts.
- Doppelte Ordner und Dateien erstellen sich, ohne Zugriffsrechte auf diese zu haben und nach ner Zeit wieder verschwinden
und naja. hier nochmal n aktuelles otl log. ich weiß echt nicht wie ich das wieder loswerde ohne n neues mainboard oder pc zu kaufen. Code:
OTL logfile created on: 19.11.2012 00:45:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gggggg\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 47,09% Memory free
6,50 Gb Paging File | 4,41 Gb Available in Paging File | 67,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 372,51 Gb Total Space | 354,18 Gb Free Space | 95,08% Space Free | Partition Type: NTFS
Computer Name: GGGGGG-PC | User Name: gggggg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\gggggg\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
PRC - C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Programme\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe (CMedia)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\HsMgr.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\avcodec-54.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libglesv2.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\avformat-54.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\avutil-51.dll ()
MOD - C:\Program Files (x86)\Comodo\Dragon\libegl.dll ()
MOD - C:\Programme\ASUS Xonar DX Audio\Customapp\VmixP8.dll ()
MOD - C:\Windows\SysWOW64\HsMgr.exe ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (DragonUpdater) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SynchronizationService.exe) -- C:\Programme\COMODO\COMMON\SynchronizationService.exe (COMODO Security Solutions)
SRV - (COSService.exe) -- C:\Programme\COMODO\COMMON\COSService.exe (COMODO Security Solutions)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (cbvd) -- C:\Windows\SysNative\drivers\CBVD.sys (COMODO Security Solutions Inc.)
DRV:64bit: - (reparse) -- C:\Windows\SysNative\drivers\cbreparse.sys (COMODO Security Solutions Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (cmudaxp) -- C:\Windows\SysNative\drivers\cmudaxp.sys (C-Media Inc)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3279803359-3149314571-604167332-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.11.18 22:30:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.11.18 22:30:19 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [ISW] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3279803359-3149314571-604167332-1000..\Run: [COS] C:\Programme\COMODO\COMODO Cloud\COSCLIENT.exe (COMODO Security Solutions)
O4 - HKU\S-1-5-21-3279803359-3149314571-604167332-1000..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93804515-FB5A-4C79-B731-955F0DA2486B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.19 00:09:38 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\AVG2013
[2012.11.19 00:05:48 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\TuneUp Software
[2012.11.19 00:05:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012.11.19 00:05:22 | 000,000,000 | -H-D | C] -- C:\$AVG
[2012.11.19 00:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013
[2012.11.19 00:04:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2012.11.18 23:57:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.11.18 23:57:35 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\MFAData
[2012.11.18 23:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012.11.18 23:57:35 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\Avg2013
[2012.11.18 23:53:01 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Macromedia
[2012.11.18 23:53:01 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Adobe
[2012.11.18 23:52:34 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.18 23:52:34 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.18 23:52:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.11.18 23:52:27 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.18 23:50:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.11.18 23:29:49 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\ATI
[2012.11.18 23:29:49 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\ATI
[2012.11.18 23:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.11.18 23:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.11.18 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.11.18 23:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.11.18 23:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.11.18 23:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012.11.18 23:25:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.11.18 23:25:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012.11.18 23:25:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012.11.18 23:24:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.11.18 23:22:42 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\ASUS
[2012.11.18 23:22:39 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.11.18 23:22:39 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.11.18 23:22:39 | 000,111,616 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.11.18 23:22:39 | 000,102,400 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.11.18 23:22:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2012.11.18 23:22:31 | 008,769,536 | ---- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CmiCnfgp.dll
[2012.11.18 23:22:31 | 000,465,408 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysNative\cmasiopx.dll
[2012.11.18 23:22:31 | 000,303,104 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\cmasiop.dll
[2012.11.18 23:22:31 | 000,217,088 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\HsSrv2.dll
[2012.11.18 23:22:31 | 000,217,088 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\HsSrv.dll
[2012.11.18 23:22:31 | 000,200,704 | ---- | C] (C-Media) -- C:\Windows\SysWow64\Cmpaoxy.dll
[2012.11.18 23:22:31 | 000,122,880 | ---- | C] (CMedia Electronics Inc.) -- C:\Windows\SysWow64\Cm_Oal.dll
[2012.11.18 23:22:31 | 000,122,880 | ---- | C] (CMedia Electronics Inc.) -- C:\Windows\SysNative\Cm_Oal.dll
[2012.11.18 23:22:31 | 000,121,856 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv642.dll
[2012.11.18 23:22:31 | 000,121,856 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv64.dll
[2012.11.18 23:22:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar DX Audio
[2012.11.18 23:22:30 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS Xonar DX Audio
[2012.11.18 23:04:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\gggggg\Desktop\HiJackThis204.exe
[2012.11.18 22:58:58 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012.11.18 22:52:58 | 000,524,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2012.11.18 22:52:03 | 002,725,376 | ---- | C] (C-Media Inc) -- C:\Windows\SysNative\drivers\cmudaxp.sys
[2012.11.18 22:52:03 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\CmiFltr.dll
[2012.11.18 22:52:03 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\CmiFltr.dll
[2012.11.18 22:52:03 | 000,032,768 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysNative\cmudaxp.dll
[2012.11.18 22:52:01 | 000,000,000 | ---D | C] -- C:\Users\gggggg\Desktop\PCI-DX-110512-7.12.8.1794(W7-FR)
[2012.11.18 22:51:38 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\WinRAR
[2012.11.18 22:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.18 22:51:25 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.18 22:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.11.18 22:48:09 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.11.18 22:41:37 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.11.18 22:41:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.11.18 22:40:49 | 000,000,000 | ---D | C] -- C:\AMD
[2012.11.18 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\gggggg\Documents\ForceField Shared Files
[2012.11.18 22:30:20 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\CheckPoint
[2012.11.18 22:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2012.11.18 22:30:11 | 000,011,864 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl2.sys
[2012.11.18 22:30:09 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kl1.sys
[2012.11.18 22:30:08 | 000,485,680 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2012.11.18 22:30:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.11.18 22:30:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
[2012.11.18 22:12:43 | 001,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.11.18 22:12:43 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.11.18 22:12:43 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012.11.18 22:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2012.11.18 22:11:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CheckPoint
[2012.11.18 22:09:49 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.11.18 22:09:49 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.11.18 22:09:49 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.11.18 22:09:43 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.11.18 22:09:43 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.11.18 22:09:43 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.11.18 22:09:35 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.11.18 22:09:35 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.11.18 22:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.11.18 22:02:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.11.18 22:01:44 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Skype
[2012.11.18 22:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.11.18 22:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.11.18 22:01:40 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.11.18 22:01:38 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.11.18 22:01:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.11.18 22:01:16 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2012.11.18 22:01:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\pidgin-otr
[2012.11.18 22:01:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\pidgin-otr
[2012.11.18 22:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2012.11.18 22:00:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2012.11.18 22:00:23 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\Comodo
[2012.11.18 22:00:21 | 000,050,952 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2012.11.18 22:00:21 | 000,042,760 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2012.11.18 22:00:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012.11.18 22:00:08 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.11.18 22:00:08 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.11.18 21:58:44 | 000,000,000 | R--D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.11.18 21:58:44 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Searches
[2012.11.18 21:58:44 | 000,000,000 | R--D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.11.18 21:58:36 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Identities
[2012.11.18 21:58:35 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Contacts
[2012.11.18 21:58:34 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\VirtualStore
[2012.11.18 21:58:26 | 000,000,000 | --SD | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Videos
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Saved Games
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Pictures
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Music
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Links
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Favorites
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Downloads
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Documents
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\Desktop
[2012.11.18 21:58:26 | 000,000,000 | R--D | C] -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Vorlagen
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\AppData\Local\Verlauf
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\AppData\Local\Temporary Internet Files
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Startmenü
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\SendTo
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Recent
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Netzwerkumgebung
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Lokale Einstellungen
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Documents\Eigene Videos
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Documents\Eigene Musik
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Eigene Dateien
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Documents\Eigene Bilder
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Druckumgebung
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Cookies
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\AppData\Local\Anwendungsdaten
[2012.11.18 21:58:26 | 000,000,000 | -HSD | C] -- C:\Users\gggggg\Anwendungsdaten
[2012.11.18 21:58:26 | 000,000,000 | -H-D | C] -- C:\Users\gggggg\AppData
[2012.11.18 21:58:26 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\Temp
[2012.11.18 21:58:26 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Local\Microsoft
[2012.11.18 21:58:26 | 000,000,000 | ---D | C] -- C:\Users\gggggg\AppData\Roaming\Media Center Programs
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.11.18 21:58:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.11.18 21:54:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.11.18 21:52:13 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.11.18 21:48:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.18 21:47:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.11.01 15:31:48 | 000,450,136 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys
[2012.10.22 13:02:44 | 000,154,464 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
========== Files - Modified Within 30 Days ==========
[2012.11.19 00:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.19 00:05:48 | 000,000,981 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.18 23:52:34 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.11.18 23:52:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.11.18 23:33:35 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.18 23:33:35 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.18 23:33:35 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.18 23:33:35 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.18 23:33:35 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.18 23:33:16 | 000,005,900 | ---- | M] () -- C:\Users\gggggg\Desktop\hijackthis2
[2012.11.18 23:28:53 | 000,275,232 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.18 23:28:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.18 23:28:46 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.11.18 23:28:41 | 2616,500,224 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.18 23:27:23 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.18 23:27:23 | 000,016,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.18 23:22:42 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\ØL1
[2012.11.18 23:22:39 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2012.11.18 23:22:39 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2012.11.18 23:22:39 | 000,111,616 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2012.11.18 23:22:39 | 000,102,400 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2012.11.18 23:22:31 | 000,042,457 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.11.18 23:22:31 | 000,000,908 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.11.18 23:22:31 | 000,000,847 | ---- | M] () -- C:\Windows\System\Cmicnfgp.ini
[2012.11.18 23:22:31 | 000,000,140 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2012.11.18 23:01:02 | 000,299,035 | ---- | M] () -- C:\Users\gggggg\Desktop\heheh.jpg
[2012.11.18 22:59:05 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Cloud.lnk
[2012.11.18 22:58:07 | 000,263,954 | ---- | M] () -- C:\Users\gggggg\Desktop\Unbenannt.jpg
[2012.11.18 22:40:02 | 000,415,877 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.11.18 22:30:04 | 000,000,762 | ---- | M] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.18 22:02:36 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.18 22:01:41 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.18 22:01:00 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012.11.18 22:00:24 | 000,001,116 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.11.18 22:00:21 | 000,050,952 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2012.11.18 22:00:21 | 000,042,760 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2012.11.18 22:00:08 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012.11.18 22:00:08 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012.11.18 21:54:37 | 000,161,548 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.11.18 21:54:37 | 000,161,548 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.11.18 21:53:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.17 06:18:32 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\gggggg\Desktop\HiJackThis204.exe
[2012.11.01 15:31:48 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysNative\drivers\vsdatant.sys
[2012.10.22 13:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
========== Files Created - No Company Name ==========
[2012.11.19 00:05:48 | 000,000,981 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2012.11.18 23:52:35 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.18 23:33:16 | 000,005,900 | ---- | C] () -- C:\Users\gggggg\Desktop\hijackthis2
[2012.11.18 23:28:46 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.11.18 23:22:42 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\ØL1
[2012.11.18 23:22:31 | 001,144,983 | ---- | C] () -- C:\Windows\KB936225x64.msu
[2012.11.18 23:22:31 | 000,389,120 | ---- | C] () -- C:\Windows\SysNative\CmiCnfgp.cpl
[2012.11.18 23:22:31 | 000,282,112 | ---- | C] () -- C:\Windows\System\HsMgr64.exe
[2012.11.18 23:22:31 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2012.11.18 23:22:31 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2012.11.18 23:22:31 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\cmasiopx.ini
[2012.11.18 23:22:31 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2012.11.18 23:22:30 | 000,805,376 | ---- | C] () -- C:\Windows\SysNative\Cmeauoxy.exe
[2012.11.18 23:22:30 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.11.18 23:22:30 | 000,000,140 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2012.11.18 23:22:00 | 000,000,908 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.11.18 23:21:58 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2012.11.18 23:01:02 | 000,299,035 | ---- | C] () -- C:\Users\gggggg\Desktop\heheh.jpg
[2012.11.18 22:59:05 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Cloud.lnk
[2012.11.18 22:58:07 | 000,263,954 | ---- | C] () -- C:\Users\gggggg\Desktop\Unbenannt.jpg
[2012.11.18 22:52:58 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2012.11.18 22:52:58 | 000,000,847 | ---- | C] () -- C:\Windows\System\Cmicnfgp.ini
[2012.11.18 22:52:58 | 000,000,560 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2012.11.18 22:30:22 | 000,415,877 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2012.11.18 22:30:04 | 000,000,762 | ---- | C] () -- C:\Users\Public\Desktop\ZoneAlarm Security.lnk
[2012.11.18 22:02:36 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.18 22:01:41 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.11.18 22:01:00 | 000,000,991 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2012.11.18 22:01:00 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2012.11.18 22:00:24 | 000,001,116 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012.11.18 21:58:47 | 000,001,405 | ---- | C] () -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.11.18 21:58:45 | 000,001,439 | ---- | C] () -- C:\Users\gggggg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.11.18 21:54:30 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.11.18 21:54:21 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.11.18 21:53:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.18 21:51:40 | 2616,500,224 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.28 02:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 02:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > |