Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Was machen gegen Trojan Generic ? (https://www.trojaner-board.de/90702-gegen-trojan-generic.html)

Bady 12.09.2010 18:22
Was machen gegen Trojan Generic ?
 
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo
Seid wenigen Tagen werde ich Scheinbar von Trjoanern Überfallen

System ist win7 64bit Ultimate

Zuerst hatte ich Avira
Dann AVG
Jetzt Avast

Leider scheint keiner von diesen Scannern wirklich etwas zu bringen.
Vielleicht auch Fehlalarm ?

Bis jetzt sagte jeder Scanner das gleiche jedoch konnte keiner den Fehler beheben.
Was sagt ihr dazu ?

Habe jetzt auch einen Log von MalewareBytes hochgeladen

Nachtrag

Nachdem ich MalewareBytes und TFC ausgeführt habe , "scheint" das system Wieder Clean zu sein

Das Bestätigt MalewareBytes und Avast Free

Könnte es aber dennoch sein das sich irgendwo etwas versteckt hält ?

Chris4You 12.09.2010 20:43
Hi,

64-Bit Systeme sind nicht einfach, da darunter fast keine Tools laufen...

Wir können versuchen mit OLT der Sache etwas auf den Grund gehen zu können...


OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

Cureit:
http://www.trojaner-board.de/59299-a...eb-cureit.html
Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log.
Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn.
Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet.

chris

Bady 12.09.2010 21:09
Hier die OTL

Code:
OTL logfile created on: 12.09.2010 21:59:07 - Run 1
OTL by OldTimer - Version 3.2.12.0    Folder = C:\Users\Bady\Desktop\MFTools
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 319,06 Gb Free Space | 65,36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BADY-PC
Current User Name: Bady
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
PRC - C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (ROCCAT)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B FB B0 F5 5F 47 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: externalip@erik.morlin:0.9.9.6
FF - prefs.js..extensions.enabledItems: foxyproxy-basic@eric.h.jung:1.8
FF - prefs.js..extensions.enabledItems: googlesharing@extension.thoughtcrime.org:0.19
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.34
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.09 01:44:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.09 01:44:30 | 000,000,000 | ---D | M]
 
[2010.08.29 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Extensions
[2010.09.11 21:40:31 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions
[2010.09.05 18:22:04 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 06:17:36 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.09.11 16:23:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\externalip@erik.morlin
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\foxyproxy-basic@eric.h.jung
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\chrome
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\components
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\defaults
[2010.09.05 18:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.09.05 18:04:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.11 18:04:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell - "" = AutoRun
O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.12 19:38:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Malwarebytes
[2010.09.12 19:38:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.12 19:38:37 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.12 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\MFTools
[2010.09.12 18:52:23 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.12 18:52:23 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.12 18:52:22 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.12 18:52:22 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.12 18:52:21 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.12 18:52:16 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.12 18:52:15 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.09.12 02:13:55 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Egosoft
[2010.09.12 00:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.09.12 00:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2010.09.11 23:34:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.09.11 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010.09.11 16:23:42 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\QuickScan
[2010.09.11 05:46:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.09.11 05:46:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.09.11 05:45:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.09.11 05:44:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.09.11 05:44:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.09.11 05:44:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.09.11 05:44:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.09.11 05:44:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.09.11 05:44:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.09.11 05:43:21 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.09.11 05:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.09.11 05:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.09.11 05:42:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.09.11 05:42:08 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.09.11 05:42:08 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.09.11 05:42:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.09.11 05:42:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.09.11 05:41:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.09.11 05:41:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.09.11 05:40:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.09.11 05:40:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.09.11 05:40:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.09.11 05:40:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.09.11 05:40:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.09.11 05:40:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.09.11 05:40:13 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.09.11 05:40:13 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.09.11 05:39:59 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.09.11 05:39:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.09.11 05:39:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.09.11 05:39:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.09.11 05:39:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.11 05:39:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.09.11 05:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EGOSOFT
[2010.09.09 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\gtk-2.0
[2010.09.05 18:26:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Vuze Downloads
[2010.09.05 18:24:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Vuze Downloads
[2010.09.05 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Azureus
[2010.09.05 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010.09.05 18:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.09.05 18:04:24 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.05 18:04:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.05 18:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.09.05 04:39:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Cross Fire
[2010.09.05 04:39:47 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.09.05 04:36:24 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\PunkBuster
[2010.09.04 02:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2010.09.03 17:51:11 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\2K Games
[2010.09.03 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\ElevatedDiagnostics
[2010.09.03 17:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010.09.03 01:26:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\NVIDIA
[2010.09.03 01:25:09 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\BioWare
[2010.09.02 18:45:55 | 003,583,592 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010.09.02 18:44:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2010.09.02 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010.09.02 18:03:57 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe
[2010.09.02 18:03:57 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe
[2010.09.02 18:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR
[2010.09.02 17:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ijji
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\StarCraft II
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.09.01 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\vlc
[2010.09.01 00:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.09.01 00:11:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\LogMeIn Hamachi
[2010.09.01 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XfireXO
[2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.08.31 23:02:15 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Xfire
[2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.08.31 23:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2010.08.31 21:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.08.31 21:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.08.31 21:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr
[2010.08.31 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield
[2010.08.31 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Diagnostics
[2010.08.30 00:40:18 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.30 00:40:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.30 00:40:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.30 00:40:18 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.30 00:40:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.30 00:40:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.30 00:40:18 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.30 00:40:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.30 00:40:17 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.30 00:40:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.30 00:40:17 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.30 00:40:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.30 00:40:17 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.30 00:40:17 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.30 00:40:17 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.30 00:40:17 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.29 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\DivX
[2010.08.29 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.08.29 22:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.08.29 22:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.08.29 22:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.08.29 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.08.29 21:36:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.08.29 19:00:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.08.29 19:00:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.08.29 19:00:29 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.29 19:00:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.08.29 19:00:29 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.08.29 19:00:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.08.29 19:00:29 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.29 19:00:29 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.08.29 19:00:29 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.29 19:00:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.08.29 19:00:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.29 19:00:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.08.29 19:00:28 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.08.29 19:00:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.08.29 19:00:28 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.08.29 19:00:28 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.08.29 19:00:28 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.08.29 19:00:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.08.29 19:00:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.08.29 19:00:28 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.08.29 19:00:28 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.08.29 19:00:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.08.29 19:00:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.08.29 19:00:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.08.29 19:00:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.08.29 19:00:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.08.29 19:00:27 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.08.29 19:00:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.08.29 19:00:27 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.08.29 19:00:27 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.08.29 19:00:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.08.29 19:00:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.08.29 19:00:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.08.29 19:00:27 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.08.29 19:00:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.08.29 19:00:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.08.29 19:00:27 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.08.29 19:00:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.08.29 19:00:26 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.08.29 19:00:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.08.29 19:00:26 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.08.29 19:00:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.08.29 19:00:26 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.08.29 19:00:26 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.08.29 19:00:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.08.29 19:00:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.08.29 19:00:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.08.29 19:00:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.08.29 19:00:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.08.29 19:00:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.08.29 19:00:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.08.29 19:00:26 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.08.29 19:00:26 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.08.29 19:00:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.08.29 19:00:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.08.29 19:00:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.08.29 19:00:26 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.08.29 19:00:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.08.29 19:00:25 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.08.29 19:00:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.08.29 19:00:25 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.08.29 19:00:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.08.29 19:00:25 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.08.29 19:00:25 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.08.29 19:00:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.08.29 19:00:25 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.08.29 19:00:25 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.08.29 19:00:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.08.29 19:00:25 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.08.29 19:00:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.08.29 19:00:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.08.29 19:00:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.08.29 19:00:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.08.29 19:00:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.08.29 19:00:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.08.29 19:00:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.08.29 19:00:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.08.29 19:00:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.08.29 19:00:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.08.29 19:00:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.08.29 19:00:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.08.29 19:00:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.08.29 19:00:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.08.29 19:00:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.08.29 19:00:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.08.29 19:00:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.08.29 19:00:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.08.29 19:00:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.08.29 19:00:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.08.29 19:00:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.08.29 19:00:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.08.29 19:00:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.08.29 19:00:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.08.29 19:00:22 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.08.29 19:00:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.08.29 19:00:22 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.08.29 19:00:22 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.08.29 19:00:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.08.29 19:00:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.08.29 19:00:21 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.08.29 19:00:21 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.08.29 19:00:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.08.29 19:00:21 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.08.29 19:00:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.08.29 19:00:21 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.08.29 19:00:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.08.29 19:00:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.08.29 19:00:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.08.29 19:00:20 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.08.29 19:00:20 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.08.29 19:00:20 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.08.29 19:00:20 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.08.29 19:00:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.08.29 19:00:20 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.08.29 19:00:20 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.08.29 19:00:20 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.08.29 19:00:19 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.08.29 19:00:19 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.08.29 19:00:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.08.29 19:00:19 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.08.29 19:00:19 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.08.29 19:00:18 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.08.29 19:00:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.08.29 19:00:17 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.08.29 19:00:17 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.08.29 19:00:17 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.08.29 19:00:17 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.08.29 19:00:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.08.29 19:00:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.08.29 19:00:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.08.29 19:00:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.08.29 19:00:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.08.29 19:00:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.08.29 19:00:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.08.29 19:00:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.08.29 19:00:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.08.29 18:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010.08.29 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\My Games
[2010.08.29 18:35:31 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield Installation Information
[2010.08.29 18:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3 (LG)
[2010.08.29 18:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.08.29 18:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.08.29 18:33:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.08.29 18:33:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.08.29 18:33:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.08.29 18:33:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.08.29 18:33:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.08.29 18:33:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.08.29 18:33:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.08.29 18:33:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.08.29 18:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.08.29 18:33:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.08.29 18:33:30 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.08.29 18:33:30 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.08.29 18:33:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.08.29 18:33:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.08.29 18:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010.08.29 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\Games
[2010.08.29 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.08.29 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.08.29 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\ROCCAT
[2010.08.29 15:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ROCCAT
[2010.08.29 15:13:25 | 000,015,488 | ---- | C] (ROCCAT Ltd) -- C:\Windows\SysNative\drivers\Kone.sys
[2010.08.29 15:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ROCCAT
[2010.08.29 15:13:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\WinRAR
[2010.08.29 15:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.08.29 15:11:56 | 000,215,040 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.08.29 15:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.08.29 15:11:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.08.29 14:54:53 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2010.08.29 14:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2010.08.29 14:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.08.29 14:53:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010.08.29 14:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.08.29 14:47:42 | 000,000,000 | ---D | C] -- C:\Intel
[2010.08.29 14:39:27 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\.purple
[2010.08.29 14:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2010.08.29 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Mozilla
[2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Mozilla
[2010.08.29 12:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.08.29 12:03:06 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2010.08.29 12:03:06 | 000,131,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2010.08.29 12:03:06 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2010.08.29 12:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.08.29 12:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.29 12:02:20 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.08.29 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.08.29 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.08.29 12:01:59 | 007,002,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2010.08.29 12:01:59 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2010.08.29 12:01:59 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2010.08.29 12:01:59 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.08.29 12:01:59 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.08.29 12:01:59 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2010.08.29 12:01:57 | 019,114,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2010.08.29 12:01:57 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2010.08.29 12:01:57 | 000,382,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2010.08.29 12:01:57 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2010.08.29 12:01:55 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2010.08.29 12:01:55 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2010.08.29 12:01:55 | 003,089,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2010.08.29 12:01:55 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2010.08.29 12:01:55 | 002,761,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010.08.29 12:01:55 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2010.08.29 12:01:54 | 014,513,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010.08.29 12:01:54 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010.08.29 12:01:54 | 006,116,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2010.08.29 12:01:54 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2010.08.29 12:01:54 | 002,037,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2010.08.29 12:01:54 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1922.dll
[2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2010.08.29 12:01:50 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.08.29 11:55:39 | 000,744,072 | ---- | C] (www.ext2fsd.com) -- C:\Windows\SysNative\drivers\ext2fsd.sys
[2010.08.29 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ext2Fsd
[2010.08.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Macromedia
[2010.08.29 11:55:00 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Adobe
[2010.08.29 11:54:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.08.29 11:46:10 | 000,000,000 | R--D | C] -- C:\Users\Bady\Searches
[2010.08.29 11:46:10 | 000,000,000 | -H-D | C] -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.08.29 11:46:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Identities
[2010.08.29 11:46:00 | 000,000,000 | R--D | C] -- C:\Users\Bady\Contacts
[2010.08.29 11:45:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\VirtualStore
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Temporary Internet Files
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Templates
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Start Menu
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\SendTo
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Recent
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\PrintHood
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\NetHood
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Videos
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Pictures
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Music
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\My Documents
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Local Settings
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\History
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Cookies
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Application Data
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Application Data
[2010.08.29 11:45:50 | 000,000,000 | --SD | C] -- C:\Users\Bady\AppData\Roaming\Microsoft
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Videos
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Saved Games
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Pictures
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Music
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Links
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Favorites
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Downloads
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\My Documents
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Desktop
[2010.08.29 11:45:50 | 000,000,000 | -H-D | C] -- C:\Users\Bady\AppData
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Temp
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Microsoft
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Media Center Programs
[2010.08.29 11:43:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.08.29 11:42:26 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.08.29 11:37:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.08.29 11:37:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.12 22:00:20 | 001,310,720 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT
[2010.09.12 19:57:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.12 19:57:06 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.12 19:56:43 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.12 19:56:43 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.12 19:56:43 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.12 19:52:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.12 19:51:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.12 19:51:49 | 2140,422,143 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.12 19:50:36 | 003,178,685 | -H-- | M] () -- C:\Users\Bady\AppData\Local\IconCache.db
[2010.09.12 19:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.09.12 03:03:02 | 000,001,179 | ---- | M] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk
[2010.09.11 23:34:17 | 2225,810,849 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.09.11 18:04:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010.09.11 05:53:03 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.11 05:37:35 | 000,041,648 | ---- | M] () -- C:\Windows\unins000.dat
[2010.09.11 05:35:20 | 000,686,425 | ---- | M] () -- C:\Windows\unins000.exe
[2010.09.09 20:24:25 | 000,007,185 | ---- | M] () -- C:\Users\Bady\PIC6DF4.tmp.jpg
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.05 18:04:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.05 15:59:55 | 000,076,993 | ---- | M] () -- C:\Windows\SysWow64\wbers.dat.dmp
[2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.05 04:35:19 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.05 04:35:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.04 02:49:36 | 000,000,930 | ---- | M] () -- C:\Users\Bady\Desktop\HD Tune.lnk
[2010.09.03 17:33:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.09.03 00:32:36 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\A.V.A.lnk
[2010.09.02 18:22:06 | 000,000,000 | ---- | M] () -- C:\Windows\TMonitor64.INI
[2010.09.02 18:04:57 | 000,001,933 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.09.01 18:22:15 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.09.01 00:11:40 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.08.31 23:22:29 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\America's Army 3.url
[2010.08.31 23:02:15 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.08.31 23:01:53 | 000,001,140 | ---- | M] () -- C:\Users\Bady\Desktop\CrossFire.lnk
[2010.08.31 21:51:18 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Dark Sector.lnk
[2010.08.31 21:47:34 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.29 22:21:44 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url
[2010.08.29 19:00:09 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.08.29 18:35:26 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk
[2010.08.29 18:19:01 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2010.08.29 15:54:42 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.29 15:20:42 | 000,000,017 | ---- | M] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg
[2010.08.29 14:55:32 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2010.08.29 14:46:40 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.08.29 14:46:39 | 000,215,040 | ---- | M] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.08.29 14:39:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.08.29 12:33:34 | 000,001,967 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.29 12:33:34 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.29 11:52:53 | 000,001,441 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.29 11:51:08 | 000,065,536 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.29 11:49:43 | 000,057,560 | ---- | M] () -- C:\Users\Bady\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.29 11:45:51 | 000,000,020 | -HS- | M] () -- C:\Users\Bady\ntuser.ini
[2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2010.09.12 18:52:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.09.12 03:03:02 | 000,001,179 | ---- | C] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk
[2010.09.11 23:34:17 | 2225,810,849 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.09.11 18:04:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010.09.11 05:35:26 | 000,686,425 | ---- | C] () -- C:\Windows\unins000.exe
[2010.09.11 05:35:26 | 000,041,648 | ---- | C] () -- C:\Windows\unins000.dat
[2010.09.09 20:24:25 | 000,007,185 | ---- | C] () -- C:\Users\Bady\PIC6DF4.tmp.jpg
[2010.09.06 21:33:40 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At7.job
[2010.09.06 21:26:57 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At6.job
[2010.09.06 21:26:22 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At5.job
[2010.09.06 21:23:52 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010.09.06 21:23:14 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010.09.06 21:22:25 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010.09.06 21:22:04 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010.09.06 21:20:25 | 000,020,102 | ---- | C] () -- C:\Program Files (x86)\Readme.txt
[2010.09.06 21:20:25 | 000,010,960 | ---- | C] () -- C:\Program Files (x86)\EULA.txt
[2010.09.06 21:20:25 | 000,000,361 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG
[2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010.09.05 15:59:55 | 000,076,993 | ---- | C] () -- C:\Windows\SysWow64\wbers.dat.dmp
[2010.09.05 04:36:59 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.09.05 04:35:20 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.05 04:35:19 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.05 04:35:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.04 02:49:36 | 000,000,930 | ---- | C] () -- C:\Users\Bady\Desktop\HD Tune.lnk
[2010.09.03 17:33:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.09.02 18:44:53 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2010.09.02 18:44:39 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\A.V.A.lnk
[2010.09.02 18:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI
[2010.09.02 18:04:57 | 000,001,933 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.09.01 18:06:57 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.09.01 00:11:40 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.08.31 23:22:29 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\America's Army 3.url
[2010.08.31 23:02:15 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.08.31 23:01:53 | 000,001,140 | ---- | C] () -- C:\Users\Bady\Desktop\CrossFire.lnk
[2010.08.31 21:51:18 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Dark Sector.lnk
[2010.08.31 21:47:34 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.29 22:21:44 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url
[2010.08.29 19:00:09 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.08.29 18:35:26 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk
[2010.08.29 18:19:01 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2010.08.29 15:52:28 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.29 15:20:42 | 000,000,017 | ---- | C] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg
[2010.08.29 15:11:56 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.08.29 14:47:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.29 14:39:22 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.08.29 12:33:34 | 000,001,967 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.29 12:33:34 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.29 12:01:59 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.08.29 11:52:53 | 000,001,441 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.29 11:45:51 | 000,000,020 | -HS- | C] () -- C:\Users\Bady\ntuser.ini
[2010.08.29 11:45:50 | 001,310,720 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT
[2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.29 11:45:50 | 000,262,144 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG1
[2010.08.29 11:45:50 | 000,065,536 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.29 11:45:50 | 000,000,290 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.08.29 11:45:50 | 000,000,272 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.08.29 11:45:50 | 000,000,000 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG2
[2010.08.29 11:37:21 | 2140,422,143 | -HS- | C] () -- C:\hiberfil.sys
[2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

Bady 12.09.2010 21:11
Und hier die Extras
(hätte sie gerne zusammen eingefügt , aber da hat das Board rumgemault)

OTL EXTRAS Logfile:
Code:
OTL Extras logfile created on: 12.09.2010 21:59:07 - Run 1
OTL by OldTimer - Version 3.2.12.0    Folder = C:\Users\Bady\Desktop\MFTools
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 76,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 88,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 319,06 Gb Free Space | 65,36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BADY-PC
Current User Name: Bady
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %* File not found
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"\" = C:\Windows\system\dwm.exe:*:Enabled:KL -- File not found
"\" = C:\Windows\system\dwm.exe:*:Enabled:KL -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"Ext2Fsd_is1" = Ext2Fsd 0.48
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{42AF51C0-4028-46CF-B616-FB1F75286457}" = A.V.A
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{67666EBD-2283-4102-B79D-613C5536E554}" = Dark Sector
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Activision
"{8A74DEFD-A224-49CC-AB80-4E88BC730125}" = LogMeIn Hamachi
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cross Fire_is1" = Cross Fire En
"DivX Setup.divx.com" = DivX-Setup
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{89CB9F02-F392-45AD-B429-B9373E6B7BE0}" = Singularity(TM) 1.1 Patch
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"Security Task Manager" = Security Task Manager 1.7h
"StarCraft II" = StarCraft II
"Steam App 13140" = America's Army 3
"Steam App 22690" = Worms Reloaded Demo
"Steam App 33310" = R.U.S.E. Demo
"Steam App 50280" = Mafia II - Demo
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.4
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"X3-ReunionDemo49_is1" = X3 Reunion Spielbare DEMO v2.5
"X3TerranConflict_is1" = X3 Terran Conflict v2.7.1
"Xfire" = Xfire (remove only)
"XfireXO Toolbar" = XfireXO Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.09.2010 17:18:41 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a  Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
 code: 0xc0000005  Fault offset: 0x000169f6  Faulting process id: 0x1dbc  Faulting application
 start time: 0x01cb51f6e035e369  Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
 module path: C:\Windows\TEMP\Sw4.exe  Report Id: 25f4cd83-bdea-11df-832c-002618fb9f64
 
Error - 11.09.2010 17:18:55 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: svchost.exe_WPDBusEnum, version: 6.1.7600.16385,
 time stamp: 0x4a5bc3c1  Faulting module name: wpdbusenum.dll_unloaded, version: 0.0.0.0,
 time stamp: 0x4a5be12f  Exception code: 0xc0000005  Fault offset: 0x000007fef4d73887
Faulting
 process id: 0x538  Faulting application start time: 0x01cb51d1c090bbba  Faulting application
 path: C:\Windows\System32\svchost.exe  Faulting module path: wpdbusenum.dll  Report
 Id: 2e8f61e4-bdea-11df-832c-002618fb9f64
 
Error - 11.09.2010 17:19:02 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a  Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
 code: 0xc0000005  Fault offset: 0x000169f6  Faulting process id: 0x1310  Faulting application
 start time: 0x01cb51f6edefbb0c  Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
 module path: C:\Windows\TEMP\Sw4.exe  Report Id: 329ae72d-bdea-11df-832c-002618fb9f64
 
Error - 11.09.2010 17:19:25 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a  Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
 code: 0xc0000005  Fault offset: 0x000169f6  Faulting process id: 0x1490  Faulting application
 start time: 0x01cb51f6fba7bde9  Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
 module path: C:\Windows\TEMP\Sw4.exe  Report Id: 4053382b-bdea-11df-832c-002618fb9f64
 
Error - 11.09.2010 17:19:48 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a  Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
 code: 0xc0000005  Fault offset: 0x000169f6  Faulting process id: 0x1168  Faulting application
 start time: 0x01cb51f70960f94a  Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
 module path: C:\Windows\TEMP\Sw4.exe  Report Id: 4e1489fa-bdea-11df-832c-002618fb9f64
 
Error - 11.09.2010 19:34:59 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw6.exe, version: 1.2.7.0, time stamp:
0x4c84e1b5  Faulting module name: Sw6.exe, version: 1.2.7.0, time stamp: 0x4c84e1b5
Exception
 code: 0xc0000005  Fault offset: 0x0000f0a6  Faulting process id: 0x1a68  Faulting application
 start time: 0x01cb5209f1682520  Faulting application path: C:\Windows\TEMP\Sw6.exe
Faulting
 module path: C:\Windows\TEMP\Sw6.exe  Report Id: 306e3a38-bdfd-11df-ae74-002618fb9f64
 
Error - 11.09.2010 21:39:21 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw6.exe, version: 1.2.7.0, time stamp:
0x4c84e1b5  Faulting module name: Sw6.exe, version: 1.2.7.0, time stamp: 0x4c84e1b5
Exception
 code: 0xc0000005  Fault offset: 0x0000f0a6  Faulting process id: 0x10ac  Faulting application
 start time: 0x01cb521b51792070  Faulting application path: C:\Windows\TEMP\Sw6.exe
Faulting
 module path: C:\Windows\TEMP\Sw6.exe  Report Id: 9057844c-be0e-11df-ae74-002618fb9f64
 
Error - 11.09.2010 23:04:23 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.1.7600.16385,
time stamp: 0x4a5bc9bb  Faulting module name: DUI70.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bdf25  Exception code: 0xc0000005  Fault offset: 0x0000000000003945
Faulting
 process id: 0x5c0  Faulting application start time: 0x01cb52271388a863  Faulting application
 path: C:\Windows\Explorer.EXE  Faulting module path: C:\Windows\system32\DUI70.dll
Report
 Id: 7134319c-be1a-11df-a39a-002618fb9f64
 
Error - 12.09.2010 12:24:42 | Computer Name = Bady-PC | Source = Application Error | ID = 1000
Description = Faulting application name: Sw4.exe, version: 1.2.7.0, time stamp:
0x4c73e50a  Faulting module name: Sw4.exe, version: 1.2.7.0, time stamp: 0x4c73e50a
Exception
 code: 0xc0000005  Fault offset: 0x000169f6  Faulting process id: 0x1a64  Faulting application
 start time: 0x01cb5296f8dda7ff  Faulting application path: C:\Windows\TEMP\Sw4.exe
Faulting
 module path: C:\Windows\TEMP\Sw4.exe  Report Id: 3eb04173-be8a-11df-906f-002618fb9f64
 
Error - 12.09.2010 12:43:05 | Computer Name = Bady-PC | Source = MsiInstaller | ID = 10005
Description =
 
[ System Events ]
Error - 12.09.2010 12:12:01 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:02 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:02 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:06 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:07 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:16 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
Error - 12.09.2010 12:12:16 | Computer Name = Bady-PC | Source = Schannel | ID = 36888
Description = The following fatal alert was generated: 10. The internal error state
 is 10.
 
 
< End of report >
--- --- ---

Chris4You 13.09.2010 07:06
Hi,

poste noch wie angegeben den Report von Cureit...

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif
Code:

:OTL
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{6572748c-b360-11df-a661-002618fb9f64}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\At1.job

:reg
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0x00

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

chris

Bady 13.09.2010 12:42
Bin gestern leider nicht mehr zu Cureit gekommen
Momentan bin ich auf der Arbeit.

Hole ich heute nach !

Chris4You 13.09.2010 13:06
Hi,

wenn möglich poste mit mal so einen Job aus dem Task-Folder von Windows (C:\Windows\tasks\At7.job), bevor Du die angegebenen Aktionen unternimmst...

Fileuplod:
File-Upload.net - Ihr kostenloser File Hoster!, hochladen und den Link (mit Löschlink) als "PrivateMail" an mich...

chris

Bady 13.09.2010 18:04
Hast ne PN

Chris4You 14.09.2010 07:12
Hi,

die Jobs mühen sich damit ab, Dir immer wieder über im Temp-Verzeichnis abgelegte Malware, neue aus dem Internet nachzuziehen...
Prüfe auch ob sich weiter Jobs nach dem Muster AT*.job gebildet haben, die unbedingt ebenfalls löschen (Achtung: Hidden!)

Unbedingt den OTL-Script laufen lassen und danach Cureit, die Logs posten...

chris

Bady 14.09.2010 21:06
So habe OTL wie beschrieben laufen lassen

Als Admin gestartet
Codezeile eingefügt
Alle Programme geschlossen
Fix gedrückt

Programm Rödelt
Ein Pop Up taucht auf , das Windows nun neu gestartet wird.
Nichts Passiert

OTL zeigt nun Keine Rückmeldung

Ich schließe also OTL nach längerer Wartezeit
Der Pc Startet nun selber Neu.

Ich starte Windows in den Abgesicherten Modus.
Ich führe CureIT aus

Cure IT sagt mir das keine Infektion vorliegt.

Irgendwas stimmt da nicht !

Chris4You 15.09.2010 07:28
Hi,

erstelle noch mal ein OTL-Log und lasse auch MAM nochmal im Fullscan laufen...
(Es ist sehr selten, dass sich OTL aufhängt...)

chris

Bady 15.09.2010 21:23
Also hier der OTL Log

Code:
OTL logfile created on: 15.09.2010 21:54:21 - Run 2
OTL by OldTimer - Version 3.2.12.0    Folder = C:\Users\Bady\Desktop\MFTools
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 7,00 Gb Available Physical Memory | 83,00% Memory free
16,00 Gb Paging File | 15,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 488,18 Gb Total Space | 314,18 Gb Free Space | 64,36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: BADY-PC
Current User Name: Bady
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (ROCCAT)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Bady\Desktop\MFTools\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B FB B0 F5 5F 47 CB 01  [binary data]
IE - HKCU\..\URLSearchHook: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "XfireXO Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: externalip@erik.morlin:0.9.9.6
FF - prefs.js..extensions.enabledItems: foxyproxy-basic@eric.h.jung:1.8.1
FF - prefs.js..extensions.enabledItems: googlesharing@extension.thoughtcrime.org:0.19
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ba14329e-9550-4989-b3f2-9732e92d17cc}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.38
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.09.09 01:44:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.09.09 01:44:30 | 000,000,000 | ---D | M]
 
[2010.08.29 12:33:49 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Extensions
[2010.09.15 00:38:06 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions
[2010.09.05 18:22:04 | 000,000,000 | ---D | M] (Vuze Remote Toolbar) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.01 06:17:36 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2010.09.15 00:38:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\externalip@erik.morlin
[2010.09.13 22:33:03 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\foxyproxy-basic@eric.h.jung
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\chrome
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\components
[2010.08.30 20:08:55 | 000,000,000 | ---D | M] -- C:\Users\Bady\AppData\Roaming\Mozilla\Firefox\Profiles\hajc54au.default\extensions\googlesharing@extension.thoughtcrime.org\defaults
[2010.09.05 18:04:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.09.05 18:04:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
[2010.07.23 02:48:56 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.23 02:48:56 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.23 02:48:56 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.23 02:48:56 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.23 02:48:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.11 18:04:23 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (XfireXO Toolbar) - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files (x86)\XfireXO\tbXfi1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz1.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.11 18:04:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.09.14 18:29:35 | 000,000,000 | ---D | C] -- C:\Users\Bady\DoctorWeb
[2010.09.14 17:39:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.09.14 17:39:34 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.09.12 19:38:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Malwarebytes
[2010.09.12 19:38:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.12 19:38:37 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.09.12 19:38:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.12 19:37:48 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\MFTools
[2010.09.12 18:52:23 | 000,121,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.12 18:52:23 | 000,020,048 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.12 18:52:22 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.12 18:52:22 | 000,028,752 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.12 18:52:21 | 000,061,008 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.12 18:52:16 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.12 18:52:15 | 000,167,592 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010.09.12 18:52:11 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010.09.12 02:13:55 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Egosoft
[2010.09.12 00:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2010.09.12 00:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2010.09.11 23:34:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.09.11 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010.09.11 17:22:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010.09.11 16:23:42 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\QuickScan
[2010.09.11 05:46:45 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rtutils.dll
[2010.09.11 05:46:45 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rtutils.dll
[2010.09.11 05:45:50 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\SysWow64\iccvid.dll
[2010.09.11 05:44:53 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.09.11 05:44:52 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.09.11 05:44:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.09.11 05:44:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.09.11 05:44:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.09.11 05:44:50 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.09.11 05:43:21 | 005,507,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.09.11 05:43:21 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.09.11 05:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.09.11 05:42:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.09.11 05:42:08 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.09.11 05:42:08 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.09.11 05:42:08 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.09.11 05:42:08 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.09.11 05:41:11 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.09.11 05:41:11 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.09.11 05:40:43 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.09.11 05:40:43 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.09.11 05:40:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.09.11 05:40:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.09.11 05:40:14 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.09.11 05:40:14 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.09.11 05:40:13 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.09.11 05:40:13 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.09.11 05:39:59 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.09.11 05:39:59 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.09.11 05:39:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.09.11 05:39:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.09.11 05:39:48 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.09.11 05:39:22 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.09.11 05:35:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EGOSOFT
[2010.09.09 20:24:19 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\gtk-2.0
[2010.09.05 18:26:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Vuze Downloads
[2010.09.05 18:24:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Vuze Downloads
[2010.09.05 18:22:28 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Azureus
[2010.09.05 18:22:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze
[2010.09.05 18:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vuze_Remote
[2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.09.05 18:04:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.09.05 18:04:24 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.05 18:04:24 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.05 18:04:24 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.05 18:04:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.09.05 04:39:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\Cross Fire
[2010.09.05 04:39:47 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.09.05 04:36:24 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\PunkBuster
[2010.09.04 02:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2010.09.03 17:51:11 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\2K Games
[2010.09.03 17:44:01 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\ElevatedDiagnostics
[2010.09.03 17:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2010.09.03 01:26:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\NVIDIA
[2010.09.03 01:25:09 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\BioWare
[2010.09.02 18:45:55 | 003,583,592 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010.09.02 18:44:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2010.09.02 18:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010.09.02 18:03:57 | 000,713,312 | ---- | C] (NHN USA) -- C:\Windows\SysWow64\ijjiSetup.exe
[2010.09.02 18:03:57 | 000,062,048 | ---- | C] (NHN USA Inc.) -- C:\Windows\SysWow64\ijjiProcessRestarter.exe
[2010.09.02 18:03:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\REACTOR
[2010.09.02 17:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ijji
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\StarCraft II
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarCraft II
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.09.01 18:06:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.09.01 00:37:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\vlc
[2010.09.01 00:37:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.09.01 00:11:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\LogMeIn Hamachi
[2010.09.01 00:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XfireXO
[2010.08.31 23:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.08.31 23:02:15 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Xfire
[2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
[2010.08.31 23:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
[2010.08.31 23:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2010.08.31 21:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.08.31 21:47:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.08.31 21:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.08.31 21:44:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr
[2010.08.31 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield
[2010.08.31 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Diagnostics
[2010.08.30 00:40:18 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_43.dll
[2010.08.30 00:40:18 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_43.dll
[2010.08.30 00:40:18 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_7.dll
[2010.08.30 00:40:18 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_7.dll
[2010.08.30 00:40:18 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_7.dll
[2010.08.30 00:40:18 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_7.dll
[2010.08.30 00:40:18 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_5.dll
[2010.08.30 00:40:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_5.dll
[2010.08.30 00:40:17 | 002,401,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_43.dll
[2010.08.30 00:40:17 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_43.dll
[2010.08.30 00:40:17 | 001,907,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_43.dll
[2010.08.30 00:40:17 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_43.dll
[2010.08.30 00:40:17 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_43.dll
[2010.08.30 00:40:17 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_43.dll
[2010.08.30 00:40:17 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_43.dll
[2010.08.30 00:40:17 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_43.dll
[2010.08.29 22:27:25 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\DivX
[2010.08.29 22:27:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.08.29 22:27:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.08.29 22:27:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.08.29 22:20:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.08.29 22:18:40 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.08.29 21:36:25 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.08.29 19:00:29 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010.08.29 19:00:29 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.08.29 19:00:29 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010.08.29 19:00:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010.08.29 19:00:29 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010.08.29 19:00:29 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010.08.29 19:00:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010.08.29 19:00:29 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010.08.29 19:00:29 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010.08.29 19:00:29 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010.08.29 19:00:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010.08.29 19:00:29 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010.08.29 19:00:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010.08.29 19:00:28 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010.08.29 19:00:28 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010.08.29 19:00:28 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010.08.29 19:00:28 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.08.29 19:00:28 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.08.29 19:00:28 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.08.29 19:00:28 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010.08.29 19:00:28 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010.08.29 19:00:28 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.08.29 19:00:28 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010.08.29 19:00:28 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010.08.29 19:00:27 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.08.29 19:00:27 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.08.29 19:00:27 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.08.29 19:00:27 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.08.29 19:00:27 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.08.29 19:00:27 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.08.29 19:00:27 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.08.29 19:00:27 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.08.29 19:00:27 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.08.29 19:00:27 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.08.29 19:00:27 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.08.29 19:00:27 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.08.29 19:00:27 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.08.29 19:00:27 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.08.29 19:00:27 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.08.29 19:00:27 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.08.29 19:00:26 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.08.29 19:00:26 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.08.29 19:00:26 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.08.29 19:00:26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.08.29 19:00:26 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.08.29 19:00:26 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.08.29 19:00:26 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.08.29 19:00:26 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.08.29 19:00:26 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.08.29 19:00:26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.08.29 19:00:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.08.29 19:00:26 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.08.29 19:00:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.08.29 19:00:26 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.08.29 19:00:26 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.08.29 19:00:26 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.08.29 19:00:26 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.08.29 19:00:26 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.08.29 19:00:26 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.08.29 19:00:26 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.08.29 19:00:25 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.08.29 19:00:25 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.08.29 19:00:25 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.08.29 19:00:25 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.08.29 19:00:25 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.08.29 19:00:25 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.08.29 19:00:25 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.08.29 19:00:25 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.08.29 19:00:25 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.08.29 19:00:25 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.08.29 19:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.08.29 19:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.08.29 19:00:25 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.08.29 19:00:25 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.08.29 19:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.08.29 19:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.08.29 19:00:24 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.08.29 19:00:24 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.08.29 19:00:24 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.08.29 19:00:24 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.08.29 19:00:24 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.08.29 19:00:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.08.29 19:00:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.08.29 19:00:24 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.08.29 19:00:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.08.29 19:00:24 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.08.29 19:00:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.08.29 19:00:24 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.08.29 19:00:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.08.29 19:00:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.08.29 19:00:23 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.08.29 19:00:23 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.08.29 19:00:23 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.08.29 19:00:23 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.08.29 19:00:23 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.08.29 19:00:22 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.08.29 19:00:22 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.08.29 19:00:22 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.08.29 19:00:22 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.08.29 19:00:22 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.08.29 19:00:22 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.08.29 19:00:22 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.08.29 19:00:22 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.08.29 19:00:22 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.08.29 19:00:22 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.08.29 19:00:21 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.08.29 19:00:21 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.08.29 19:00:21 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.08.29 19:00:21 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.08.29 19:00:21 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.08.29 19:00:21 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.08.29 19:00:21 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.08.29 19:00:21 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.08.29 19:00:20 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.08.29 19:00:20 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.08.29 19:00:20 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.08.29 19:00:20 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.08.29 19:00:20 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.08.29 19:00:20 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.08.29 19:00:20 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.08.29 19:00:20 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.08.29 19:00:20 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.08.29 19:00:19 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.08.29 19:00:19 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.08.29 19:00:19 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.08.29 19:00:19 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.08.29 19:00:19 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.08.29 19:00:18 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.08.29 19:00:17 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.08.29 19:00:17 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.08.29 19:00:17 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.08.29 19:00:17 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.08.29 19:00:17 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.08.29 19:00:16 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.08.29 19:00:16 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.08.29 19:00:16 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.08.29 19:00:16 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.08.29 19:00:16 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.08.29 19:00:16 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.08.29 19:00:16 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.08.29 19:00:15 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.08.29 19:00:15 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.08.29 18:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activision
[2010.08.29 18:35:33 | 000,000,000 | ---D | C] -- C:\Users\Bady\Documents\My Games
[2010.08.29 18:35:31 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\InstallShield Installation Information
[2010.08.29 18:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unreal Tournament 3 (LG)
[2010.08.29 18:33:31 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.08.29 18:33:31 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.08.29 18:33:30 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.08.29 18:33:30 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.08.29 18:33:30 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.08.29 18:33:30 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.08.29 18:33:30 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.08.29 18:33:30 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.08.29 18:33:30 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.08.29 18:33:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.08.29 18:33:30 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.08.29 18:33:30 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.08.29 18:33:30 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.08.29 18:33:30 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.08.29 18:33:30 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.08.29 18:33:30 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.08.29 18:33:30 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.08.29 18:19:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mass Effect 2
[2010.08.29 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\BioWare
[2010.08.29 16:24:45 | 000,000,000 | ---D | C] -- C:\Users\Bady\Desktop\Games
[2010.08.29 15:52:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.08.29 15:52:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.08.29 15:47:16 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\ROCCAT
[2010.08.29 15:13:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ROCCAT
[2010.08.29 15:13:25 | 000,015,488 | ---- | C] (ROCCAT Ltd) -- C:\Windows\SysNative\drivers\Kone.sys
[2010.08.29 15:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ROCCAT
[2010.08.29 15:13:14 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\WinRAR
[2010.08.29 15:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.08.29 15:11:56 | 000,215,040 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.08.29 15:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.08.29 15:11:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.08.29 14:54:53 | 000,414,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\difxapi.dll
[2010.08.29 14:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VIA
[2010.08.29 14:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.08.29 14:53:16 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2010.08.29 14:53:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2010.08.29 14:47:42 | 000,000,000 | ---D | C] -- C:\Intel
[2010.08.29 14:39:27 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\.purple
[2010.08.29 14:39:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2010.08.29 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Mozilla
[2010.08.29 12:33:38 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Mozilla
[2010.08.29 12:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.08.29 12:03:06 | 000,255,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcohda6.dll
[2010.08.29 12:03:06 | 000,131,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2010.08.29 12:03:06 | 000,029,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2010.08.29 12:02:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.08.29 12:02:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.08.29 12:02:20 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.08.29 12:02:19 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.08.29 12:02:18 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.08.29 12:01:59 | 007,002,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2010.08.29 12:01:59 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2010.08.29 12:01:59 | 000,930,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpinst.exe
[2010.08.29 12:01:59 | 000,065,128 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2010.08.29 12:01:59 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2010.08.29 12:01:59 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2010.08.29 12:01:57 | 019,114,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2010.08.29 12:01:57 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2010.08.29 12:01:57 | 000,382,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2010.08.29 12:01:57 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2010.08.29 12:01:55 | 012,471,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2010.08.29 12:01:55 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2010.08.29 12:01:55 | 003,089,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2010.08.29 12:01:55 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2010.08.29 12:01:55 | 002,761,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2010.08.29 12:01:55 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2010.08.29 12:01:54 | 014,513,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2010.08.29 12:01:54 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2010.08.29 12:01:54 | 006,116,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2010.08.29 12:01:54 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2010.08.29 12:01:54 | 002,037,864 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2010.08.29 12:01:54 | 001,625,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod1922.dll
[2010.08.29 12:01:54 | 000,260,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcod.dll
[2010.08.29 12:01:50 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010.08.29 11:55:39 | 000,744,072 | ---- | C] (www.ext2fsd.com) -- C:\Windows\SysNative\drivers\ext2fsd.sys
[2010.08.29 11:55:39 | 000,000,000 | ---D | C] -- C:\Program Files\Ext2Fsd
[2010.08.29 11:55:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Macromedia
[2010.08.29 11:55:00 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Adobe
[2010.08.29 11:54:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.08.29 11:46:10 | 000,000,000 | R--D | C] -- C:\Users\Bady\Searches
[2010.08.29 11:46:10 | 000,000,000 | -H-D | C] -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2010.08.29 11:46:02 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Identities
[2010.08.29 11:46:00 | 000,000,000 | R--D | C] -- C:\Users\Bady\Contacts
[2010.08.29 11:45:59 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\VirtualStore
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Temporary Internet Files
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Templates
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Start Menu
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\SendTo
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Recent
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\PrintHood
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\NetHood
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Videos
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Pictures
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Documents\My Music
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\My Documents
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Local Settings
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\History
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Cookies
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\Application Data
[2010.08.29 11:45:51 | 000,000,000 | -HSD | C] -- C:\Users\Bady\AppData\Local\Application Data
[2010.08.29 11:45:50 | 000,000,000 | --SD | C] -- C:\Users\Bady\AppData\Roaming\Microsoft
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Videos
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Saved Games
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Pictures
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Music
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Links
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Favorites
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Downloads
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\My Documents
[2010.08.29 11:45:50 | 000,000,000 | R--D | C] -- C:\Users\Bady\Desktop
[2010.08.29 11:45:50 | 000,000,000 | -H-D | C] -- C:\Users\Bady\AppData
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Temp
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Local\Microsoft
[2010.08.29 11:45:50 | 000,000,000 | ---D | C] -- C:\Users\Bady\AppData\Roaming\Media Center Programs
[2010.08.29 11:43:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.08.29 11:42:26 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.08.29 11:37:46 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.08.29 11:37:21 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2010.09.15 21:54:29 | 001,572,864 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT
[2010.09.15 17:08:56 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.15 17:08:56 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.15 17:08:18 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.09.15 17:08:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.09.15 17:08:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.09.15 17:03:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.15 17:03:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.15 17:03:42 | 2140,422,143 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.15 01:52:58 | 001,449,351 | -H-- | M] () -- C:\Users\Bady\AppData\Local\IconCache.db
[2010.09.13 18:59:42 | 000,000,432 | ---- | M] () -- C:\Users\Bady\Desktop\1234.zip
[2010.09.12 19:04:30 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010.09.12 03:03:02 | 000,001,179 | ---- | M] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk
[2010.09.11 23:34:17 | 2225,810,849 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.09.11 18:04:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2010.09.11 17:16:03 | 000,000,378 | ---- | M] () -- C:\Users\Bady\Desktop\At7.job
[2010.09.11 05:53:03 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.09.11 05:37:35 | 000,041,648 | ---- | M] () -- C:\Windows\unins000.dat
[2010.09.11 05:35:20 | 000,686,425 | ---- | M] () -- C:\Windows\unins000.exe
[2010.09.09 20:24:25 | 000,007,185 | ---- | M] () -- C:\Users\Bady\PIC6DF4.tmp.jpg
[2010.09.07 17:12:17 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2010.09.07 17:11:54 | 000,167,592 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2010.09.07 16:52:29 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2010.09.07 16:52:09 | 000,121,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2010.09.07 16:47:49 | 000,028,752 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2010.09.07 16:47:33 | 000,061,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2010.09.07 16:47:10 | 000,020,048 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.09.05 18:22:12 | 000,001,852 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010.09.05 18:04:19 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.09.05 18:04:19 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.09.05 18:04:19 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.05 15:59:55 | 000,076,993 | ---- | M] () -- C:\Windows\SysWow64\wbers.dat.dmp
[2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.09.05 04:36:59 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.05 04:35:19 | 000,794,408 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.05 04:35:19 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.04 02:49:36 | 000,000,930 | ---- | M] () -- C:\Users\Bady\Desktop\HD Tune.lnk
[2010.09.03 17:33:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.09.03 00:32:36 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\A.V.A.lnk
[2010.09.02 18:22:06 | 000,000,000 | ---- | M] () -- C:\Windows\TMonitor64.INI
[2010.09.02 18:04:57 | 000,001,933 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.09.01 18:22:15 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.09.01 00:11:40 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.08.31 23:22:29 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\America's Army 3.url
[2010.08.31 23:02:15 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.08.31 23:01:53 | 000,001,140 | ---- | M] () -- C:\Users\Bady\Desktop\CrossFire.lnk
[2010.08.31 21:51:18 | 000,001,988 | ---- | M] () -- C:\Users\Public\Desktop\Dark Sector.lnk
[2010.08.31 21:47:34 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.29 22:21:44 | 000,000,221 | ---- | M] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url
[2010.08.29 19:00:09 | 000,002,271 | ---- | M] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.08.29 18:35:26 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk
[2010.08.29 18:19:01 | 000,001,101 | ---- | M] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2010.08.29 15:54:42 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.29 15:20:42 | 000,000,017 | ---- | M] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg
[2010.08.29 14:55:32 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2010.08.29 14:46:40 | 000,067,584 | ---- | M] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.08.29 14:46:39 | 000,215,040 | ---- | M] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2010.08.29 14:39:22 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.08.29 12:33:34 | 000,001,967 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.29 12:33:34 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.29 11:52:53 | 000,001,441 | ---- | M] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.29 11:51:08 | 000,524,288 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.29 11:51:08 | 000,065,536 | -HS- | M] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.29 11:49:43 | 000,057,560 | ---- | M] () -- C:\Users\Bady\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.08.29 11:45:51 | 000,000,020 | -HS- | M] () -- C:\Users\Bady\ntuser.ini
[2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.08.29 11:39:21 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
 
========== Files Created - No Company Name ==========
 
[2010.09.13 18:59:42 | 000,000,432 | ---- | C] () -- C:\Users\Bady\Desktop\1234.zip
[2010.09.13 18:58:57 | 000,000,378 | ---- | C] () -- C:\Users\Bady\Desktop\At7.job
[2010.09.12 18:52:21 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010.09.12 03:03:02 | 000,001,179 | ---- | C] () -- C:\Users\Bady\Desktop\X3 Terran Conflict.lnk
[2010.09.11 23:34:17 | 2225,810,849 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.09.11 18:04:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2010.09.11 05:35:26 | 000,686,425 | ---- | C] () -- C:\Windows\unins000.exe
[2010.09.11 05:35:26 | 000,041,648 | ---- | C] () -- C:\Windows\unins000.dat
[2010.09.09 20:24:25 | 000,007,185 | ---- | C] () -- C:\Users\Bady\PIC6DF4.tmp.jpg
[2010.09.06 21:20:25 | 000,020,102 | ---- | C] () -- C:\Program Files (x86)\Readme.txt
[2010.09.06 21:20:25 | 000,010,960 | ---- | C] () -- C:\Program Files (x86)\EULA.txt
[2010.09.06 21:20:25 | 000,000,361 | ---- | C] () -- C:\Program Files (x86)\INSTALL.LOG
[2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Vuze.lnk
[2010.09.05 18:22:12 | 000,001,852 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010.09.05 15:59:55 | 000,076,993 | ---- | C] () -- C:\Windows\SysWow64\wbers.dat.dmp
[2010.09.05 04:36:59 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.09.05 04:35:20 | 000,189,480 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.05 04:35:19 | 000,794,408 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.05 04:35:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.04 02:49:36 | 000,000,930 | ---- | C] () -- C:\Users\Bady\Desktop\HD Tune.lnk
[2010.09.03 17:33:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.09.02 18:44:53 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2010.09.02 18:44:39 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\A.V.A.lnk
[2010.09.02 18:22:06 | 000,000,000 | ---- | C] () -- C:\Windows\TMonitor64.INI
[2010.09.02 18:04:57 | 000,001,933 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk
[2010.09.01 18:06:57 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2010.09.01 00:11:40 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2010.08.31 23:22:29 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\America's Army 3.url
[2010.08.31 23:02:15 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
[2010.08.31 23:01:53 | 000,001,140 | ---- | C] () -- C:\Users\Bady\Desktop\CrossFire.lnk
[2010.08.31 21:51:18 | 000,001,988 | ---- | C] () -- C:\Users\Public\Desktop\Dark Sector.lnk
[2010.08.31 21:47:34 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.08.29 22:21:44 | 000,000,221 | ---- | C] () -- C:\Users\Bady\Desktop\R.U.S.E. Demo.url
[2010.08.29 19:00:09 | 000,002,271 | ---- | C] () -- C:\Users\Public\Desktop\Singularity(TM).lnk
[2010.08.29 18:35:26 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Unreal Tournament 3.lnk
[2010.08.29 18:19:01 | 000,001,101 | ---- | C] () -- C:\Users\Public\Desktop\Mass Effect 2.lnk
[2010.08.29 15:52:28 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.08.29 15:20:42 | 000,000,017 | ---- | C] () -- C:\Users\Bady\AppData\Local\resmon.resmoncfg
[2010.08.29 15:11:56 | 000,067,584 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.08.29 14:47:42 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.08.29 14:39:22 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Pidgin.lnk
[2010.08.29 12:33:34 | 000,001,967 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010.08.29 12:33:34 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.08.29 12:01:59 | 000,012,264 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2010.08.29 11:52:53 | 000,001,441 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2010.08.29 11:45:51 | 000,000,020 | -HS- | C] () -- C:\Users\Bady\ntuser.ini
[2010.08.29 11:45:50 | 001,572,864 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT
[2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.08.29 11:45:50 | 000,524,288 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.08.29 11:45:50 | 000,262,144 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG1
[2010.08.29 11:45:50 | 000,065,536 | -HS- | C] () -- C:\Users\Bady\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.08.29 11:45:50 | 000,000,290 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2010.08.29 11:45:50 | 000,000,272 | ---- | C] () -- C:\Users\Bady\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2010.08.29 11:45:50 | 000,000,000 | -HS- | C] () -- C:\Users\Bady\ntuser.dat.LOG2
[2010.08.29 11:37:21 | 2140,422,143 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.30 16:01:38 | 000,749,568 | ---- | C] () -- C:\Windows\SysWow64\spk.dll
[2010.03.26 21:04:54 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
< End of report >
Noch eine Frage
Muss ich Cure IT in irgendeiner Form aktualisieren ?
Oder einfach so wie ich es Hier aus dem Board gezogen hab laufen lassen.
Denn wenn ich bei CureIT aktualisieren drücke Passiert nichts.

So hier der Log von MAM

Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4601

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

15.09.2010 22:21:22
mbam-log-2010-09-15 (22-21-22).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Durchsuchte Objekte: 240404
Laufzeit: 23 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Chris4You 16.09.2010 06:52
Hi,

die Datei hier ist die Du mir geschickt hattest?
C:\Users\Bady\Desktop\At7.job
Den dann bitte auch löschen...

Was ich nicht so recht zuordnen kann ist das hier:
C:\Windows\SysWow64\spk.dll,
daher:

Bitte folgende Files prüfen:

Dateien Online überprüfen lassen:
  • Suche die Seite Virtustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
C:\Windows\SysWow64\spk.dll
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

chris

Bady 17.09.2010 23:15
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name:
spk.dll
Submission date:
2010-09-17 22:12:22 (UTC)
Current status:
queued (#2) queued (#2) analysing finished
Result:
0/ 43 (0.0%)

VT Community

not reviewed
Safety score: -
Compact

Antivirus Version Last Update Result
AhnLab-V3 2010.09.18.00 2010.09.17 -
AntiVir 8.2.4.52 2010.09.17 -
Antiy-AVL 2.0.3.7 2010.09.17 -
Authentium 5.2.0.5 2010.09.17 -
Avast 4.8.1351.0 2010.09.17 -
Avast5 5.0.594.0 2010.09.17 -
AVG 9.0.0.851 2010.09.17 -
BitDefender 7.2 2010.09.17 -
CAT-QuickHeal 11.00 2010.09.17 -
ClamAV 0.96.2.0-git 2010.09.17 -
Comodo 6114 2010.09.17 -
DrWeb 5.0.2.03300 2010.09.17 -
Emsisoft 5.0.0.37 2010.09.17 -
eSafe 7.0.17.0 2010.09.17 -
eTrust-Vet 36.1.7862 2010.09.17 -
F-Prot 4.6.1.107 2010.09.17 -
F-Secure 9.0.15370.0 2010.09.17 -
Fortinet 4.1.143.0 2010.09.17 -
GData 21 2010.09.17 -
Ikarus T3.1.1.88.0 2010.09.17 -
Jiangmin 13.0.900 2010.09.17 -
K7AntiVirus 9.63.2542 2010.09.17 -
Kaspersky 7.0.0.125 2010.09.17 -
McAfee 5.400.0.1158 2010.09.17 -
McAfee-GW-Edition 2010.1C 2010.09.17 -
Microsoft 1.6201 2010.09.17 -
NOD32 5458 2010.09.17 -
Norman 6.06.06 2010.09.17 -
nProtect 2010-09-17.01 2010.09.17 -
Panda 10.0.2.7 2010.09.17 -
PCTools 7.0.3.5 2010.09.17 -
Prevx 3.0 2010.09.18 -
Rising 22.65.04.01 2010.09.17 -
Sophos 4.57.0 2010.09.17 -
Sunbelt 6889 2010.09.17 -
SUPERAntiSpyware 4.40.0.1006 2010.09.17 -
Symantec 20101.1.1.7 2010.09.17 -
TheHacker 6.7.0.0.022 2010.09.17 -
TrendMicro 9.120.0.1004 2010.09.17 -
TrendMicro-HouseCall 9.120.0.1004 2010.09.17 -
VBA32 3.12.14.0 2010.09.17 -
ViRobot 2010.8.25.4006 2010.09.17 -
VirusBuster 12.65.12.0 2010.09.17 -
Additional information
Show all
MD5 : 9ebcf99da826644557695a3484dda1d4
SHA1 : cf5c64160293403146ce4e9f25d47dcd6e011b4f
SHA256: 9f7cec60946ca79d63dbc299b77c1785bebc60a4e45ed62623fadd9dc2c77cf0

Chris4You 18.09.2010 19:23
Hi,

sauber, was macht der Rechner?
Lass uns mal nach TDSS schauen....

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

Prevx:
Das Tool neigt zu Fehlalarmen und kann in der freien Version auch nichts löschen, ist aber sonst recht gut... (und läuft auch 64Bit-Plattformen)
Prevx 3.0 for Home and Family
Falls das Tool was findet, nicht das Log posten sondern einen Screenshot des dann angezeigten Fensters...

chris


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:57 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131