OTL logfile created on: 20.04.2011 20:59:20 - Run 2 OTL by OldTimer - Version 3.2.22.3 Folder = C:\Downloads\Software Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 450,06 Gb Total Space | 63,57 Gb Free Space | 14,13% Space Free | Partition Type: NTFS Drive D: | 15,67 Gb Total Space | 5,02 Gb Free Space | 32,06% Space Free | Partition Type: FAT32 Computer Name: *** | User Name: ***| Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011.04.20 20:57:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe PRC - [2011.03.30 18:35:51 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2011.03.17 10:15:04 | 000,842,048 | ---- | M] (DT Soft Ltd) -- C:\Programme\DAEMON Tools Pro\DTAgent.exe PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe PRC - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.12.20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe PRC - [2010.08.27 09:40:40 | 001,178,184 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2010.08.26 13:25:41 | 000,996,936 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\TotalCare\AVKTray\AVKTray.exe PRC - [2010.08.26 13:25:20 | 001,538,120 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\TotalCare\Firewall\GDFirewallTray.exe PRC - [2010.08.26 01:41:14 | 001,607,344 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\TotalCare\Firewall\GDFwSvc.exe PRC - [2010.08.26 01:28:53 | 001,330,792 | ---- | M] () -- C:\Programme\G Data\TotalCare\AVK\AVKWCtl.exe PRC - [2010.08.26 00:51:59 | 000,340,552 | ---- | M] (G Data Software AG) -- C:\Programme\Common Files\G Data\GDScan\GDScan.exe PRC - [2010.07.16 17:32:34 | 000,619,800 | ---- | M] (http://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe PRC - [2010.04.29 00:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG) -- C:\Programme\Free Download Manager\fdm.exe PRC - [2010.03.31 16:06:48 | 000,410,696 | ---- | M] (G Data Software AG) -- C:\Programme\G Data\TotalCare\AVK\AVKService.exe PRC - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2008.12.05 14:07:06 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe PRC - [2008.12.05 14:06:42 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe PRC - [2007.12.17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE PRC - [2007.08.03 12:51:18 | 001,422,632 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMIndexStoreSvr.exe PRC - [2007.08.03 12:51:06 | 000,202,024 | ---- | M] (Nero AG) -- C:\Programme\Common Files\Nero\Lib\NMBgMonitor.exe PRC - [2007.01.30 11:37:40 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbmcoms.exe PRC - [2007.01.11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2011.04.20 20:57:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Downloads\Software\OTL.exe MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [On_Demand | Stopped] -- -- (VPRVLD) SRV - [2011.03.31 14:14:40 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2011.01.07 20:48:56 | 000,378,984 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.08.27 09:40:40 | 001,178,184 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2010.08.26 01:41:14 | 001,607,344 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Programme\G Data\TotalCare\Firewall\GDFwSvc.exe -- (GDFwSvc) SRV - [2010.08.26 01:28:53 | 001,330,792 | ---- | M] () [Auto | Running] -- C:\Programme\G Data\TotalCare\AVK\AVKWCtl.exe -- (AVKWCtl) SRV - [2010.08.26 00:51:59 | 000,340,552 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2010.05.05 08:26:22 | 000,901,192 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Programme\G Data\TotalCare\AVKBackup\AVKBackupService.exe -- (GDBackupSvc) SRV - [2010.03.31 16:06:48 | 000,410,696 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Programme\G Data\TotalCare\AVK\AVKService.exe -- (AVKService) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.08 02:17:54 | 000,934,984 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Programme\G Data\TotalCare\AVKTuner\AVKTunerService.exe -- (GDTunerSvc) SRV - [2010.01.12 16:57:44 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.12.05 14:07:06 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2008.12.05 14:06:42 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service) SRV - [2007.12.17 05:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) SRV - [2007.01.30 11:37:40 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbmcoms.exe -- (lxbm_device) SRV - [2007.01.11 05:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - [2011.04.19 20:07:32 | 000,443,448 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd) DRV - [2011.04.15 23:54:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc) DRV - [2011.04.15 23:54:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt) DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | Disabled | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2010.11.20 20:46:07 | 000,047,560 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PktIcpt.sys -- (GDPkIcpt) DRV - [2010.11.18 22:56:15 | 000,062,024 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV - [2010.11.18 22:56:15 | 000,038,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\HookCentre.sys -- (HookCentre) DRV - [2010.11.18 22:56:15 | 000,033,480 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\GDBehave.sys -- (GDBehave) DRV - [2010.11.12 01:10:50 | 000,122,984 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2010.07.31 20:05:33 | 000,029,992 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\GRD.sys -- (GRD) DRV - [2010.07.31 19:55:59 | 000,040,904 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\System32\drivers\gdwfpcd32.sys -- (gdwfpcd) DRV - [2010.01.18 01:17:17 | 000,081,408 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV86.sys -- (SSHDRV86) DRV - [2009.12.22 02:26:36 | 000,030,392 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2009.08.24 00:55:32 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV - [2009.08.13 08:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp) DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009.07.14 00:09:17 | 004,194,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u) DRV - [2008.09.04 07:28:22 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag) DRV - [2008.09.04 07:27:54 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem) DRV - [2008.09.04 07:27:28 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus) DRV - [2008.07.28 14:52:06 | 000,272,384 | ---- | M] (1&1 Internet AG) [File_System | System | Running] -- C:\Windows\System32\drivers\ui11rdr.SYS -- (ui11rdr) DRV - [2007.04.20 19:51:56 | 010,253,056 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp325.sys -- (SNP325) USB PC Camera (SNPSTD325) DRV - [2005.12.18 14:33:48 | 000,044,416 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dptrackerd.sys -- (dptrackerd) DRV - [2005.10.13 18:19:12 | 008,701,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3) DRV - [2005.01.14 18:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x) DRV - [2004.12.03 12:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x) DRV - [2004.10.28 12:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9F EA 49 AB F0 96 CA 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultthis.engineName: "Search" FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.de" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: RAWThumbnailViewer@arcsoft.com.cn:2.0.0.11 FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.5 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:3.3.7 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:21.1.10084.997 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10 FF - prefs.js..extensions.enabledItems: YPlayer@yummy.net:1.0.0.15 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: {E0B550C4-3A95-4ED1-B336-AE90E057967A}:1.9.1 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q=" FF - prefs.js..network.proxy.http: "127.0.0.1" FF - prefs.js..network.proxy.http_port: 8118 FF - prefs.js..network.proxy.no_proxies_on: "127.0.0.1" FF - prefs.js..network.proxy.socks: "127.0.0.1" FF - prefs.js..network.proxy.socks_port: 9050 FF - prefs.js..network.proxy.socks_remote_dns: true FF - prefs.js..network.proxy.ssl: "127.0.0.1" FF - prefs.js..network.proxy.ssl_port: 8118 FF - prefs.js..network.proxy.type: 2 FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=" FF - HKLM\software\mozilla\Firefox\Extensions\\RAWThumbnailViewer@arcsoft.com.cn: C:\Program Files\ArcSoft\RAW Thumbnail Viewer\FireFox Extension [2010.02.11 15:43:38 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Video Downloader\Plugin_FireFox [2010.02.11 15:44:25 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.30 18:35:54 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.30 18:35:54 | 000,000,000 | ---D | M] [2010.01.16 23:16:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shorty\AppData\Roaming\mozilla\Extensions [2011.04.19 20:38:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions [2010.10.26 17:18:18 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.01.22 22:03:52 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE} [2010.05.21 06:09:16 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.12.24 10:02:53 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.05.31 11:18:10 | 000,000,000 | ---D | M] (Torbutton) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca} [2010.09.16 19:00:46 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} [2011.03.30 19:00:07 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Shorty\AppData\Roaming\mozilla\Firefox\Profiles\1zieu2wt.default\extensions\personas@christopher.beard [2010.09.16 19:00:42 | 000,003,915 | ---- | M] () -- C:\Users\Shorty\AppData\Roaming\Mozilla\Firefox\Profiles\1zieu2wt.default\searchplugins\sweetim.xml [2011.03.31 20:07:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2010.07.31 19:56:12 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Programme\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE} [2010.07.25 15:53:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.07.26 20:13:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.25 20:11:15 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\Programme\Mozilla Firefox\extensions\YPlayer@yummy.net [2010.02.11 15:43:38 | 000,000,000 | ---D | M] ("RAW Thumbnail Viewer") -- C:\PROGRAM FILES\ARCSOFT\RAW THUMBNAIL VIEWER\FIREFOX EXTENSION [2011.01.22 17:41:27 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\PROGRAM FILES\FREE DOWNLOAD MANAGER\FIREFOX\EXTENSION [2010.07.31 19:56:12 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170633FE} [2010.07.25 15:53:08 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1} [2010.01.17 15:01:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2010.07.26 20:13:47 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.11.25 20:11:15 | 000,000,000 | ---D | M] (Yummy Games Player) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\YPLAYER@YUMMY.NET [2011.03.30 18:54:54 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\SHORTY\APPDATA\LOCAL\{E0B550C4-3A95-4ED1-B336-AE90E057967A} [2010.06.22 04:36:30 | 000,423,656 | ---- | M] (Oracle) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2006.08.09 12:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Programme\Mozilla Firefox\plugins\npWebLaunch.dll [2011.03.08 17:27:28 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.03.08 17:27:28 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.03.08 17:27:28 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.03.08 17:27:28 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.03.08 17:27:28 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2011.04.20 18:58:24 | 000,000,000 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\TotalCare\Webfilter\AvkWebIE.dll (G Data Software AG) O2 - BHO: (IEPlugin Class) - {11222041-111B-46E3-BD29-EFB2449479B1} - C:\Programme\ArcSoft\Video Downloader\ArcURLRecord.dll (ArcSoft, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (ToolbarBHO Class) - {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\Programme\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll (ArcSoft Inc.) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll () O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Programme\G Data\TotalCare\Webfilter\AvkWebIE.dll (G Data Software AG) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found. O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Programme\G Data\TotalCare\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Programme\G Data\TotalCare\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKCU..\Run: [Bceyosa] File not found O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG) O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd) O4 - HKCU..\Run: [EPSON Stylus SX400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: EXIF lesen - C:\Programme\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\Shorty\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Shorty\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm () O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{177ce340-5b65-11e0-9cc9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{177ce340-5b65-11e0-9cc9-806e6f6e6963}\Shell\AutoRun\command - "" = K:\Setupx.exe O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011.04.20 19:28:52 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW [2011.04.20 18:58:07 | 000,000,000 | ---D | C] -- C:\Programme\Enigma Software Group [2011.04.20 18:36:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011.04.20 17:57:00 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MagicISO [2011.04.20 17:57:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO [2011.04.20 17:56:58 | 000,000,000 | ---D | C] -- C:\Programme\MagicISO [2011.04.20 17:49:08 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\backupwii [2011.04.19 20:14:20 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [2011.04.19 20:14:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro [2011.04.19 08:51:40 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2011.04.15 23:55:27 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson [2011.04.15 23:54:52 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll [2011.04.15 23:54:52 | 000,025,512 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys [2011.04.15 23:54:52 | 000,013,224 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys [2011.04.15 23:54:11 | 000,000,000 | ---D | C] -- C:\Programme\Sony Ericsson [2011.04.13 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\Liiisaaaas [2011.04.13 13:30:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.4 [2011.04.13 13:29:56 | 000,000,000 | ---D | C] -- C:\Programme\ICQ7.4 [2011.04.11 19:24:31 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2011.04.11 19:24:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2011.04.11 17:57:42 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\SUiKODEN - Komplettlösung [2011.04.10 18:55:43 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\Birgit Bewerbungen [2011.04.10 12:28:03 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\ff9 [2011.04.08 17:24:55 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Documents\Mein Steuer-Sparbuch Heute [2011.04.08 17:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2011 [2011.04.08 17:23:43 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Local\Buhl [2011.04.08 17:21:04 | 000,000,000 | ---D | C] -- C:\Programme\WISO [2011.04.08 17:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH [2011.04.08 17:20:28 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Local\Buhl Data Service [2011.04.07 22:44:11 | 000,106,496 | ---- | C] (-) -- C:\Users\Shorty\Desktop\7Sins-v1.0-Plus6-Trainer.exe [2011.04.07 15:29:44 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monte Cristo [2011.04.07 15:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monte Cristo [2011.04.07 15:25:41 | 000,000,000 | ---D | C] -- C:\Programme\Monte Cristo [2011.04.07 14:30:41 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\wiibackup [2011.04.07 13:31:28 | 000,000,000 | R--D | C] -- C:\Users\Shorty\Documents\Notes [2011.04.07 13:27:36 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RapidShare AG [2011.04.06 23:25:11 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Local\Ahead [2011.04.06 23:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8 [2011.04.06 23:24:25 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Roaming\Nero [2011.04.06 23:16:06 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Documents\Alcohol 120% [2011.04.06 22:50:33 | 000,000,000 | ---D | C] -- C:\Users\Shorty\Desktop\ps2 [2011.04.06 19:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader [2011.04.06 19:57:55 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader [2011.04.01 20:34:30 | 000,000,000 | -HSD | C] -- C:\#GDATA.Trash.Store# [2011.04.01 11:54:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2011.03.31 20:19:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011.03.31 09:05:41 | 000,000,000 | ---D | C] -- C:\Programme\Alcohol Soft [2011.03.30 18:54:54 | 000,000,000 | ---D | C] -- C:\Users\Shorty\AppData\Local\{E0B550C4-3A95-4ED1-B336-AE90E057967A} [2010.02.05 00:48:33 | 000,147,456 | ---- | C] ( ) -- C:\Windows\System32\rsnp325.dll [2010.02.05 00:48:33 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnp325.dll [2010.02.05 00:48:33 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnp325.dll [2007.01.30 13:37:44 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbmih.exe [2007.01.30 13:37:40 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbmcoms.exe [2007.01.30 13:37:38 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbmcfg.exe [2006.12.20 20:08:22 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbmpmui.dll [2006.12.20 20:06:56 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbmserv.dll [2006.12.20 20:01:02 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbmcomm.dll [2006.12.20 19:59:22 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbmlmpm.dll [2006.12.20 19:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbmiesc.dll [2006.12.20 19:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbmpplc.dll [2006.12.20 19:54:52 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbmcomc.dll [2006.12.20 19:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbmprox.dll [2006.12.20 19:47:30 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbminpa.dll [2006.12.20 19:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxbmusb1.dll [2006.12.20 19:42:34 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbmhbn3.dll [2005.09.13 01:45:06 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll [2004.02.16 21:59:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011.04.20 21:00:41 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011.04.20 21:00:41 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011.04.20 20:53:23 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011.04.20 20:53:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011.04.20 20:53:05 | 344,522,623 | ---- | M] () -- C:\Windows\MEMORY.DMP [2011.04.20 20:53:04 | 2414,485,504 | -HS- | M] () -- C:\hiberfil.sys [2011.04.20 20:44:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011.04.20 20:43:01 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3247729353-18491574-2113395355-1001UA.job [2011.04.20 19:26:31 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.04.20 18:58:24 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2011.04.20 17:57:01 | 000,001,769 | ---- | M] () -- C:\Users\Shorty\Desktop\MagicISO.lnk [2011.04.20 17:54:01 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk [2011.04.20 17:48:20 | 000,000,120 | ---- | M] () -- C:\Users\Shorty\AppData\Local\Qsehagiqini.dat [2011.04.20 15:01:44 | 000,000,000 | ---- | M] () -- C:\Users\Shorty\AppData\Local\Ntewu.bin [2011.04.19 23:25:13 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3247729353-18491574-2113395355-1001Core.job [2011.04.19 20:28:24 | 000,001,604 | ---- | M] () -- C:\Users\Shorty\Desktop\Daemon Tools.lnk [2011.04.19 20:10:00 | 000,001,586 | ---- | M] () -- C:\Users\Shorty\Desktop\WinSetupFromUSB.lnk [2011.04.19 20:08:58 | 000,707,062 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2011.04.19 20:08:58 | 000,660,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2011.04.19 20:08:58 | 000,152,548 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2011.04.19 20:08:58 | 000,124,744 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2011.04.16 12:26:00 | 000,004,358 | ---- | M] () -- C:\Users\Shorty\Desktop\klingel001.png [2011.04.15 23:59:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011.04.15 23:59:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2011.04.15 23:55:27 | 000,001,219 | ---- | M] () -- C:\Users\Shorty\Desktop\Update Service.lnk [2011.04.15 23:54:52 | 001,112,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll [2011.04.15 23:54:52 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggsemc.sys [2011.04.15 23:54:52 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\System32\drivers\ggflt.sys [2011.04.15 12:03:40 | 000,262,144 | ---- | M] () -- C:\Windows\System32\€ [2011.04.13 19:53:17 | 000,000,600 | ---- | M] () -- C:\Users\Shorty\AppData\Roaming\winscp.rnd [2011.04.13 17:41:40 | 000,113,604 | ---- | M] () -- C:\Users\Public\Documents\League of Legends spielen .lnk [2011.04.13 13:30:37 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.04.12 11:26:34 | 000,001,720 | ---- | M] () -- C:\Users\Shorty\Desktop\League of Legends spielen .lnk [2011.04.10 13:07:02 | 000,000,625 | ---- | M] () -- C:\Users\Shorty\Desktop\Final Fantasy IX PCSX.lnk [2011.04.08 17:24:33 | 000,000,080 | ---- | M] () -- C:\Windows\wiso.ini [2011.04.08 17:24:05 | 000,002,085 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2011.04.08 17:24:04 | 000,002,051 | ---- | M] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk [2011.04.07 15:32:29 | 000,001,153 | ---- | M] () -- C:\Users\Shorty\Desktop\7 Sins.lnk [2011.04.07 13:27:40 | 000,002,862 | ---- | M] () -- C:\Users\Shorty\Desktop\RapidShare Manager.lnk [2011.04.07 11:10:47 | 000,066,353 | ---- | M] () -- C:\Users\Shorty\Desktop\test.rpc [2011.04.06 23:24:59 | 000,002,721 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2011.04.06 23:24:59 | 000,002,623 | ---- | M] () -- C:\Users\Public\Desktop\Nero Home.lnk [2011.04.06 23:22:23 | 000,000,292 | ---- | M] () -- C:\Users\Shorty\Documents\ax_files.xml [2011.04.06 22:50:22 | 000,004,544 | ---- | M] () -- C:\Users\Shorty\Desktop\d.jnt [2011.04.06 19:58:08 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.04.01 20:34:08 | 000,524,288 | -HS- | M] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000002.regtrans-ms [2011.04.01 20:34:08 | 000,524,288 | -HS- | M] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000001.regtrans-ms [2011.04.01 20:34:08 | 000,065,536 | -HS- | M] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TM.blf [2011.04.01 20:34:07 | 000,524,288 | -HS- | M] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000002.regtrans-ms [2011.04.01 20:34:07 | 000,524,288 | -HS- | M] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000001.regtrans-ms [2011.04.01 20:34:07 | 000,065,536 | -HS- | M] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TM.blf [2011.04.01 12:46:07 | 000,415,208 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2011.04.01 11:55:38 | 000,002,057 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf [2011.04.01 11:55:03 | 000,000,020 | ---- | M] () -- C:\Windows\ ø˜ [2011.03.31 20:29:18 | 000,023,452 | ---- | M] () -- C:\Users\Public\Documents\cc_20110331_202903.reg [2011.03.31 20:21:31 | 000,000,022 | -HS- | M] () -- C:\Windows\System5537 Data.Repository [2011.03.31 20:21:31 | 000,000,022 | -HS- | M] () -- C:\Users\Shorty\AppData\Roaming\Sys2662.Config.Repository.bin [2011.03.31 08:53:37 | 000,497,047 | ---- | M] () -- C:\Users\Shorty\Desktop\cnc.generals.zh.mini-image.by.schluepfer.rar [2011.03.28 12:39:16 | 000,001,916 | ---- | M] () -- C:\Windows\eReg.dat [4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011.04.20 19:30:04 | 344,522,623 | ---- | C] () -- C:\Windows\MEMORY.DMP [2011.04.20 17:57:00 | 000,001,769 | ---- | C] () -- C:\Users\Shorty\Desktop\MagicISO.lnk [2011.04.19 20:28:24 | 000,001,604 | ---- | C] () -- C:\Users\Shorty\Desktop\Daemon Tools.lnk [2011.04.19 20:10:00 | 000,001,586 | ---- | C] () -- C:\Users\Shorty\Desktop\WinSetupFromUSB.lnk [2011.04.19 20:07:33 | 000,001,050 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Pro.lnk [2011.04.16 12:25:59 | 000,004,358 | ---- | C] () -- C:\Users\Shorty\Desktop\klingel001.png [2011.04.15 23:59:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggsemc_01007.Wdf [2011.04.15 23:59:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ggflt_01007.Wdf [2011.04.15 23:55:27 | 000,001,219 | ---- | C] () -- C:\Users\Shorty\Desktop\Update Service.lnk [2011.04.13 17:41:39 | 000,113,604 | ---- | C] () -- C:\Users\Public\Documents\League of Legends spielen .lnk [2011.04.13 13:30:37 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.4.lnk [2011.04.12 11:26:34 | 000,001,720 | ---- | C] () -- C:\Users\Shorty\Desktop\League of Legends spielen .lnk [2011.04.10 10:37:26 | 000,000,625 | ---- | C] () -- C:\Users\Shorty\Desktop\Final Fantasy IX PCSX.lnk [2011.04.08 17:24:30 | 000,000,080 | ---- | C] () -- C:\Windows\wiso.ini [2011.04.08 17:24:04 | 000,002,085 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2011.04.08 17:24:04 | 000,002,051 | ---- | C] () -- C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2011.lnk [2011.04.07 15:32:29 | 000,001,153 | ---- | C] () -- C:\Users\Shorty\Desktop\7 Sins.lnk [2011.04.07 13:27:40 | 000,002,862 | ---- | C] () -- C:\Users\Shorty\Desktop\RapidShare Manager.lnk [2011.04.07 11:10:44 | 000,066,353 | ---- | C] () -- C:\Users\Shorty\Desktop\test.rpc [2011.04.06 23:24:59 | 000,002,721 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk [2011.04.06 23:24:58 | 000,002,623 | ---- | C] () -- C:\Users\Public\Desktop\Nero Home.lnk [2011.04.06 23:22:23 | 000,000,292 | ---- | C] () -- C:\Users\Shorty\Documents\ax_files.xml [2011.04.06 22:50:22 | 000,004,544 | ---- | C] () -- C:\Users\Shorty\Desktop\d.jnt [2011.04.06 19:58:08 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk [2011.04.01 20:34:08 | 000,524,288 | -HS- | C] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000002.regtrans-ms [2011.04.01 20:34:08 | 000,524,288 | -HS- | C] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000001.regtrans-ms [2011.04.01 20:34:08 | 000,065,536 | -HS- | C] () -- C:\Windows\System32\€{33c7710a-5c8c-11e0-af96-001d92b5bb91}.TM.blf [2011.04.01 20:34:07 | 000,524,288 | -HS- | C] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000002.regtrans-ms [2011.04.01 20:34:07 | 000,524,288 | -HS- | C] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TMContainer00000000000000000001.regtrans-ms [2011.04.01 20:34:07 | 000,262,144 | ---- | C] () -- C:\Windows\System32\€ [2011.04.01 20:34:07 | 000,065,536 | -HS- | C] () -- C:\Windows\System32\€{33c77106-5c8c-11e0-af96-001d92b5bb91}.TM.blf [2011.04.01 11:55:02 | 000,000,020 | ---- | C] () -- C:\Windows\ ø˜ [2011.03.31 20:29:06 | 000,023,452 | ---- | C] () -- C:\Users\Public\Documents\cc_20110331_202903.reg [2011.03.31 20:21:31 | 000,000,022 | -HS- | C] () -- C:\Windows\System5537 Data.Repository [2011.03.31 20:21:31 | 000,000,022 | -HS- | C] () -- C:\Users\Shorty\AppData\Roaming\Sys2662.Config.Repository.bin [2011.03.31 20:19:51 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011.03.31 08:58:40 | 001,919,232 | ---- | C] () -- C:\Users\Shorty\Desktop\c&c.generals.zh.mini-image.by.schluepfer.mdf [2011.03.31 08:58:40 | 000,000,486 | ---- | C] () -- C:\Users\Shorty\Desktop\c&c.generals.zh.mini-image.by.schluepfer.mds [2011.03.31 08:58:40 | 000,000,454 | ---- | C] () -- C:\Users\Shorty\Desktop\instructions.by.schluepfer.nfo [2011.03.31 08:53:37 | 000,497,047 | ---- | C] () -- C:\Users\Shorty\Desktop\cnc.generals.zh.mini-image.by.schluepfer.rar [2011.03.30 18:54:55 | 000,000,120 | ---- | C] () -- C:\Users\Shorty\AppData\Local\Qsehagiqini.dat [2011.03.30 18:54:55 | 000,000,000 | ---- | C] () -- C:\Users\Shorty\AppData\Local\Ntewu.bin [2011.03.10 15:45:56 | 000,138,056 | ---- | C] () -- C:\Users\Shorty\AppData\Roaming\PnkBstrK.sys [2011.03.10 15:37:35 | 003,360,624 | ---- | C] () -- C:\Windows\System32\pbsvc.exe [2010.11.25 20:11:05 | 000,352,648 | ---- | C] () -- C:\Windows\System32\SysCheck2.dll [2010.08.24 23:37:40 | 000,000,055 | ---- | C] () -- C:\Windows\cryavitompeg.ini [2010.08.24 23:35:10 | 000,000,005 | ---- | C] () -- C:\Windows\System32\SySavitompeg.dat [2010.08.13 00:20:26 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe [2010.08.13 00:19:32 | 000,237,568 | ---- | C] () -- C:\Windows\System32\Unlha32.dll [2010.08.13 00:19:31 | 000,473,600 | ---- | C] () -- C:\Windows\System32\Harmony.dll [2010.08.04 22:34:02 | 000,000,600 | ---- | C] () -- C:\Users\Shorty\AppData\Local\PUTTY.RND [2010.07.29 23:56:51 | 000,000,600 | ---- | C] () -- C:\Users\Shorty\AppData\Roaming\winscp.rnd [2010.07.25 15:54:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.06.23 14:21:19 | 000,983,352 | ---- | C] () -- C:\Windows\Border Defense Uninstaller.exe [2010.05.13 23:17:24 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2010.04.21 17:19:59 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe [2010.04.14 13:51:00 | 000,007,597 | ---- | C] () -- C:\Users\Shorty\AppData\Local\Resmon.ResmonCfg [2010.03.23 21:58:50 | 000,000,119 | ---- | C] () -- C:\Windows\bfe_prog.ini [2010.02.22 19:19:07 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe [2010.02.22 19:19:07 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2010.02.22 19:19:07 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2010.02.22 19:19:07 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe [2010.02.22 19:19:07 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2010.02.07 03:38:46 | 000,001,916 | ---- | C] () -- C:\Windows\eReg.dat [2010.02.06 20:45:19 | 000,137,544 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2010.02.06 20:24:02 | 000,189,480 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2010.02.06 20:23:42 | 000,075,064 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2010.02.06 16:51:25 | 000,000,094 | ---- | C] () -- C:\Users\Shorty\AppData\Local\fusioncache.dat [2010.02.05 01:15:08 | 001,053,056 | ---- | C] () -- C:\Windows\System32\drivers\CAMTHWDM.sys [2010.02.05 00:48:35 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe [2010.02.05 00:48:34 | 000,827,392 | ---- | C] () -- C:\Windows\vsnp325.exe [2010.02.05 00:48:34 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe [2010.02.05 00:48:34 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini [2010.01.19 17:13:36 | 000,000,092 | ---- | C] () -- C:\Windows\Lexstat.ini [2010.01.18 01:17:17 | 000,081,408 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV86.sys [2009.07.14 10:47:43 | 000,707,062 | ---- | C] () -- C:\Windows\System32\perfh007.dat [2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat [2009.07.14 10:47:43 | 000,152,548 | ---- | C] () -- C:\Windows\System32\perfc007.dat [2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat [2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 06:33:53 | 000,415,208 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2009.07.14 04:05:48 | 000,660,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2009.07.14 04:05:48 | 000,124,744 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2009.07.14 00:09:20 | 002,342,400 | ---- | C] () -- C:\Windows\System32\atidxx32.dll [2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2007.01.29 08:16:20 | 000,413,696 | ---- | C] () -- C:\Windows\System32\lxbmutil.dll [2007.01.22 11:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbmcoin.dll [2005.10.25 16:51:16 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbmvs.dll [2005.10.13 18:19:12 | 008,701,824 | ---- | C] () -- C:\Windows\System32\drivers\snpstd3.sys [2005.09.05 23:55:08 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd3.exe [2004.02.28 01:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini [color=#E56717]========== LOP Check ==========[/color] [2010.06.11 21:15:56 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\1&1 [2010.08.24 23:38:42 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\4Media [2011.03.15 15:41:49 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\AtomZombieDemoData [2010.02.05 03:13:06 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\CamTrack [2010.01.17 13:48:09 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\DAEMON Tools [2011.04.19 20:31:21 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\DAEMON Tools Pro [2010.05.21 06:09:16 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\DVDVideoSoftIEHelpers [2010.06.12 19:03:40 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\EA [2010.07.08 21:13:26 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Eqoww [2011.04.20 21:10:09 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Free Download Manager [2010.11.15 15:39:15 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\geany [2010.11.15 15:39:10 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\gtk-2.0 [2011.04.18 13:37:04 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\ICQ [2010.01.27 14:00:49 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\LG Electronics [2011.03.11 17:24:08 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\LolClient [2010.04.27 18:52:05 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\MySQL [2011.04.01 20:34:32 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Nivoa [2011.03.08 18:01:46 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\PCFix [2011.01.02 14:38:25 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\PhotoScape [2010.08.25 23:49:50 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\PMS [2010.07.28 18:50:00 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Subversion [2010.07.15 17:21:11 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\TeamViewer [2011.03.31 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\TS3Client [2011.03.13 15:57:38 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\TuneUp Software [2010.12.12 16:22:45 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Turbine [2011.03.08 17:59:15 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Uniblue [2011.01.09 21:57:12 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\Utherverse [2010.06.23 14:24:25 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\ValuSoft [2010.02.05 01:15:45 | 000,000,000 | ---D | M] -- C:\Users\Shorty\AppData\Roaming\WebcamMax [2011.04.20 21:03:58 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:A8ADE5D8 @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report >