Brauche Anleitung bei Entfernung von HTTPS TIDSERV REQUEST 2

Slicerzero · 04.11.2010, 18:12

Hallo,
ich habe seit Gestern Probleme mit dem Rootkit HTTPS Tidserv 1&2.
Norton Meldet ständig,dass ein Computer versucht in meinen PC einzudringen.
Ich kenne mich nicht besonders mit Computern aus deshalb weiß ich echt nicht was ich machen soll.

Ich habe mal ein OTL Protokoll machen lassen,hoffe es hilft:

Danke schonmal

cosinus · 04.11.2010, 21:43

Hallo und

Wurde Malwarebytes schon ausgeführt? Wenn ja, bitte alle Logs posten.

Wenn noch nicht => Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Slicerzero · 04.11.2010, 23:10

Zitat:

Zitat von cosinus

Hallo und

Wurde Malwarebytes schon ausgeführt? Wenn ja, bitte alle Logs posten.

Wenn noch nicht => Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Gut,habe dann mal den Bericht:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 5046

Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

04.11.2010 23:07:17
mbam-log-2010-11-04 (23-07-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|)
Durchsuchte Objekte: 288832
Laufzeit: 49 Minute(n), 22 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

cosinus · 05.11.2010, 14:40

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
[2010.11.04 17:35:24 | 000,000,000 | R--D | C] -- C:\32788R22FWJFW
[2010.11.04 16:29:46 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Tific
[2010.10.19 00:25:30 | 000,000,000 | ---D | C] -- C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
[2010.10.17 15:11:52 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\SKIDROW
[2010.10.14 22:33:28 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
[2010.10.14 20:39:07 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2010.10.31 17:40:15 | 000,000,543 | ---- | C] () -- C:\Windows\NGO.cer
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Slicerzero · 05.11.2010, 17:38

so hab hier mal das Logfile

Können diese Rootkits eigentlich auch Passwörter auslesen?

All processes killed
========== OTL ==========
Error: Unable to stop service gdrv!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\gdrv deleted successfully.
C:\Windows\gdrv.sys moved successfully.
C:\32788R22FWJFW\N_ folder moved successfully.
C:\32788R22FWJFW\License folder moved successfully.
C:\32788R22FWJFW\EN-US folder moved successfully.
C:\32788R22FWJFW folder moved successfully.
C:\Users\Dustin\AppData\Roaming\Tific folder moved successfully.
C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP folder moved successfully.
C:\Users\Dustin\AppData\Local\SKIDROW\SAVES\1 folder moved successfully.
C:\Users\Dustin\AppData\Local\SKIDROW\SAVES folder moved successfully.
C:\Users\Dustin\AppData\Local\SKIDROW folder moved successfully.
C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP folder moved successfully.
File C:\Windows\gdrv.sys not found.
C:\Windows\NGO.cer moved successfully.
========== COMMANDS ==========
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dustin
->Temp folder emptied: 1967169 bytes
->Temporary Internet Files folder emptied: 2227800 bytes
->Java cache emptied: 1373639 bytes
->FireFox cache emptied: 14634602 bytes
->Google Chrome cache emptied: 99087712 bytes
->Flash cache emptied: 16978 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1290045 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4022636 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 43722325 bytes

Total Files Cleaned = 161,00 mb

OTL by OldTimer - Version 3.2.17.2 log created on 11052010_172402

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus · 05.11.2010, 21:21

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die Textbox.

Code:

ATTFilter

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf .
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Slicerzero · 05.11.2010, 23:53

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 05.11.2010 23:25:58 - Run 2
OTL by OldTimer - Version 3.2.17.2     Folder = C:\Users\Dustin\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 50,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,50 Gb Total Space | 729,53 Gb Free Space | 78,32% Space Free | Partition Type: NTFS
Drive D: | 4,06 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: DUSTIN-PC | User Name: Dustin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dustin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Windows\SysWOW64\XSrvSetup.exe ()
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
PRC - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dustin\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\4.3.0.5\ASOEHOOK.DLL (Symantec Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\4.3.0.5\Microsoft.VC90.CRT\MSVCR90.dll (Microsoft Corporation)
MOD - C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\4.3.0.5\Microsoft.VC90.CRT\MSVCP90.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (CGVPNCliSrvc) -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe (Symantec Corporation)
SRV - (JMB36X) -- C:\Windows\SysWOW64\XSrvSetup.exe ()
SRV - (BCUService) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe (DeviceVM, Inc.)
SRV - (ES lite Service) -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (libusb0) -- C:\Windows\SysNative\drivers\libusb0.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\DRIVERS\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\DRIVERS\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SYMTDIv) -- C:\Windows\SysNative\Drivers\N360x64\0403000.005\SYMTDIV.SYS (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\Ironx64.SYS (Symantec Corporation)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\DRIVERS\AppleCharger.sys ()
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\SYMEFA64.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\0403000.005\SRTSP64.SYS (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\SRTSPX64.SYS (Symantec Corporation)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek                                            )
DRV:64bit: - (ccHP) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ccHPx64.sys (Symantec Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\DRIVERS\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\SYMDS64.SYS (Symantec Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\DRIVERS\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\DRIVERS\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\DRIVERS\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20101103.001\IDSviA64.sys (Symantec Corporation)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101105.003\EX64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20101105.003\ENG64.SYS (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20101029.001\BHDrvx64.sys (Symantec Corporation)
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://start.icq.com/"
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: refspoof@mozdev.org:0.9.5
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010.10.16 19:40:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010.10.14 21:43:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.20 02:56:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.20 02:56:03 | 000,000,000 | ---D | M]
 
[2010.10.20 02:57:06 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Extensions
[2010.10.23 17:17:03 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\yl3ug7wn.default\extensions
[2010.10.20 02:57:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\yl3ug7wn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.23 17:17:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\yl3ug7wn.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.20 02:57:34 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\mozilla\Firefox\Profiles\yl3ug7wn.default\extensions\refspoof@mozdev.org
[2010.06.21 15:35:24 | 000,001,042 | ---- | M] () -- C:\Users\Dustin\AppData\Roaming\Mozilla\FireFox\Profiles\yl3ug7wn.default\searchplugins\icqplugin.xml
[2010.10.20 02:56:03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.12 21:24:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.12 21:24:52 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.12 21:24:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.12 21:24:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.12 21:24:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.11.05 17:25:04 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~3\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DS3 Tool] C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe (www.motioninjoy.com)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~3\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img18.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.08 19:04:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{dfbd9e46-d7f6-11df-8be5-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfbd9e46-d7f6-11df-8be5-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Run.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: klmdb.sys - Driver
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: klmdb.sys - Driver
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: klmdb.sys - Driver
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: klmdb.sys - Driver
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.05 18:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2010.11.05 17:24:02 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.11.04 17:45:11 | 000,576,000 | ---- | C] (OldTimer Tools) -- C:\Users\Dustin\Desktop\OTL.exe
[2010.11.04 16:42:49 | 001,329,752 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Dustin\Desktop\TDSSKiller.exe
[2010.11.04 15:01:53 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Malwarebytes
[2010.11.04 15:01:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.04 15:01:44 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.04 15:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.04 15:01:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.11.04 14:36:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.11.04 14:36:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.11.03 21:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Enigma Software Group
[2010.11.01 13:01:57 | 000,094,208 | ---- | C] (MediaTexX) -- C:\Windows\SysWow64\wmpuice.dll
[2010.11.01 13:01:57 | 000,069,632 | ---- | C] (CD Art Display) -- C:\Windows\cadSSaver.scr
[2010.11.01 13:01:57 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\CD Art Display
[2010.11.01 13:01:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Art Display
[2010.11.01 12:26:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxis
[2010.11.01 00:54:59 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\2K Games
[2010.10.31 18:51:05 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Documents\pcsx2
[2010.10.31 18:50:48 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\pcsx2
[2010.10.31 18:50:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 0.9.7
[2010.10.31 18:25:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.10.31 17:44:26 | 000,090,112 | ---- | C] (Saikeware Technology Co., Ltd. CHINA) -- C:\Windows\SysWow64\MijFrc.dll
[2010.10.31 17:44:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MotioninJoy
[2010.10.31 17:24:13 | 000,090,112 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2010.10.31 17:24:13 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\MotioninJoy
[2010.10.31 17:24:13 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2010.10.31 17:07:57 | 000,046,592 | ---- | C] (hxxp://libusb-win32.sourceforge.net) -- C:\Windows\SysWow64\libusb0.dll
[2010.10.31 13:36:47 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Desktop\Movies
[2010.10.28 18:20:12 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Cyberlink
[2010.10.28 18:20:07 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Documents\CyberLink
[2010.10.28 18:20:06 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\CyberLink
[2010.10.28 18:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.10.28 18:18:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010.10.28 18:16:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.10.28 18:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.10.23 17:17:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.10.23 17:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.10.23 17:16:54 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\ICQ
[2010.10.23 17:16:54 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\AOL
[2010.10.23 17:16:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.10.23 00:09:41 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\vlc
[2010.10.22 23:53:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.10.22 01:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.10.22 01:00:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.10.22 00:59:56 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.10.22 00:31:22 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\My Games
[2010.10.21 22:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Firaxis Games
[2010.10.20 02:56:47 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Mozilla
[2010.10.20 02:56:47 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Mozilla
[2010.10.20 02:56:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.10.19 20:19:40 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2010.10.19 20:19:22 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Logitech
[2010.10.19 20:15:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Logitech
[2010.10.19 20:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010.10.19 20:15:46 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010.10.17 14:43:19 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010.10.17 14:43:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2010.10.16 19:40:52 | 000,615,040 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys
[2010.10.16 19:40:52 | 000,505,392 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys
[2010.10.16 19:40:52 | 000,451,120 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys
[2010.10.16 19:40:52 | 000,433,200 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys
[2010.10.16 19:40:52 | 000,221,232 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys
[2010.10.16 19:40:52 | 000,150,064 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys
[2010.10.16 19:40:52 | 000,032,304 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys
[2010.10.16 19:40:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64\0403000.005
[2010.10.16 18:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sid Meier's Civilization V
[2010.10.16 15:34:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.10.16 15:01:10 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Adobe
[2010.10.16 14:59:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.10.16 14:59:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.10.16 14:01:14 | 000,029,696 | ---- | C] (The OpenVPN Project) -- C:\Windows\SysNative\drivers\tap0901.sys
[2010.10.16 14:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\S.A.D
[2010.10.16 13:54:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.10.16 00:57:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Projects
[2010.10.16 00:37:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.10.15 20:57:37 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\CAPCOM
[2010.10.15 18:14:49 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Unigine Heaven
[2010.10.15 18:14:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2010.10.15 17:47:08 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\My Games
[2010.10.15 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\WinRAR
[2010.10.15 11:17:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.10.15 11:16:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2010.10.15 02:53:28 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.10.15 02:09:28 | 000,000,000 | ---D | C] -- C:\Windows\Debug
[2010.10.15 02:01:38 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.10.15 01:55:32 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.10.15 01:30:51 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Documents\My Games
[2010.10.15 01:20:39 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\URTTEMP
[2010.10.15 01:07:48 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\CrashDumps
[2010.10.15 01:03:38 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2010.10.15 00:02:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2010.10.15 00:02:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2010.10.15 00:02:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2010.10.15 00:02:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2010.10.15 00:02:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2010.10.15 00:02:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2010.10.14 23:59:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2010.10.14 23:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.10.14 23:44:08 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\DAEMON Tools Lite
[2010.10.14 23:44:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.10.14 23:43:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2010.10.14 22:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oZone3D
[2010.10.14 22:48:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.10.14 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\NVIDIA
[2010.10.14 22:37:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Futuremark
[2010.10.14 22:34:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Futuremark Shared
[2010.10.14 22:33:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Futuremark
[2010.10.14 22:33:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010.10.14 22:10:59 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Downloaded Installations
[2010.10.14 22:06:45 | 000,021,480 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys
[2010.10.14 22:06:45 | 000,000,000 | ---D | C] -- C:\Programme\CPUID
[2010.10.14 21:43:31 | 000,000,000 | ---D | C] -- C:\Users\Dustin\Documents\Symantec
[2010.10.14 21:42:57 | 000,173,104 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.10.14 21:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.10.14 21:42:57 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2010.10.14 21:42:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.10.14 21:42:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\N360x64
[2010.10.14 21:42:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2010.10.14 21:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.10.14 21:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.10.14 21:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2010.10.14 21:41:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan
[2010.10.14 21:36:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.10.14 21:27:10 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Ashampoo
[2010.10.14 21:25:49 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\ashampoo
[2010.10.14 21:25:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010.10.14 21:25:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010.10.14 21:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010.10.14 21:05:33 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.10.14 21:04:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010.10.14 21:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.10.14 21:03:04 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.10.14 20:55:35 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Desktop\Programme
[2010.10.14 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Macromedia
[2010.10.14 20:46:19 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Adobe
[2010.10.14 20:44:32 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Google
[2010.10.14 20:44:15 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Deployment
[2010.10.14 20:44:15 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Apps
[2010.10.14 20:41:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2010.10.14 20:29:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2010.10.14 20:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2010.10.14 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\GIGABYTE
[2010.10.14 20:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NEC Electronics
[2010.10.14 20:27:19 | 001,976,944 | R--- | C] (Gigabyte Technology Corp.) -- C:\Windows\SysWow64\xRaidSetup.exe
[2010.10.14 20:27:19 | 000,000,000 | ---D | C] -- C:\RaidTool
[2010.10.14 20:26:16 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2010.10.14 20:25:26 | 000,323,104 | ---- | C] (Realtek                                            ) -- C:\Windows\SysNative\drivers\Rtlh64.sys
[2010.10.14 20:21:53 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.10.14 20:21:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010.10.14 20:21:24 | 002,719,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2010.10.14 20:21:23 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2010.10.14 20:21:23 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2010.10.14 20:21:23 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2010.10.14 20:21:23 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2010.10.14 20:21:16 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2010.10.14 20:21:16 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2010.10.14 20:21:16 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2010.10.14 20:21:16 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2010.10.14 20:21:15 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2010.10.14 20:21:15 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2010.10.14 20:21:12 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2010.10.14 20:21:12 | 000,325,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2010.10.14 20:21:08 | 000,331,168 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2010.10.14 20:21:07 | 001,325,328 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2010.10.14 20:21:07 | 001,178,384 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2010.10.14 20:21:07 | 000,489,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2010.10.14 20:21:07 | 000,474,896 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2010.10.14 20:21:07 | 000,315,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2010.10.14 20:21:07 | 000,268,560 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2010.10.14 20:21:06 | 001,110,800 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2010.10.14 20:21:06 | 000,265,488 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2010.10.14 20:21:06 | 000,123,664 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2010.10.14 20:21:06 | 000,123,152 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2010.10.14 20:21:06 | 000,122,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2010.10.14 20:21:05 | 000,504,592 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2010.10.14 20:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2010.10.14 20:21:03 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2010.10.14 20:20:36 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM
[2010.10.14 20:20:30 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.10.14 20:20:13 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.10.14 20:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gigabyte
[2010.10.14 20:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.10.14 20:13:00 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Searches
[2010.10.14 20:12:51 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Identities
[2010.10.14 20:12:49 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Contacts
[2010.10.14 20:12:48 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\VirtualStore
[2010.10.14 20:12:43 | 000,000,000 | --SD | C] -- C:\Users\Dustin\AppData\Roaming\Microsoft
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Videos
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Saved Games
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Pictures
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Music
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Links
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Favorites
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Downloads
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Documents
[2010.10.14 20:12:43 | 000,000,000 | R--D | C] -- C:\Users\Dustin\Desktop
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Vorlagen
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\AppData\Local\Verlauf
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\AppData\Local\Temporary Internet Files
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Startmenü
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\SendTo
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Recent
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Netzwerkumgebung
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Lokale Einstellungen
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Documents\Eigene Videos
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Documents\Eigene Musik
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Eigene Dateien
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Documents\Eigene Bilder
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Druckumgebung
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Cookies
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\AppData\Local\Anwendungsdaten
[2010.10.14 20:12:43 | 000,000,000 | -HSD | C] -- C:\Users\Dustin\Anwendungsdaten
[2010.10.14 20:12:43 | 000,000,000 | -H-D | C] -- C:\Users\Dustin\AppData
[2010.10.14 20:12:43 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Temp
[2010.10.14 20:12:43 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Local\Microsoft
[2010.10.14 20:12:43 | 000,000,000 | ---D | C] -- C:\Users\Dustin\AppData\Roaming\Media Center Programs
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.10.14 20:10:55 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.05 23:26:42 | 001,931,048 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\Cat.DB
[2010.11.05 22:49:00 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3885800547-797845674-2314314506-1000UA.job
[2010.11.05 21:49:00 | 000,001,070 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3885800547-797845674-2314314506-1000Core.job
[2010.11.05 21:32:00 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.05 21:32:00 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.05 17:37:18 | 001,474,308 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.05 17:37:18 | 000,638,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.05 17:37:18 | 000,604,566 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.05 17:37:18 | 000,131,012 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.05 17:37:18 | 000,107,898 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.05 17:32:35 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.11.05 17:32:35 | 000,037,013 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.11.05 17:31:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.05 17:25:04 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2010.11.04 18:09:18 | 000,037,257 | ---- | M] () -- C:\Users\Dustin\Desktop\OTL.zip
[2010.11.04 17:45:13 | 000,576,000 | ---- | M] (OldTimer Tools) -- C:\Users\Dustin\Desktop\OTL.exe
[2010.11.04 17:35:31 | 000,007,680 | ---- | M] () -- C:\Users\Dustin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.03 10:12:46 | 001,329,752 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Dustin\Desktop\TDSSKiller.exe
[2010.11.01 12:26:53 | 000,000,532 | ---- | M] () -- C:\Windows\eReg.dat
[2010.10.31 18:25:31 | 571,821,697 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.10.31 17:40:15 | 000,090,112 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2010.10.31 17:27:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.10.31 17:27:34 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010.10.31 17:27:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.19 20:19:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.10.19 20:18:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.10.18 16:58:18 | 000,228,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.10.17 14:43:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.10.16 13:50:23 | 001,475,582 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.15 15:13:50 | 095,330,403 | ---- | M] () -- C:\Users\Dustin\Desktop\Playboy - Die Schönsten Playmates des Playboy (Sonderaugabe Band 8).pdf
[2010.10.15 02:03:41 | 000,060,826 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.10.15 02:02:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.10.15 01:19:42 | 000,103,736 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.15 01:19:37 | 000,669,184 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.15 01:19:37 | 000,066,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.15 01:07:05 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2010.10.15 01:07:05 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2010.10.14 21:42:57 | 000,173,104 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2010.10.14 21:42:57 | 000,007,440 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.10.14 21:42:57 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.10.14 21:41:04 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.10.14 20:50:59 | 000,000,680 | ---- | M] () -- C:\Users\Dustin\AppData\Local\d3d9caps.dat
[2010.10.14 20:49:40 | 000,000,732 | ---- | M] () -- C:\Users\Dustin\AppData\Local\d3d9caps64.dat
[2010.10.14 20:49:40 | 000,000,552 | ---- | M] () -- C:\Users\Dustin\AppData\Local\d3d8caps.dat
[2010.10.14 20:24:07 | 000,000,010 | ---- | M] () -- C:\Windows\GSetup.ini
 
========== Files Created - No Company Name ==========
 
[2010.11.05 20:49:11 | 095,330,403 | ---- | C] () -- C:\Users\Dustin\Desktop\Playboy - Die Schönsten Playmates des Playboy (Sonderaugabe Band 8).pdf
[2010.11.04 18:09:18 | 000,037,257 | ---- | C] () -- C:\Users\Dustin\Desktop\OTL.zip
[2010.11.01 12:26:53 | 000,000,532 | ---- | C] () -- C:\Windows\eReg.dat
[2010.10.31 18:50:18 | 000,365,986 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistMSI4090.txt
[2010.10.31 18:50:17 | 000,011,248 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistUI4090.txt
[2010.10.31 18:25:31 | 571,821,697 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.10.31 17:27:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2010.10.31 17:27:34 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_01009.Wdf
[2010.10.31 17:27:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2010.10.31 17:27:13 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2010.10.31 17:07:57 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2010.10.19 20:19:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSBW_01_00_00.Wdf
[2010.10.19 20:18:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
[2010.10.19 00:25:24 | 000,360,212 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistMSI4952.txt
[2010.10.19 00:25:24 | 000,011,210 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistUI4952.txt
[2010.10.17 14:43:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010.10.17 12:18:55 | 001,931,048 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\Cat.DB
[2010.10.16 19:40:52 | 000,007,829 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.cat
[2010.10.16 19:40:52 | 000,007,787 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnetv64.cat
[2010.10.16 19:40:52 | 000,007,414 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.cat
[2010.10.16 19:40:52 | 000,007,410 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.cat
[2010.10.16 19:40:52 | 000,007,406 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.cat
[2010.10.16 19:40:52 | 000,007,402 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\iron.cat
[2010.10.16 19:40:52 | 000,007,368 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnet64.cat
[2010.10.16 19:40:52 | 000,007,358 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.cat
[2010.10.16 19:40:52 | 000,003,373 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa.inf
[2010.10.16 19:40:52 | 000,002,793 | R--- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds.inf
[2010.10.16 19:40:52 | 000,001,838 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.inf
[2010.10.16 19:40:52 | 000,001,473 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnetv.inf
[2010.10.16 19:40:52 | 000,001,445 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symnet.inf
[2010.10.16 19:40:52 | 000,001,437 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.inf
[2010.10.16 19:40:52 | 000,001,421 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.inf
[2010.10.16 19:40:52 | 000,000,771 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\iron.inf
[2010.10.16 19:40:36 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\N360x64\0403000.005\isolate.ini
[2010.10.16 18:39:27 | 000,013,008 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistUI2446.txt
[2010.10.15 21:33:02 | 000,007,680 | ---- | C] () -- C:\Users\Dustin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.15 17:45:20 | 000,595,606 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistMSI2CAF.txt
[2010.10.15 17:45:17 | 000,019,670 | ---- | C] () -- C:\Users\Dustin\AppData\Local\dd_vcredistUI2CAF.txt
[2010.10.15 10:59:59 | 002,608,861 | ---- | C] () -- C:\Windows\SysNative\wlan.tmf
[2010.10.15 02:02:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_00_00.Wdf
[2010.10.15 01:21:17 | 001,475,582 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.15 01:19:38 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.10.15 01:19:37 | 000,669,184 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.10.15 01:19:37 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.10.15 01:07:05 | 000,000,004 | ---- | C] () -- C:\Windows\SysWow64\GVTunner.ref
[2010.10.14 23:46:48 | 000,395,723 | ---- | C] () -- C:\Windows\SysNative\onex.tmf
[2010.10.14 23:46:46 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010.10.14 23:46:42 | 000,009,212 | ---- | C] () -- C:\Windows\SysWow64\RacUR.xml
[2010.10.14 23:46:42 | 000,009,212 | ---- | C] () -- C:\Windows\SysNative\RacUR.xml
[2010.10.14 23:46:41 | 000,000,153 | ---- | C] () -- C:\Windows\SysWow64\RacUREx.xml
[2010.10.14 23:46:41 | 000,000,153 | ---- | C] () -- C:\Windows\SysNative\RacUREx.xml
[2010.10.14 23:46:36 | 000,471,992 | ---- | C] () -- C:\Windows\SysNative\dot3.tmf
[2010.10.14 23:46:32 | 000,700,507 | ---- | C] () -- C:\Windows\SysNative\eaphost.tmf
[2010.10.14 23:46:32 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\EhStorAuthn.dll
[2010.10.14 23:46:32 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010.10.14 23:46:28 | 011,967,524 | ---- | C] () -- C:\Windows\SysWow64\korwbrkr.lex
[2010.10.14 23:46:28 | 011,967,524 | ---- | C] () -- C:\Windows\SysNative\korwbrkr.lex
[2010.10.14 23:46:11 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010.10.14 23:46:11 | 000,107,612 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchema.bin
[2010.10.14 23:46:11 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2010.10.14 23:46:11 | 000,018,904 | ---- | C] () -- C:\Windows\SysNative\StructuredQuerySchemaTrivial.bin
[2010.10.14 23:46:10 | 000,262,552 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2010.10.14 23:46:06 | 000,207,968 | ---- | C] () -- C:\Windows\SysNative\WFP.TMF
[2010.10.14 23:46:03 | 000,092,918 | ---- | C] () -- C:\Windows\SysWow64\slmgr.vbs
[2010.10.14 23:46:03 | 000,092,918 | ---- | C] () -- C:\Windows\SysNative\slmgr.vbs
[2010.10.14 23:46:03 | 000,009,239 | ---- | C] () -- C:\Windows\SysWow64\spcinstrumentation.man
[2010.10.14 23:46:03 | 000,009,239 | ---- | C] () -- C:\Windows\SysNative\spcinstrumentation.man
[2010.10.14 21:42:57 | 000,007,440 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2010.10.14 21:42:57 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2010.10.14 21:41:03 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2010.10.14 21:08:21 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.14 21:08:21 | 000,037,013 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.10.14 20:49:40 | 000,000,552 | ---- | C] () -- C:\Users\Dustin\AppData\Local\d3d8caps.dat
[2010.10.14 20:49:39 | 000,000,680 | ---- | C] () -- C:\Users\Dustin\AppData\Local\d3d9caps.dat
[2010.10.14 20:44:33 | 000,001,122 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3885800547-797845674-2314314506-1000UA.job
[2010.10.14 20:44:33 | 000,001,070 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3885800547-797845674-2314314506-1000Core.job
[2010.10.14 20:39:42 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2010.10.14 20:28:11 | 000,031,272 | ---- | C] () -- C:\Windows\SysNative\AppleChargerSrv.exe
[2010.10.14 20:28:11 | 000,021,544 | ---- | C] () -- C:\Windows\SysNative\drivers\AppleCharger.sys
[2010.10.14 20:27:19 | 000,072,304 | R--- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2010.10.14 20:25:26 | 000,074,272 | ---- | C] () -- C:\Windows\SysNative\RtNicProp64.dll
[2010.10.14 20:19:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.10.14 20:12:44 | 000,000,732 | ---- | C] () -- C:\Users\Dustin\AppData\Local\d3d9caps64.dat
[2008.01.21 03:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
 
========== LOP Check ==========
 
[2010.10.14 21:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Ashampoo
[2010.11.01 13:01:57 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\CD Art Display
[2010.10.15 01:08:05 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\DAEMON Tools Lite
[2010.11.05 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\ICQ
[2010.10.31 17:24:13 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\MotioninJoy
[2010.10.22 00:31:22 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\My Games
[2010.11.05 17:25:33 | 000,026,858 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.16 15:01:10 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Adobe
[2010.10.14 21:27:15 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Ashampoo
[2010.11.01 13:01:57 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\CD Art Display
[2010.10.28 18:20:08 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\CyberLink
[2010.10.15 01:08:05 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\DAEMON Tools Lite
[2010.11.05 17:33:10 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\ICQ
[2010.10.14 20:12:51 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Identities
[2010.10.14 20:46:19 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Macromedia
[2010.11.04 15:01:53 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Media Center Programs
[2010.10.31 16:53:04 | 000,000,000 | --SD | M] -- C:\Users\Dustin\AppData\Roaming\Microsoft
[2010.10.31 17:24:13 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\MotioninJoy
[2010.10.20 02:57:06 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\Mozilla
[2010.10.22 00:31:22 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\My Games
[2010.10.14 22:44:33 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\NVIDIA
[2010.10.23 00:10:02 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\vlc
[2010.10.16 00:37:47 | 000,000,000 | ---D | M] -- C:\Users\Dustin\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 03:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.01.21 03:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.10 23:15:02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 10:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINXP\system32\dllcache\eventlog.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 03:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 10:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINXP\system32\dllcache\netlogon.dll
[2008.01.21 03:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.10 22:28:24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.10 23:11:18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 03:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2008.01.21 03:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 03:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 03:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2008.04.14 10:00:00 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINXP\system32\dllcache\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.10 22:28:26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.10 23:11:24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 03:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008.01.21 03:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2008.04.14 10:00:00 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINXP\system32\dllcache\user32.dll
[2009.04.10 22:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.10 22:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.10 22:26:46 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009.04.10 23:11:28 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 03:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.04.14 10:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINXP\system32\dllcache\userinit.exe
[2008.01.21 03:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008.01.21 03:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2008.01.21 03:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.10 23:11:10 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 03:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.10 22:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.10 22:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.10 22:28:14 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008.04.14 10:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINXP\system32\dllcache\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.04.14 10:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINXP\system32\dllcache\ws2ifsl.sys
[2008.01.21 03:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.13 16:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll

< End of report >

--- --- ---

cosinus · 06.11.2010, 15:58

Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

04.11.2010, 21:43	#2
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Brauche Anleitung bei Entfernung von HTTPS TIDSERV REQUEST 2 Hallo und Wurde Malwarebytes schon ausgeführt? Wenn ja, bitte alle Logs posten. Wenn noch nicht => Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! __________________ __________________

06.11.2010, 15:58	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Brauche Anleitung bei Entfernung von HTTPS TIDSERV REQUEST 2 Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!! __________________ Logfiles bitte immer in CODE-Tags posten

Brauche Anleitung bei Entfernung von HTTPS TIDSERV REQUEST 2

Plagegeister aller Art und deren Bekämpfung: Brauche Anleitung bei Entfernung von HTTPS TIDSERV REQUEST 2