OTL Logfile: Code:
OTL logfile created on: 20.06.2011 17:33:23 - Run 2
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Marv\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 5,98 Gb Available Physical Memory | 74,70% Memory free
16,00 Gb Paging File | 13,70 Gb Available in Paging File | 85,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 326,79 Gb Free Space | 35,09% Space Free | Partition Type: NTFS
Computer Name: MARV-PC | User Name: Marv | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.06.19 18:41:18 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Marv\Downloads\OTL.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.04.30 02:11:27 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.04.25 12:57:39 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
PRC - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
PRC - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
PRC - [2011.04.01 11:14:34 | 000,922,120 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
PRC - [2011.01.20 11:20:12 | 001,305,408 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.06 04:04:24 | 000,310,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2009.10.15 19:21:18 | 001,630,208 | ---- | M] (INTELLINET NETWORK SOLUTIONS) -- C:\Program Files (x86)\INTELLINET\Common\INTELLINET_UI.exe
PRC - [2009.10.06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe
PRC - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
========== Modules (SafeList) ==========
MOD - [2011.06.19 18:41:18 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Marv\Downloads\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 12:55:58 | 000,019,456 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\wlms\wlms.exe -- (WLMS)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.06.15 03:18:36 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_e877e12.dll -- (Akamai)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.02 23:08:54 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.04.25 12:57:39 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.04.21 20:51:37 | 000,023,680 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2011.04.01 11:16:44 | 000,353,288 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan)
SRV - [2011.04.01 11:16:02 | 000,409,608 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe -- (AVKService)
SRV - [2011.04.01 11:15:58 | 001,430,024 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy)
SRV - [2011.04.01 03:29:34 | 001,923,800 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlX64.exe -- (AVKWCtl)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.10.06 11:57:44 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\INTELLINET\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009.10.06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\INTELLINET\Common\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2009.07.14 12:28:00 | 000,239,648 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.06.16 13:54:32 | 000,059,256 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)
DRV:64bit: - [2011.06.16 13:54:30 | 000,110,456 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)
DRV:64bit: - [2011.06.16 13:54:30 | 000,051,576 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)
DRV:64bit: - [2011.06.16 13:54:30 | 000,050,040 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)
DRV:64bit: - [2011.06.16 13:54:29 | 000,063,864 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)
DRV:64bit: - [2011.06.16 05:09:45 | 000,106,488 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD)
DRV:64bit: - [2011.06.16 04:57:49 | 000,031,448 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GdNetMon64.sys -- (GdNetMon)
DRV:64bit: - [2011.04.15 13:32:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.13 14:08:45 | 000,310,984 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.04.13 13:44:37 | 000,042,696 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.09.23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.08.12 12:07:50 | 000,350,952 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010.04.19 19:29:18 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2009.10.06 11:57:32 | 000,737,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009.07.17 01:51:54 | 000,028,192 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvamacpi.sys -- (nvamacpi)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:48 | 000,378,368 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL85n64.sys -- (RTL85n64)
DRV:64bit: - [2009.06.10 22:35:46 | 000,416,768 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8187B.sys -- (RTL8187B) RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A0 44 D9 91 20 F9 CB 01 [binary data]
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.19 04:54:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2011.06.16 20:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marv\AppData\Roaming\mozilla\Extensions
[2011.06.19 17:34:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marv\AppData\Roaming\mozilla\Firefox\Profiles\1j5fbsez.default\extensions
[2011.06.16 04:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.06.16 04:57:57 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\mozilla firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
[2011.05.13 23:16:55 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
File not found (No name found) --
File not found (No name found) -- C:\USERS\MARV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1J5FBSEZ.DEFAULT\EXTENSIONS\{0B457CAA-602D-484A-8FE7-C1D894A011BA}
File not found (No name found) -- C:\USERS\MARV\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\1J5FBSEZ.DEFAULT\EXTENSIONS\DTTOOLBAR@TOOLBARNET.COM
[2011.04.30 02:11:26 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (BHO) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)
O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIEx64.dll (G Data Software AG)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\AntiVirus\WebFilter\AVKWebIE.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3:64bit: - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\S-1-5-21-4054701933-1526054091-29304953-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4054701933-1526054091-29304953-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-4054701933-1526054091-29304953-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4054701933-1526054091-29304953-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-4054701933-1526054091-29304953-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{de8069d8-6735-11e0-9d94-0022684c63a8}\Shell - "" = AutoRun
O33 - MountPoints2\{de8069d8-6735-11e0-9d94-0022684c63a8}\Shell\AutoRun\command - "" = J:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.06.20 16:10:16 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{2FF727E9-7B43-45B1-B55D-05EEF2F28A1E}
[2011.06.19 17:37:10 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C2D086C9-0093-4AFA-B69C-2EAEC8453DDD}
[2011.06.19 17:22:43 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{A0B30B9D-A1CC-4F82-9986-3576177E5F6D}
[2011.06.19 04:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.06.19 04:11:32 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.06.19 04:11:31 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.06.19 04:11:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.06.19 03:57:42 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{8BB2F2A2-271C-4C2A-BF4C-559B900F65B7}
[2011.06.19 01:42:41 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C02F541C-D9E7-4D92-9FF4-1F864DB66DC5}
[2011.06.19 01:32:38 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\TeamViewer
[2011.06.19 01:15:52 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{011423E2-1D4B-4BCD-8962-64891C4BBE7A}
[2011.06.19 00:52:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011.06.19 00:07:35 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{D435A70C-CCC2-4018-80A6-9D87669ABFD7}
[2011.06.18 23:57:45 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{1B156BE0-2A83-483C-8310-B7C6FE9EA36E}
[2011.06.18 00:36:13 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C0694D56-E7E6-4CA9-A551-B2A11DFF1354}
[2011.06.17 16:50:02 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C4756C09-65C6-4B9D-BC99-71509C93DCCD}
[2011.06.17 12:49:05 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{4CB64068-E027-48BC-9EED-A762E8BDDC92}
[2011.06.16 21:29:14 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C43535C0-1A51-46FA-AE84-E119E0386831}
[2011.06.16 18:49:57 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{26235336-0253-4354-BEA3-D97B050C8D9F}
[2011.06.16 14:26:44 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\QuickScan
[2011.06.16 05:09:44 | 000,106,488 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.06.16 05:09:15 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\G DATA
[2011.06.16 05:07:53 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{2B23EA07-05B5-45B0-837B-B442AA4BF702}
[2011.06.16 04:58:31 | 000,059,256 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.06.16 04:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data AntiVirus 2012
[2011.06.16 04:57:52 | 000,051,576 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2011.06.16 04:57:51 | 000,110,456 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.06.16 04:57:51 | 000,050,040 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.06.16 04:57:49 | 000,031,448 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2011.06.16 04:57:44 | 000,063,864 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.06.16 04:57:14 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2011.06.16 04:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\G Data
[2011.06.16 04:57:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\G Data
[2011.06.16 04:53:02 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\Downloaded Installations
[2011.06.16 04:13:18 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011.06.16 04:13:18 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011.06.16 04:13:17 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.06.16 04:13:17 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.06.16 04:13:00 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.06.16 04:06:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Ralink
[2011.06.16 04:06:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\INTELLINET WLAN
[2011.06.16 04:05:32 | 000,737,792 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\drivers\netr28x.sys
[2011.06.16 04:05:32 | 000,305,152 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2011.06.16 04:05:05 | 002,056,192 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RaCertMgr.dll
[2011.06.16 04:05:05 | 001,585,152 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RaCertMgr.dll
[2011.06.16 04:05:05 | 001,055,232 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAIHV.dll
[2011.06.16 04:05:05 | 001,055,232 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAIHV.dll
[2011.06.16 04:05:05 | 000,104,448 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysWow64\RAEXTUI.dll
[2011.06.16 04:05:05 | 000,104,448 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\SysNative\RAEXTUI.dll
[2011.06.16 04:05:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\INTELLINET
[2011.06.16 04:04:29 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\InstallShield
[2011.06.16 03:58:18 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{ADC46A1D-BDF3-4B97-B4F4-039465E15AAC}
[2011.06.16 03:18:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.06.16 03:17:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.06.16 03:17:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011.06.16 02:38:56 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\Malwarebytes
[2011.06.16 02:38:39 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.06.16 02:38:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.16 02:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.16 02:38:35 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.06.16 02:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.06.15 15:08:09 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{19A5B99D-ADE5-40BD-87E8-39DD92706209}
[2011.06.15 01:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.06.15 01:13:05 | 004,223,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NVStWiz.exe
[2011.06.15 01:12:24 | 000,207,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerit.dll
[2011.06.15 01:12:24 | 000,207,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerfr.dll
[2011.06.15 01:12:24 | 000,206,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerptb.dll
[2011.06.15 01:12:24 | 000,206,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServernl.dll
[2011.06.15 01:12:24 | 000,205,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerru.dll
[2011.06.15 01:12:24 | 000,205,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServersv.dll
[2011.06.15 01:12:24 | 000,205,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerno.dll
[2011.06.15 01:12:24 | 000,205,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerfi.dll
[2011.06.15 01:12:24 | 000,199,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerko.dll
[2011.06.15 01:12:24 | 000,199,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerja.dll
[2011.06.15 01:12:24 | 000,198,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerzht.dll
[2011.06.15 01:12:24 | 000,197,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerzhc.dll
[2011.06.15 01:12:23 | 001,524,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFC71.dll
[2011.06.15 01:12:23 | 001,513,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFC71u.dll
[2011.06.15 01:12:23 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVCP71.dll
[2011.06.15 01:12:23 | 000,843,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServer.dll
[2011.06.15 01:12:23 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSVCR71.dll
[2011.06.15 01:12:23 | 000,291,872 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvraidservice.exe
[2011.06.15 01:12:23 | 000,208,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServeres.dll
[2011.06.15 01:12:23 | 000,207,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerde.dll
[2011.06.15 01:12:23 | 000,206,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServeresm.dll
[2011.06.15 01:12:23 | 000,205,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerda.dll
[2011.06.15 01:12:23 | 000,204,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServerenu.dll
[2011.06.15 01:12:23 | 000,204,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidServereng.dll
[2011.06.15 01:12:23 | 000,181,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardde.dll
[2011.06.15 01:12:23 | 000,178,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardfr.dll
[2011.06.15 01:12:23 | 000,178,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardes.dll
[2011.06.15 01:12:23 | 000,177,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardit.dll
[2011.06.15 01:12:23 | 000,177,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardesm.dll
[2011.06.15 01:12:23 | 000,176,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardptb.dll
[2011.06.15 01:12:23 | 000,175,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardnl.dll
[2011.06.15 01:12:23 | 000,174,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardru.dll
[2011.06.15 01:12:23 | 000,173,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardno.dll
[2011.06.15 01:12:23 | 000,172,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardsv.dll
[2011.06.15 01:12:23 | 000,171,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardfi.dll
[2011.06.15 01:12:23 | 000,171,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardda.dll
[2011.06.15 01:12:23 | 000,169,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardenu.dll
[2011.06.15 01:12:23 | 000,169,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardeng.dll
[2011.06.15 01:12:23 | 000,154,656 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardja.dll
[2011.06.15 01:12:23 | 000,154,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardko.dll
[2011.06.15 01:12:23 | 000,149,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardzht.dll
[2011.06.15 01:12:23 | 000,148,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizardzhc.dll
[2011.06.15 01:12:23 | 000,067,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvfr.dll
[2011.06.15 01:12:23 | 000,067,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSves.dll
[2011.06.15 01:12:23 | 000,066,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvit.dll
[2011.06.15 01:12:23 | 000,066,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvesm.dll
[2011.06.15 01:12:23 | 000,066,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvde.dll
[2011.06.15 01:12:23 | 000,066,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvptb.dll
[2011.06.15 01:12:23 | 000,066,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvnl.dll
[2011.06.15 01:12:23 | 000,065,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvfi.dll
[2011.06.15 01:12:23 | 000,064,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvsv.dll
[2011.06.15 01:12:23 | 000,064,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvru.dll
[2011.06.15 01:12:23 | 000,064,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvno.dll
[2011.06.15 01:12:23 | 000,064,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvda.dll
[2011.06.15 01:12:23 | 000,064,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvenu.dll
[2011.06.15 01:12:23 | 000,064,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSveng.dll
[2011.06.15 01:12:23 | 000,060,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvja.dll
[2011.06.15 01:12:23 | 000,059,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvko.dll
[2011.06.15 01:12:23 | 000,058,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvzht.dll
[2011.06.15 01:12:23 | 000,058,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidSvzhc.dll
[2011.06.15 01:12:22 | 000,768,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvRaidWizard.dll
[2011.06.15 01:10:58 | 000,660,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2011.06.14 13:37:31 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{52972706-9E35-4AD4-93FA-4393C97E6F04}
[2011.06.14 09:21:48 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\2DBoy
[2011.06.14 09:21:48 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2011.06.14 01:36:43 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{0921AF55-CEAF-41A5-820B-BA6A23DDE9CB}
[2011.06.14 00:47:53 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011.06.13 13:36:18 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{D6DD773D-CDAB-4AFA-AA62-A4298B4EA401}
[2011.06.13 00:02:23 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{D132FA84-74C8-44DB-8EDE-15FD3220E1B0}
[2011.06.12 19:20:04 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{81C8A6D9-BD48-486A-A7F9-301D13EDA250}
[2011.06.12 15:36:49 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{120725A4-E0C4-463A-92F7-85AF1CECBD59}
[2011.06.11 19:23:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria
[2011.06.11 14:23:03 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{71C2D2D8-B44B-4A5D-B161-F26B6A596E27}
[2011.06.11 00:23:02 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{A827A383-244D-4775-A338-204526D16B35}
[2011.06.10 18:13:20 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{37C1F088-E64A-4AF7-B3AC-9D6D72D39130}
[2011.06.10 13:15:42 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{9C60E4F6-D35D-4056-8AB2-B15E1675E09E}
[2011.06.09 13:05:08 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{3B93D978-D2DA-4D2B-8E9D-F3C3C2ED657C}
[2011.06.09 00:15:21 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{BEE6A968-262C-43C9-B19D-72B4E0170507}
[2011.06.08 12:14:46 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{12C65AB2-52B3-4575-95B9-F539CBE1E51C}
[2011.06.07 15:26:24 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{F0638587-26D8-4CB3-A1EF-1C5B4EC2E048}
[2011.06.07 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{86CEAD3C-C3F2-4107-B124-6326D82BEDE2}
[2011.06.07 01:16:05 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{43AFFBCE-F77F-4BDD-AF5D-290CE660C341}
[2011.06.06 12:17:08 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{4B0CE43F-E9E6-4E13-A06F-1B64458A4C6B}
[2011.06.05 14:19:54 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{C6B9328B-8A29-461A-9046-6FE7DF4A44D9}
[2011.06.04 22:30:05 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{FCA4095F-F59E-4ED5-AF40-73C50C6BDD04}
[2011.06.04 20:27:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2011.06.04 20:04:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.06.04 13:22:38 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{364144AE-65EA-4AB7-B251-DC218048816A}
[2011.06.04 00:22:12 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011.06.04 00:22:07 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\TeamSpeak 3 Client
[2011.06.03 23:09:59 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.03 13:51:33 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{D4ED5B7A-678A-433F-86EE-BD21F612AC84}
[2011.06.02 19:50:10 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{91649A46-6862-4195-8EA8-C32B641FA11D}
[2011.06.02 19:08:02 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{6CF46567-AA34-4DD8-8C8D-7DA85E82394D}
[2011.06.02 00:17:32 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{935B9F68-E98E-463A-AE9B-D19251F37102}
[2011.06.01 12:17:06 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{286499DE-C9E8-4D8E-B165-E1BF4DA1EC2F}
[2011.05.31 17:04:42 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2011.05.31 17:04:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.05.31 17:04:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011.05.31 16:35:12 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\CrashRpt
[2011.05.31 16:22:51 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2011.05.31 16:22:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2011.05.31 14:30:37 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{685FCD85-B6E1-4953-8E7E-419EB28DE869}
[2011.05.31 14:03:51 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{38530B51-1783-48B7-B6E6-7D5E67A55C62}
[2011.05.31 13:58:55 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{AEEA0BD4-6A16-4EF6-AF67-262433671AC5}
[2011.05.30 23:15:09 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Joymax
[2011.05.30 20:27:45 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{F25F2656-D22A-46EF-9959-90C732E9B9A2}
[2011.05.30 20:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2011.05.30 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2011.05.30 19:54:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SplitMediaLabs
[2011.05.30 18:44:42 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{EF822932-0262-46D3-AD36-4AB6DA8D78B7}
[2011.05.30 13:30:36 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{F4001A72-E20B-492E-A85C-932536809825}
[2011.05.29 13:42:32 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{A6640E38-D1C3-494C-8824-5A02109F3694}
[2011.05.29 00:25:02 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{20DA0D1C-BE26-488A-AC89-1C90032F6CE1}
[2011.05.28 16:54:56 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\go
[2011.05.28 12:22:30 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{13468C23-BF09-47F0-BA88-A13D411A889F}
[2011.05.27 13:57:10 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{53149C52-FB04-4414-A5A0-A1A91DCCB27D}
[2011.05.26 21:00:32 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{50BBF83F-9159-48E5-A1F8-F0498787DD0B}
[2011.05.25 21:30:02 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys
[2011.05.25 21:22:26 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{378A6A68-FE66-491A-BD87-8BFF40414739}
[2011.05.25 13:16:24 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{A27107D3-6830-4EF3-8544-144633105BE1}
[2011.05.25 11:18:10 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{17D67CA0-D11A-444B-8F59-CB4013A6F6C7}
[2011.05.24 23:09:50 | 000,000,000 | ---D | C] -- C:\Users\Marv\Documents\VirtualDJ
[2011.05.24 15:35:16 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{50F42A6C-BDD6-40D4-AC69-02E696313C3A}
[2011.05.23 14:39:18 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria
[2011.05.23 14:39:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Terraria
[2011.05.23 13:35:16 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{F31469E6-67F7-43C7-A6D1-EE891EEEAE0E}
[2011.05.22 16:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft XNA
[2011.05.22 12:57:38 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{1649E34C-1722-4F97-B0ED-A71162C6A037}
[2011.05.22 00:21:38 | 000,000,000 | ---D | C] -- C:\Users\Marv\AppData\Local\{825D2856-7B1F-4DF7-9146-3F05DB255323}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.06.20 16:16:54 | 000,320,485 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2011.06.20 16:16:54 | 000,030,245 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2011.06.20 16:14:50 | 000,015,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.20 16:14:50 | 000,015,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.20 16:08:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.20 16:08:48 | 2146,873,343 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.19 04:12:03 | 000,001,803 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.06.16 14:32:51 | 000,000,036 | ---- | M] () -- C:\Users\Marv\AppData\Local\housecall.guid.cache
[2011.06.16 13:54:32 | 000,059,256 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.06.16 13:54:30 | 000,110,456 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.06.16 13:54:30 | 000,051,576 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2011.06.16 13:54:30 | 000,050,040 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.06.16 13:54:29 | 000,063,864 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.06.16 05:09:45 | 000,106,488 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.06.16 05:02:08 | 004,972,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.16 04:57:49 | 000,031,448 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GdNetMon64.sys
[2011.06.16 04:57:25 | 000,002,105 | ---- | M] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2011.06.16 04:34:11 | 001,634,396 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.16 04:34:11 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.16 04:34:11 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.16 04:34:11 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.16 04:34:11 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.16 04:06:28 | 000,002,111 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\INTELLINET NETWORK SOLUTIONS Wireless Utility.lnk
[2011.06.16 02:38:39 | 000,001,129 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.14 00:57:50 | 000,001,066 | ---- | M] () -- C:\Users\Marv\Desktop\VirtualDJ Home FREE.lnk
[2011.06.13 22:51:08 | 000,005,632 | ---- | M] () -- C:\Users\Marv\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.11 00:23:36 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.08 01:56:58 | 000,189,072 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.06.08 01:56:58 | 000,189,072 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.08 01:53:11 | 000,189,072 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.28 21:46:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2011.05.23 00:42:14 | 001,575,984 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.06.19 04:12:03 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.06.19 04:06:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.16 14:32:51 | 000,000,036 | ---- | C] () -- C:\Users\Marv\AppData\Local\housecall.guid.cache
[2011.06.16 11:11:17 | 000,320,485 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2011.06.16 11:11:17 | 000,030,245 | ---- | C] () -- C:\Windows\SysWow64\nmp.map
[2011.06.16 04:57:25 | 000,002,105 | ---- | C] () -- C:\Users\Public\Desktop\G Data AntiVirus.lnk
[2011.06.16 04:06:28 | 000,002,111 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\INTELLINET NETWORK SOLUTIONS Wireless Utility.lnk
[2011.06.16 04:05:33 | 000,013,931 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2011.06.16 04:05:33 | 000,013,931 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2011.06.16 02:38:39 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.15 01:12:23 | 000,000,538 | ---- | C] () -- C:\Windows\SysNative\RegRaidSedona.bat
[2011.06.15 01:12:22 | 000,007,052 | ---- | C] () -- C:\Windows\SysNative\nvide.nvu
[2011.06.14 00:57:50 | 000,001,066 | ---- | C] () -- C:\Users\Marv\Desktop\VirtualDJ Home FREE.lnk
[2011.05.28 21:46:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2011.05.22 16:51:41 | 001,575,984 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.27 13:04:42 | 000,088,943 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.04.18 20:59:18 | 000,005,632 | ---- | C] () -- C:\Users\Marv\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.13 13:13:31 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.04.12 21:20:06 | 000,189,072 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.12 21:20:05 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.12 19:40:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
========== LOP Check ==========
[2011.06.02 23:00:51 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\.minecraft
[2011.05.03 17:21:26 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.04.15 13:34:26 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 21:57:24 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.04 14:54:12 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\FireShot
[2011.05.31 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\go
[2011.05.20 16:12:19 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\gtk-2.0
[2011.04.14 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Hi-Rez Studios
[2011.04.12 21:20:04 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\PunkBuster
[2011.06.16 14:26:53 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\QuickScan
[2011.06.19 01:32:38 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\TeamViewer
[2011.04.27 03:55:25 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Teeworlds
[2011.06.10 01:00:01 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\TS3Client
[2011.04.25 12:57:09 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Ubisoft
[2011.06.16 03:57:17 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.06.02 23:00:51 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\.minecraft
[2011.05.04 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Adobe
[2011.04.18 21:38:32 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Apple Computer
[2011.05.03 17:21:26 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.04.15 13:34:26 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\DAEMON Tools Lite
[2011.04.20 21:57:24 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.04 14:54:12 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\FireShot
[2011.05.31 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\go
[2011.05.20 16:12:19 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\gtk-2.0
[2011.04.14 17:07:27 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Hi-Rez Studios
[2011.04.12 15:49:45 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Identities
[2011.06.16 04:04:29 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\InstallShield
[2011.04.12 16:51:44 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Macromedia
[2011.06.16 02:38:56 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Malwarebytes
[2009.07.14 13:16:50 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Media Center Programs
[2011.06.14 00:57:50 | 000,000,000 | --SD | M] -- C:\Users\Marv\AppData\Roaming\Microsoft
[2011.06.19 04:53:28 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Mozilla
[2011.04.15 14:42:09 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\NVIDIA
[2011.04.12 21:20:04 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\PunkBuster
[2011.06.16 14:26:53 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\QuickScan
[2011.06.20 16:12:12 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Skype
[2011.06.20 16:09:36 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\skypePM
[2011.06.19 01:32:38 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\TeamViewer
[2011.04.27 03:55:25 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Teeworlds
[2011.06.10 01:00:01 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\TS3Client
[2011.04.25 12:57:09 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\Ubisoft
[2011.04.12 20:51:16 | 000,000,000 | ---D | M] -- C:\Users\Marv\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2011.05.03 17:21:05 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Marv\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.02.17 22:39:13 | 000,835,440 | R--- | M] () -- C:\Users\Marv\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\system64\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\system64\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\system64\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\system64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\system64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTORV.SYS >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\system64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\system64\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\system64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\system64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\system64\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\system64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\system64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\system64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\system64\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\system64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\system64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\system64\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point
< End of report >
--- --- --- |
